Overview - Overview| Alibaba Cloud Documentation Center

The Overview page of Cloud Firewall displays the overall protection status of a cloud firewall in terms of protection statistics, traffic trends, and protection scenarios. This topic describes the data displayed on the Overview page, helping you understand the security status of your network assets.

Access the Overview page

Log on to the Cloud Firewall console. The Overview page appears.

The Overview page consists of three parts. You can click the following links to view the individual parts.

Protection statistics (marked by ①)
Trend data (marked by ②)
Scenario data (marked by ③)

In the upper-right corner of the Overview page, you can view the version and the valid days of the Cloud Firewall instance that remain. You can click Upgrade or Renew based on your business requirements. For more information, see Upgrade and renew. You can click More to view instance details, including the bandwidth specification, peak bandwidth in the last week, number of supported regions, number of current regions, public IP address quota, and storage space for log analysis.

Protection statistics

Protection statistics include the following information:

Firewall Function: displays the number of network assets for which you have not enabled Internet firewall. You can click the number or the icon to go to the Firewall Settings page to enable or disable the firewall. For more information, see Enable or disable Internet firewall.
External Connections: displays the number of risky external connections detected by Cloud Firewall. You can click the number or the icon to go to the External Connections page to view details. For more information, see External connections.
Internet Access: displays the number of risky open ports on network assets. You can click the number or the icon to go to the Internet Access page to view details. For more information, see Internet access.
Intrusion Detection: displays the number of unhandled intrusion events on network assets. You can click the number or the icon to go to the Intrusion Detection page and handle the intrusion events. For more information, see Intrusion detection.
Protection Count: displays the number of abnormal sessions blocked by Cloud Firewall in real time.

Note The number of abnormal sessions updates with a delay of several minutes.

You can click Details to view detailed information. The following figure shows the details.

Trend data

Trend data displays the overall traffic trend of protected network assets and the number of both inbound and outbound sessions blocked by Cloud Firewall within a specified period. You can click the drop-down arrow next to Trend Data and select a time range. The options include Last 1 Hour, Last 1 Day, and Last 7 Days.

Scenario data

Scenario data shows vulnerability prevention, brute-force attacks, and risks identified by scanning on the protected network assets within a specified period. You can click the drop-down arrow next to Scenario Data and select a time range. The options include Last 1 Hour, Last 1 Day, and Last 7 Days. You can also click the Vulnerability Prevention, Brute Force, or Scan tab to view data of these types.

Vulnerability Prevention: displays vulnerability statistics and a vulnerability list. Vulnerability statistics include the numbers of unprevented vulnerabilities, prevented vulnerabilities, affected public IP addresses, and blocked intrusions. To enable prevention for a specific vulnerability, follow these steps:
1. Find the vulnerability you want to prevent and click Enable Prevention.
  
  Note Prevention can be enabled only for vulnerabilities whose status is Unprevented or Partially Prevented.
2. In the Enable Prevention dialog box that appears, confirm the information, and click OK.
  Then, Status of the vulnerability changes to Prevented.
Brute Force: displays statistics of brute-force attacks and details about attacked applications and assets. Statistics of brute-force attacks include the numbers of attacks, blocked attacks, attacked applications, and attacked assets.
Scan: displays risk statistics and details about scanned applications and assets. Risk statistics include the numbers of attacks, blocked attacks, attacked applications, and attacked assets.