Connection Method Comparison
Cloud Native WAF currently supports five traffic source types: cloud-native Layer 7 CLB instances (private network and public network types), Cloud Native Gateway, SCF, APISIX Gateway, and other application gateways, as shown below:
Instance type | Scenarios | Core strengths | Access Mode | Supported Region |
Applicable to users who are already using or planning to use Tencent Cloud public network or private network Layer 7 CLB, such as high-concurrency scenarios for Web services. | Supports two modes: mirroring and scrubbing. No need to adjust the architecture, supports one-click By Pass, stable and reliable. | Supports domain and instance access. The domain protection method achieves traffic mirroring detection and scrubbing by binding the domain to a CLB listener. | Silicon Valley, Bangkok, Hong Kong (China), Mumbai, Singapore, Frankfurt, Moscow, Virginia, Jakarta, Seoul, Tokyo, Toronto | |
Applicable to Cloud Native Gateway users, such as in microservices architecture and API open platform scenarios, requiring unified management of API security. | Supports scrubbing mode. Forwarding and protection are separated. The API Gateway controls traffic access, which is more reliable. | Associate WAF policies in API Gateway configurations to implement security protection for API traffic, supporting domain and gateway instance access. For details on the traffic access process on the Cloud Native Gateway side, see API Gateway Product Documentation. | Singapore | |
Applicable to Cloud Function(SCF) users, such as serverless Web applications and event-triggered business protection. | Supports scrubbing mode. Forwarding and protection are separated. Traffic access is controlled on the SCF side, which is more reliable. | By integrating SCF triggers with WAF, security filtering is performed on HTTP requests. For details on the traffic access process on the SCF side, see SCF Product Documentation. | Hong Kong (China), Virginia, Silicon Valley, Sao Paulo, Frankfurt, Seoul, Mumbai, Tokyo, Singapore, Bangkok | |
Applicable to APISIX gateway users who wish to integrate Tencent Cloud WAF to enhance security capabilities. | Compatible with open source ecosystems. Supports integration via SDK plugins, autonomous and controllable. | The connection method is the same as that of the Cloud Native Gateway, but requires the APISIX gateway to integrate the SDK to forward business traffic to the Tencent Cloud WAF cluster (custom integration required). | Frankfurt, Singapore custom access | |
Applicable to customer traffic in various environments such as cloud and on-premises, hybrid cloud WAF deployment and access. | Compatible with any environment. Supports integration via SDK plugins, autonomous and controllable. | The connection method is the same as that of the Cloud Native Gateway, but requires the customer's gateway to integrate the SDK to forward business traffic to Tencent Cloud WAF Hybrid Cloud Protection Cluster. | Customer-defined regions |
Domain Name Connection Method Comparison
CLB instance: By configuring the domain name and Layer-7 CLB (listener) resources in the WAF console's domain access, bypass threat detection and cleansing are performed on HTTP/HTTPS traffic passing through the Cloud Native instance listener, achieving decoupling of business forwarding and security protection.
Cloud Native Gateway and SCF instances: By enabling WAF protection through the API Gateway console (For details, see API Gateway product documentation) and the SCF console, and configuring the domain name in the WAF console's domain access, bypass threat detection and cleansing are performed on HTTP/HTTPS traffic passing through the Cloud Native Gateway and SCF gateway, achieving separation of business forwarding and security protection.
APISIX Gateway Service: The APISIX gateway integrates the SDK to forward business traffic to the Tencent Cloud WAF cluster (custom integration required).
Custom Application Gateway Service: The customer's gateway integrates the SDK to forward business traffic to the Tencent Cloud WAF Hybrid Cloud Protection Cluster.
Help and Support
Was this page helpful?
You can also Contact sales or Submit a Ticket for help.
Help us improve! Rate your documentation experience in 5 mins.
Feedback