You can configure notification and contact settings in Cloud Firewall. If Cloud Firewall detects abnormal traffic, infected hosts, or suspicious outbound connections in your assets, it notifies you by text message or email.

Procedure

  1. Log on to the Cloud Firewall console.
  2. In the left-side navigation pane, click Settings.
  3. In the Notification Settings section of the Settings page, configure the notification settings.
    Note The notification settings immediately take effect.
    Notification Settings
    Item Description Time Concerned level Method
    Abnormal Traffic If the volume of peak Internet traffic exceeds the processing capability of Cloud Firewall, Cloud Firewall sends you notifications. The default value is 8:00-20:00 and cannot be changed. The default value is All and cannot be changed. Valid values:
    • SMS: After Cloud Firewall detects exceptions, it sends text messages to the phone numbers of the contacts that are specified in the Contact Settings section.
    • Email: After Cloud Firewall detects exceptions, it sends emails to the email addresses of the contacts that are specified in the Contact Settings section.
    Infected Hosts If your hosts are infected, Cloud Firewall sends you notifications. Some notifications are sent one day later to avoid false positives. Valid values:
    • 8:00~20:00
    • 24 Hours
    Valid values:
    • High
    • Medium
    Suspicious Outbound Connection If Cloud Firewall detects suspicious IP addresses or domain names in outbound connections, it sends you notifications. Valid values:
    • 8:00~20:00
    • 24 Hours
    Valid values:
    • Risk
    • Non-Whitelist Alert
      Note If you select Non-Whitelist Alert, Cloud Firewall sends you notifications of suspicious outbound connections when it detects IP addresses or domain names that are not added to a whitelist for outbound connections. You can configure the whitelist based on your business requirements. For more information, see Outbound connections.
  4. In the Contact Settings section of the Settings page, configure the contacts to receive the notifications.
    Perform the following steps:
    • Add a contact: Click Add Contact, enter the contact name, email address, and mobile number, and click Save.

      After you add a contact, the contact is automatically enabled. If you do not want Cloud Firewall to send notifications to the contact, turn off the switch in the Enabled column.

      Note You can add up to 10 contacts. By default, Cloud Firewall sends notifications to the phone number and email address that is associated with your Alibaba Cloud account contact.
    • Edit the contact information: Click Edit in the Actions column to modify the contact name, email address, and mobile number. Then, click Save.
    • Delete a contact: Click Delete in the Actions column.
    After you configure the notification and contact settings, the contacts receive text message or email notifications within the specified period of time if Cloud Firewall detects exceptions of the specified levels.