What's New

Updated on 2024/12/24 GMT+08:00

The tables below describe the functions released in each Cloud Firewall version and corresponding documentation updates. New features will be successively launched in each region.

July 2024

No.

Feature

Description

Phase

Document

1

DNAT protection

CFW can protect DNAT traffic.

Commercial use

Adding a Protection Rule

2

Schedule

You can configure schedules to make protection rules take effect only within the specified time range.

Commercial use

Schedule

3

VPC border protection based on domain names

Added domain name access control in VPC border protection.

Commercial use

VPC Border Protection Rules

March 2024

No.

Feature

Description

Phase

Document

1

Alarm notification for abnormal external connections

CFW allows you to set alarm notifications for abnormal external connections. If an abnormal IP address or domain name is detected, an alarm notification is sent.

Commercial use

Alarm Notification

2

Security reports

CFW can generate daily, weekly, or user-defined security reports based on the log report template you created, and send the reports in the specified mode within the specified period.

Commercial use

Security Reports

December 2023

No.

Feature

Description

Phase

Document

1

Pre-defined service groups

CFW provides predefined service groups, including Web Service, Database, and Remote Login and Ping, to help you quickly configure protection policies in different scenarios.

Commercial use

Viewing a Predefined Service Group

2

Pre-defined address groups

CFW provides you with predefined address groups, including NAT64 Address Set and WAF_Back-to-Source_IP_Addresses, to help you quickly obtain the back-to-source IP addresses to be allowed.

Commercial use

Viewing a Predefined Address Group

November 2023

No.

Feature

Description

Phase

Document

1

Notification of unprotected EIPs

You can get notified of unprotected EIPs after you enable this alarm notification item.

Commercial use

Alarm Notification

2

Auto protection on new EIPs

After auto protection on new EIPs is enabled, protection will be automatically enabled for new EIPs, and the EIP traffic will pass through and be protected by the firewall.

Commercial use

Viewing EIP Information

3

Security dashboard

The security dashboard displays the high-frequency attacks blocked by IPS. You can check the IPS defense status and adjust IPS defense actions in a timely manner.

Commercial use

Security Dashboard

4

Optimized traffic analysis page

Added visualized information about top N inbound, outbound, and inter-VPC traffic statistics on the traffic analysis page.

Commercial use

Traffic Analysis

5

Security Dashboard

You can use the policy assistant to quickly check protection rule hits and adjust rules in a timely manner.

Commercial use

Policy Assistant

6

Optimized Dashboard page

Optimized the display of traffic statistics and added traffic trends on the Dashboard page.

Commercial use

CFW Console Dashboard

July 2023

No.

Feature

Description

Phase

Document

1

Antivirus

The anti-virus function identifies and processes virus files through virus feature detection to prevent data damage, permission change, and system breakdown caused by virus files.

Commercial use

Managing the Antivirus Function

May 2023

No.

Feature

Description

Phase

Document

1

Reverse shell defense

Defend against reverse shells.

Commercial use

Configuring Intrusion Prevention

2

Inter-VPC border protection policy import and export

You can import and export inter-VPC border firewall access control policies.

Commercial use

Managing Protection Rules in Batches

3

Custom IPS signature

You can configure network detection signature rules in CFW. CFW will detect threats in data traffic based on signatures.

Commercial use

Custom IPS Signature

4

Sensitive directory scan defense

Defend against scan attacks on sensitive directories in real time.

Commercial use

Configuring Intrusion Prevention

April 2023

No.

Feature

Description

Phase

Document

1

Network packet capture

You can use the packet capture function to locate network faults and attacks.

Commercial use

Network Packet Capture

2

Domain group protection

A domain name group is a collection of multiple domain names or wildcard domain names.

You can configure domain name groups to protect domains in batches.

Commercial use

Managing Domain Groups

March 2023

No.

Feature

Description

Phase

Document

1

User-defined basic defense

You can check the CVE ID, risk level, and attack type of a basic IPS defense rule and modify defense actions.

Commercial use

Basic Defense Rule Management

2

Alarm notification

CFW interconnects with Simple Message Notification (SMN) to send IPS attack logs and excessive traffic warning through the notification method (email or SMS) you set.

Commercial use

Alarm Notification

3

CFW professional edition

Internet border protection, Internet ACL, full network traffic analysis, network intrusion prevention system (IPS), inter-VPC traffic protection, and inter-VPC asset protection

Commercial use

Editions

November 2022

No.

Feature

Description

Phase

Document

1

API calling

APIs can be invoked through the API Explorer.

Commercial use

API Overview

August 2022

No.

Feature

Description

Phase

Document

1

CFW OBT test

Launched the first open beta test (OBT).

--

What Is CFW?