Cloud Firewall

Cloud Firewall (CFW)

Cloud Firewall (CFW)

Cloud Firewall (CFW) is a next-generation cloud native firewall that protects Internet and VPC borders on the cloud. It can detect and defend against intrusions in real time, analyze traffic and visualize results, audit logs, and trace traffic sources. You can scale CFW resources as needed.
Getting to Know CFW
Secure

Enhance internal network security.
Visualized

Monitor and audit network storage and access.
Simplified

Easily provision CFW and migrate policies.

Why CFW?

  • Easy Deployment

    CFW is a cloud-native SaaS service. It can automatically check the security status of public network assets and internal assets. You can enable protection and import security policies in a few clicks, and dynamically scale capacities.

    CFW is a cloud-native SaaS service. It can automatically check the security status of public network assets and internal assets. You can enable protection and import security policies in a few clicks, and dynamically scale capacities.

  • Intelligent Defense

    CFW integrates Huawei's threat and vulnerability databases, using a built-in intrusion prevention system (IPS) to detect and block malicious traffic in real time.

    CFW integrates Huawei's threat and vulnerability databases, using a built-in intrusion prevention system (IPS) to detect and block malicious traffic in real time.

  • Visualization and Traceability

    CFW records all traffic logs, access logs, and intrusion logs, displaying their statistics in tables and charts. You can audit operations and trace the sources of attacks.

    CFW records all traffic logs, access logs, and intrusion logs, displaying their statistics in tables and charts. You can audit operations and trace the sources of attacks.

  • Robust Ecosystem

    CFW can be seamlessly integrated with third-party threat detection and analysis engines. Firewalls both on and off the cloud can be developed in the same ecosystem. Your security policies and assets that are off the cloud can be seamlessly migrated to CFW.

    CFW can be seamlessly integrated with third-party threat detection and analysis engines. Firewalls both on and off the cloud can be developed in the same ecosystem. Your security policies and assets that are off the cloud can be seamlessly migrated to CFW.

Features

Fine-Grained Access Control

Fine-Grained Access Control

You can control access traffic in all directions and block intrusions in real time. Access from the Internet, between VPCs, or at a specific granularity can be controlled.

Control Server Originated Traffic

Control Server Originated Traffic

You can check external connections, identifying and blocking malicious access.

Statistics about servers requesting external connections are displayed on the CFW console, helping you identify malicious or intruded servers.

Intrusion Detection and Prevention

Intrusion Detection and Prevention

CFW's intrusion prevention engine detects and intercepts malicious traffic in real time to implement intelligent and accurate protection based on Huawei's network-wide threat intelligence.

For assets that can access the Internet, CFW can identify their attack surface and allow you to enable protection in a few clicks.


Log Audit and Traffic Visualization

Log Audit and Traffic Visualization

All traffic is logged and can be presented in reports. You can audit events and trace threats back to their sources.

All of the traffic on your network is visualized.

Application Scenarios

Scenario

You can use CFW to perform security stocktaking on service assets accessible to the public network, and enable intrusion detection and prevention in one click.

Advantages

  • Automatic Stocktaking of Public Network Assets

    CFW can identify the threat exposure for your assets. You can enable protection in a few clicks.

  • Intelligent Defense

    Huawei's threat and vulnerability databases are integrated in CFW, enabling you to defend against threats with great precision.

Scenario

You can implement domain-based precise control over server originated traffic.

Advantages

  • Connection Logging

    Logs are recorded for all server originated connections.

  • Intelligent Analytics and Protection

    You can analyze server originated connections, evaluate server intrusion risks, and block malicious connections in real time to protect your assets.

Scenario

Check inter-VPC traffic and control internal access.

Advantage

  • Intelligent Defense

    Control the traffic and access between VPCs, identifying and blocking malicious access.

  • Visualization and Traceability

    Access between internal service systems can be recorded, analyzed, and displayed. Events can be audit and traced back to their sources.

Learn More

Service Overview

Introduction to CFW

User Guide

Guidance on Common CFW Operations

FAQ

CFW FAQ
查看更多 收起