Overview
Cloud Firewall (CFW) is a next-generation cloud-native firewall. It protects the Internet border and VPC border on the cloud by real-time intrusion detection and prevention, global unified access control, full traffic analysis, log audit, and tracing. It employs AI for intelligent defense, and can be elastically scaled to meet changing business needs, helping you easily handle security threats. CFW is a basic service that provides network security protection for user services on the cloud.
Functions and Scenarios
CFW provides access control policies (protection rules, blacklist, and whitelist) and attack defense (intrusion prevention and antivirus) functions to protect Internet borders, VPC borders, and NAT gateways. Scenarios need to be differentiated only when protection rules are configured, as shown in Figure 1.
- Internet border protection: Use CFW to configure protection rules to allow the inbound traffic to a specified EIP. For details, see Configuring a Protection Rule to Allow the Inbound Traffic to a Specified EIP.
- VPC border protection: Use CFW to configure protection rules to protect the traffic between two VPCs. For details, see Configuring a Protection Rule to Protect Traffic Between Two VPCs.
- NAT gateway protection: For details about how to use CFW to configure protection rules to protect SNAT traffic, see Configuring a Protection Rule to Protect SNAT Traffic.
- Intrusion prevention: For details about how to use CFW to block network attacks at the Internet border, see Configuring Intrusion Prevention to Protect EIPs.
References
- For details about how to configure protection rules to control traffic, see Adding Protection Rules to Block or Allow Traffic.
- For details about how to configure a blacklist or whitelist to control traffic, see Adding Blacklist or Whitelist Items to Block or Allow Traffic.
- For details on how to configure intrusion prevention to block network attacks, see Adjusting the IPS Protection Mode to Block Network Attacks.
- For details about how to configure antivirus to block virus-infected files, see Enabling Antivirus to Block Virus-infected Files.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot