Community Blog Cloud Firewall: Safeguards Businesses in The Cloud

Cloud Firewall: Safeguards Businesses in The Cloud

Alibaba Cloud Firewall is one of the first SaaS firewalls deployed on the public cloud. It is your first choice for network security that safeguards your businesses in the cloud.

Alibaba Cloud Firewall Overview

Alibaba Cloud Firewall is the first Firewall as a Service (FWaaS) solution that is provided by Alibaba Cloud for public clouds. Cloud Firewall allows you to centrally manage the access control policies that are used to control north-south traffic from the Internet to your ECS instances and the micro-segmentation policies that are used to control east-west traffic between ECS instances. Cloud Firewall provides a built-in intrusion prevention system (IPS). IPS allows you to view networkwide traffic and inter-business access relationships. Cloud Firewall is the primary infrastructure used to secure your business that has been migrated to Alibaba Cloud.

The Benefits of Alibaba Cloud Firewall

Alibaba Cloud-based Firewall manages north-south and east-west traffic in a centralized manner to protect your network. The out-of-the-box feature of Cloud Firewall makes it easy to use. Besides, Cloud Firewall supports precise access control and network-wide traffic visualization.

Ease of use

After you purchase a Cloud Firewall edition and complete the necessary configurations in the console, you can use Cloud Firewall immediately to defend your network. Cloud Firewall effectively reduces the cost of network security control and O&M.

Smooth scaling

Cloud Firewall is deployed in cluster mode and supports smooth scaling. It provides a defense capability of up to 2 Gbit/s for each IP address. You can customize the defense capability based on your business requirements.

Stability and reliability

Cloud Firewall is deployed in two availability zones (AZs) to achieve high availability. This way, Cloud Firewall does not break down if a server or AZ fails.

On-cloud in-depth integration

Cloud Firewall provides complete north-south and east-west traffic control for your assets. You can fully control access to your ECS instances and isolate ECS instances for security.

Cloud Firewall integrates access by Alibaba Cloud network service, such as Virtual Private Cloud (VPC), Cloud Enterprise Network (CEN), Elastic IP Address (EIP), and Server Load Balancer (SLB). Cloud Firewall controls access to common cloud assets at the network layer and exploits security capabilities of terminals to monitor and block suspicious access to cloud assets.

Real-time intrusion prevention

A built-in intrusion prevention system (IPS) allows Cloud Firewall to update network-wide threat intelligence in real-time and monitors more than 5 million active malicious IP addresses and domain names. In this way, Cloud Firewall can detect and block threats from the Internet. Besides, Cloud Firewall provides a cyber kill chain to defend against critical cyberattacks.

Visualized business relationships

Cloud Firewall shows assets and their access relationships in topology views. After you activate Cloud Firewall, you can view your business groups, application groups, assets, and access relationships between assets in topologies, and perform clustering analysis of user traffic without any configurations. Cloud Firewall supports visualized analysis of traffic to ensure policy accuracy.

Compliance with classified protection requirements

Cloud Firewall meets classified protection requirements such as boundary protection and access control.

The Scenarios of Alibaba Cloud Firewall

Cloud Firewall is the primary infrastructure that you can deploy to ensure network security for your business migrated to Alibaba Cloud. Cloud Firewall provides core functions such as network-wide traffic identification, centralized policy management, intrusion detection, and log auditing.

  • Access control on the Internet firewall
    Controls inbound and outbound traffic on the Internet, and intercepts attacks and threats from the Internet, such as hacker intrusions, mining activities, and malicious traffic.
  • Access control on internal firewalls
    Controls the traffic between ECS instances on an internal network and isolates business, so that risks on a specific ECS instance do not pose security threats to the business on the cloud.
  • Access control on VPC firewalls
    Controls the traffic between VPCs.
  • Intrusion prevention
    Detects and analyzes outbound connections of cloud assets, Internet access traffic, and traffic between ECS instances on an internal network. This helps you monitor the network traffic in real-time, determine which cloud assets are at risk, and stop abnormal activities in real-time to prevent risks.
  • Traffic visualization
    Presents asset information and access relationships to help you identify suspicious traffic in real-time.
  • Classified protection compliance
    Stores the logs of more than six months of cloud assets, which helps websites meet classified protection compliance requirements.

Related Product

Alibaba Cloud Firewall

Alibaba Cloud Firewall centrally manages the policies that control the traffic from the Internet to your businesses. It also controls the traffic between VPC networks, the traffic on Express Connect instances, and the traffic generated by VPN-based remote access. Cloud Firewall is embedded with an Intrusion Prevention System (IPS) and can detect outbound connections from your assets. Alibaba Cloud Firewall can also visualize network traffic and access between businesses as well as can store network traffic logs generated within the last six months.

Related Blog

Alibaba Cloud Firewall: The Next-Gen Firewall as a Service

A firewall is a word that induces a sense of security and protection. For many years, firewalls have been the core of basic computing security, but with the introduction and evolution of the cloud, security threats, and malicious iterations of code have also evolved. To deal with evolving threats, tech giants like Alibaba Cloud created a Cloud firewall solution.

Before we discuss the Alibaba Cloud Firewall, let’s discuss some of the basics of a Cloud Firewall. A Cloud Firewall is a multi-application tool that performs security, monitoring, reporting, and self-learning using AI. The most important tasks are tracking and controlling the flow of data and filtering out any malicious domains, IPs, and ports used for this data exchange.

Cloud firewalls are next-generation firewalls that protect your internal system from the outside world in a cloud setting. They are a critical piece of infrastructure that is the first line of defense for your cloud resources. Cloud firewalls could be stand-alone products that are offered as a service.

0 0 0
Share on

Alibaba Clouder

2,626 posts | 711 followers

You may also like