CFW supports active firewall ACL control, real-time IPS intrusion blocking, virtual patch, and malicious code detection. Based on Tencent Cloud’s threat intelligence, it blocks abnormal host outbound connections in real time. Its Premium and higher editions further support perimeter firewalls with integrated NAT capabilities.
Network logs with full traffic details can be retained for up to six months, and the advanced threat traceability analysis feature can comprehensively analyze the registration and resolution of domain names.
CFW supports domain name-based access control, which can precisely manage proactive outbound connections.
The Premium and higher editions also support NAT firewalls with integrated NAT capabilities to manage active outbound connections from CVM instances.
CFW can implement DMZ management just like in traditional networks to focus on the protection of core assets and achieve fine-grained isolation and management of VPCs.
The Enterprise and Ultimate editions further support inter-VPC firewalls.