Updated on 2023-04-13 GMT+08:00
Scenarios
Constraint
- The CFW ALG tag function is restricted.
- By default, the network-layer defense against DDoS attacks and IP spoofing is disabled on CFW.
- Domain name protection depends on the DNS server you configure. The IP address of a default server may be incorrectly resolved. You are advised to use a custom server.
- To use CFW persistent connections, enable a bidirectional out-of-path policy. If you only enable a unidirectional policy, the client will need to re-initiate connections in certain scenarios, such as enabling or disabling protection, and expanding engine capacities. You are advised to submit a service ticket for risks assessment.
External Intrusion Prevention
You can use CFW to perform security stocktaking on service assets accessible to the public network and enable intrusion detection and prevention in one click.
Control Over Server Originated Traffic
Implement domain-based precise control over server originated traffic.
Feedback
Was this page helpful?
Provide feedback
Thank you very much for your feedback. We will continue working to improve the
documentation.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
