Data Protection Controls
WAF takes different controls to keep data in WAF secure and reliable.
Measure |
Description |
---|---|
Protection for data at rest |
WAF encrypts sensitive data in your website traffic to keep the data from leakage. |
Protection for data in transit |
Data is encrypted when it is transmitted between microservices to prevent leakage or tampering during transmission. WAF keeps your configuration data secure as the configuration data is transmitted over HTTPS. |
Data integrity verification |
When the WAF process is started, the configuration data is obtained from the configuration center instead of directly reading local files. |
Data isolation mechanism |
WAF isolates its tenant zone from its management plane. Operation permissions for WAF are isolated by user. Your policies and logs are isolated from those of others. |
Data destruction mechanism |
To prevent information leakage caused by residual data, Huawei Cloud sets different retention periods based on the customer level. If the customer does not renew the subscription or recharge the account after the retention period expires, the data stored in the cloud service will be deleted and the cloud service resources will be released. WAF automatically detects cloud service subscription status and releases resources when the retention period expires. |
Beyond that, WAF protects your website while making every effort to protect your privacy in accordance with applicable laws and regulations. Take intrusion prevention as an example. WAF detects traffic that matches threat signature library and scans for abnormal behavior only. WAF never collects or stores any user privacy data. For more privacy data usage and protection issues, see Privacy Statement.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot