Cloud Firewall
Last updated: 2025-06-24 16:34:38
What protocols does Cloud Firewall support?
Edge firewall supports TCP, HTTP, and HTTPS currently.
NAT edge firewall supports TCP, UDP, ICMP, HTTP, HTTPS, SMTP, SMTPS, and FTP.
Inter-VPC firewall supports TCP, UDP, and ICMP.
How CFW Protects UDP Protocol?
Internet edge firewall (serial mode) supports UDP protocol protection.
Internet edge firewall (bypass mode) does not support UDP protocol protection.
Redundancy of CFW?
The Internet edge firewall uses a cluster deployment method, while the NAT edge firewall and inter-VPC firewall default to Primary-Backup Deployment.
Does CFW Support Single-Zone High Availability?
There are two cases: the Internet boundary uses physical machine deployment in clusters to implement an active-active mechanism, unaffected by AZs; the NAT edge firewall and VPC boundary firewall use virtualization technology and currently support cross-regional availability zone deployment. During disaster recovery switch, we synchronize session tables to ensure connections are not interrupted. The latency is around 10 seconds, primarily due to the time required for the heartbeat mechanism to detect AZ abnormalities.
Unable to Enter CFW Console after Purchase, Page Continuously Refreshing, How to Resolve?
For first-time operating users, attempt to access the Asset Center Page. At that time, a pop-up prompt box will appear on the webpage, guiding users in completing role authorization. After authorization completion, they can access the Cloud Firewall console normally.
Does CFW Support Tencent Cloud Direct Connect to IDC Computer Room Protection and Deployment in Physical Server Room?
Tencent Cloud Firewall is SaaS-based and does not support deployment in physical server rooms.
How to View the Current Firewall Version Number?
Inter-VPC firewall: You can query it through the API DescribeFwGroupInstanceInfo, use F12 to access the corresponding firewall switch, and view the "EngineVersion": "cfw_v3.7.0.1009" info (located in the second-to-last line of the response).
NAT edge firewall: Query the corresponding NatinsName (NAT instance name) and EngineVersion (engine version) through the API DescribeNatFwInstancesInfo
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback