Cloud Firewall (CFW)

20+ Years of Dedication to Security

Backed by technology, experience, and innovation we've accumulated over 20 years, Huawei firewalls provide extraordinarily robust security.

Secure Cloud Migration

CFW provides key capabilities such as security zone border protection, intrusion detection, and security audit.

Recognized by Authoritative Organizations

Recognized by Gartner.

CFW Editions

CFW Editions

Edition

Standard

Internet border protection | Traffic intrusion detection

Professional

Inter-VPC traffic audit | Traffic protection
Protected EIPs at Internet boundary

20 (expandable)

50 (expandable)

Peak protection traffic at Internet boundary

10 Mbit/s (expandable)

50 Mbit/s (expandable)

Protected VPCs

2 (expandable)

Max. protection traffic between VPCs

200 Mbit/s (can be increased with the number of VPCs)

Log storage space

7 days

7 days

North-south protection

(including EIPs)

Supported

Supported

East-west protection

(including inter-VPC protection and NAT protection)

Supported

Intrusion prevention system (IPS)

Supported

Supported

Antivirus

Supported

Custom IPS signature database

Supported

Network packet capture

Supported

Price
$420.00
USD/Month
$1,450.00
USD/Month

Standard

Internet border protection | Traffic intrusion detection

Protected EIPs at Internet boundary

20 (expandable)

Peak protection traffic at Internet boundary

10 Mbit/s (expandable)

Protected VPCs
Max. protection traffic between VPCs
Log storage space

7 days

North-south protection

Supported

East-west protection
Intrusion prevention system (IPS)

Supported

Antivirus
Custom IPS signature database
Network packet capture
$420.00
USD/Month

Professional

Inter-VPC traffic audit | Traffic protection
Protected EIPs at Internet boundary

50 (expandable)

Peak protection traffic at Internet boundary

50 Mbit/s (expandable)

Protected VPCs

2 (expandable)

Max. protection traffic between VPCs

200 Mbit/s (can be increased with the number of VPCs)

Log storage space

7 days

North-south protection

Supported

East-west protection

Supported

Intrusion prevention system (IPS)

Supported

Antivirus

Supported

Custom IPS signature database

Supported

Network packet capture

Supported

$1,450.00
USD/Month

Why Huawei Cloud CFW?

Simplified Provisioning, Easy Deployment, and Efficient Cloud Asset Management

Simplified Provisioning, Easy Deployment, and Efficient Cloud Asset Management

  • Services can be deployed in minutes, public network assets and internal assets can be automatically synchronized, and the protection can be enabled in one-click.

  • Diverse traffic charts improve security management efficiency

  • Security policies can be imported in one click.

High Reliable Cluster Deployment and Scalable Protection Capabilities

High Reliable Cluster Deployment and Scalable Protection Capabilities

  • High reliability: Engines and components are deployed in clusters or redundant configurations so services can continue uninterrupted if a single node fails.

  • Reduced up-front investment: You can start small and scale out later as your services expand.

  • Supports up to 200 Gbit/s of protection bandwidth, easily handling service traffic even during peak hours.

Collaborates with Multiple Cloud Services to Build Excellent Solutions

Collaborates with Multiple Cloud Services to Build Excellent Solutions

  • Log Tank Service (LTS) and SecMaster collect firewall logs in real time, store logs long term, and produces a range of statistical reports.

  • Cloud Trace Service (CTS) monitors and audits assets in real-time. Simple Message Notification (SMN) reports alarms when threats are detected.


  • Supports enterprise projects, multi-account solutions, and permission management scenarios, such as managing multiple firewalls using a single account or managing resources across accounts.

Comprehensive Protection for User Assets

Comprehensive Protection for User Assets

  • Supports refined access control for Internet traffic and inter-VPC traffic, flexible configurations based on IP addresses; geographical locations and domain names; and 20,000 ACLs.

  • Huawei's threat and vulnerability databases are integrated into CFW, enabling you to precisely defend against online threats.

  • Supports functions such as virus scans, reverse shell detection, sensitive directory scan, and custom IPS to effectively defend against attacks.

Infrastructure Security: Advanced Threat Prevention

Intrusion Prevention
Scenario

0-day vulnerabilities and attack variants keep emerging. Frequent updates are required to defend against unknown threats.

CFW enables intrusion detection and prevention in one-click to comprehensively intercept malicious behaviors such as malicious intrusions and virus attacks.

Advantages
Automatic Stocktaking of Public Network Assets

CFW can identify the threat exposure for your assets. You can enable protection in a few clicks.

Intelligent Defense

Huawei's threat and vulnerability databases are integrated in CFW, enabling you to defend against threats with great precision.

Server Originated Traffic Control
Scenario

Protects information assets and controls north-south traffic.

CFW uses refined NAT rules to control proactive external connections and block unauthorized external connections.

Advantages
Connection Logging

Logs are recorded for all server originated connections.

Intelligent Analytics and Protection

You can analyze server originated connections, evaluate server intrusion risks, and block malicious connections in real time to protect your assets.

Inter-VPC Access Control
Scenario

The explosive growth of data and connections requires flexible, tailored security capabilities.

To protect your resources from horizontal attacks, CFW provides access control for VPCs and private lines in complex and heavy-traffic scenarios.

Advantage
Intelligent Defense

Control the traffic and access between VPCs, identifying and blocking malicious access.

Visualization and Traceability

Access between internal service systems can be recorded, analyzed, and displayed. Events can be audit and traced back to their sources.

Enable

Cloud Firewall

Immediately
to Safeguard Your Assets
Buy Now

More Services

More Services