tencent cloud

Cloud Firewall

Cloud Firewall (CFW) is an SaaS firewall based on the public cloud environment. It provides network edge protection, and addresses security and management needs for centralized access control and log audit. In addition to the features of traditional firewalls, CFW supports multi-tenancy and elastic scaling and is an essential network security infrastructure for cloud migration.

Cloud Firewall
Real-Time Attack Protection
Real-Time Attack Protection

CFW supports active firewall ACL control, real-time IPS intrusion blocking, virtual patch, and malicious code detection. Based on Tencent Cloud’s threat intelligence, it blocks abnormal host outbound connections in real time. Its Premium and higher editions further support perimeter firewalls with integrated NAT capabilities.

Event Traceability and Evidence Collection
Event Traceability and Evidence Collection

Network logs with full traffic details can be retained for up to six months, and the advanced threat traceability analysis feature can comprehensively analyze the registration and resolution of domain names.

Use Cases

CFW supports domain name-based access control, which can precisely manage proactive outbound connections.

The Premium and higher editions also support NAT firewalls with integrated NAT capabilities to manage active outbound connections from CVM instances.

Proactive Outgoing Access Management

CFW can implement DMZ management just like in traditional networks to focus on the protection of core assets and achieve fine-grained isolation and management of VPCs.

The Enterprise and Ultimate editions further support inter-VPC firewalls.

DMZ Management

CFW is a subscription service. It provides Premium, Enterprise and Ultimate editions. For details, see Purchase Guide.