检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 1 Traffic between a VPC and an IDC Figure 2 Traffic between VPCs Introduction to VPC Border Traffic Protection Supported Protected Objects VPC Virtual gateway (VGW) attachment VPN Global DC gateway (DGW) Protection Specifications The protection specifications of a VPC border
Enabling the VPC Border Firewall and Ensuring the Traffic Passes Through CFW A new firewall is disabled by default. Traffic passes through the enterprise router without being forwarded to the new firewall. You can enable a VPC border firewall as needed. Enabling a VPC Border Firewall
How Is VPC Border (East-West) Traffic Charged? By default, the CFW professional edition protects two VPCs, providing 200 Mbit/s protection for VPC border traffic. To protect more inter-VPC traffic, you can purchase more VPC protection quotas. Each quota provides 200 Mbit/s protection
Enabling VPC Border Traffic Protection VPC Border Firewall Overview Enterprise Router Mode (New) Enterprise Router Mode (Old) Managing VPC Border Firewalls Parent Topic: CFW Protection
Table 9 EwProtectResourceInfo Parameter Type Description protected_resource_type Integer Protected resource type: 0 (VPC), 1 (VGW), 2 (VPN), or 3 (peering). protected_resource_name String Protected resource name. protected_resource_id String Protected resource ID. protected_resource_nat_name
Configuring Protection Rules to Block or Allow VPC Border Traffic After protection is enabled, CFW allows all traffic by default. You can configure protection rules to block or allow traffic. Protection Rule Description The protected objects, actions, and application scenarios of
Restoring the Enterprise Router Configuration After VPC Border Protection Is Permanently Disabled If you no longer need VPC border traffic protection, manually restore the configuration of the enterprise router after disabling VPC border protection. This section describes how to restore
Disabling VPC Border Protection If your workloads are blocked by mistake, you can temporarily disable the VPC border firewall. The firewall does not check any traffic while it is disabled. If you no longer need VPC border traffic protection, manually restore the configuration of the
How Do I Calculate the Number of Protected VPCs and the Peak Protection Traffic at the VPC Border? Pay-per-use firewalls are charged based on the actual protection status. The maximum bandwidth of a pay-per-use firewall (total traffic that can pass through the firewall) is 1 Gbit/
Enabling or Disabling a VPC Border Firewall A new firewall is disabled by default. Traffic passes through the enterprise router without being forwarded to the new firewall. You can enable or disable a VPC border firewall as needed. Prerequisites You have purchased the CFW professional
Creating a VPC Border Firewall A VPC border firewall can collect statistics on communication traffic between VPCs, helping you detect abnormal traffic. This section describes how to create a VPC border firewall. Prerequisites You have an enterprise router. To create a VPC border firewall
Creating a VPC Border Firewall A VPC border firewall can collect statistics on the traffic between VPCs, helping you detect abnormal traffic. Before enabling a VPC border firewall, create it and associate it with an enterprise router first. Prerequisites The current account must have
Managing VPC Border Firewalls Adding a Protected VPC Modifying a Private CIDR Block Disabling VPC Border Protection Restoring the Enterprise Router Configuration After VPC Border Protection Is Permanently Disabled Parent Topic: Enabling VPC Border Traffic Protection
Adding a Protected VPC Scenario After configuring a VPC border firewall, you need to configure routes to forward traffic to CFW. This section describes how to quickly configure and modify routes. Prerequisites You have configured the VPC border firewall. For details, see Enterprise
