Related Services
IAM
Identity and Access Management (IAM) provides the permission management function for CFW. Only users who have Tenant Administrator permissions can perform operations such as authorizing, managing, and detect cloud assets using CFW. To obtain the permissions, contact the users who have the Security Administrator permissions.
EIP
Elastic IP (EIP) provides independent public IP addresses and bandwidth for Internet access.
CFW protects Internet border traffic by protecting EIPs.
VPC
Virtual Private Cloud (VPC) enables you to provision an isolated, private virtual network for cloud resources, such as cloud servers, containers, and databases.
CFW can protect traffic at VPC borders, such as between VPCs, or between a VPC on the cloud and an on-premises data center.
NAT Gateway
NAT Gateway provides public and private NAT gateways. A public NAT gateway provides SNAT and DNAT to let cloud servers in a VPC use an EIP to communicate with the Internet.
CFW protects the NAT gateway traffic by protecting the VPC where the NAT gateway resides.
SMN
Simple Message Notification (SMN) provides the message notification function. After you enable notification on CFW, you will receive alarms based on the notification mode you configured if your resources are attacked or the protection traffic exceeds your quota.
Differences from WAF
CFW and WAF are two different products that can be used to protect your Internet borders, VPC borders, and web services.
The following table describes the differences between CFW and WAF.
Item |
CFW |
WAF |
---|---|---|
Definition |
Cloud Firewall (CFW) is a next-generation cloud-native firewall. It protects the Internet border and VPC border on the cloud by real-time intrusion detection and prevention, global unified access control, full traffic analysis, log audit, and tracing. It employs AI for intelligent defense, and can meet changing business needs, helping you easily handle security threats. CFW is a basic service that provides network security protection for user services on the cloud. |
WAF keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF). |
Protection |
|
|
Features |
|
WAF identifies and blocks a wide range of suspicious attacks, such as SQL injections, XSS attacks, web shell upload, command or code injections, file inclusion, unauthorized sensitive file access, third-party vulnerability exploits, CC attacks, malicious crawlers, and CSRF. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot