Alibaba Cloud provides Hybrid Cloud Web Application Firewall (WAF), which is a hybrid cloud solution. The solution can protect your web services that are deployed in and outside the cloud. You can use the solution for centralized security control in hybrid cloud environments.

Background information

Alibaba Cloud provides Hybrid Cloud WAF to help protect and manage web applications in various hybrid cloud environments in a centralized manner. The web applications can be deployed across Alibaba Cloud Public Cloud and data centers and across Alibaba Cloud Public Cloud and third-party clouds. You can use Hybrid Cloud WAF to protect your service traffic that cannot be migrated to the cloud. Hybrid Cloud WAF combines shared and exclusive resources in and outside the cloud and serves as an elastic and efficient system that can protect web applications in a centralized manner.

To protect your web services in hybrid clouds, Hybrid Cloud WAF integrates the protection capabilities of Alibaba Cloud WAF to your data centers. You can use the WAF console in the cloud to manage protection rules, perform security O&M, manage security services, and upgrade systems.

You can deploy Hybrid Cloud WAF in cluster mode or standalone mode. Hybrid Cloud WAF serves as a reverse proxy to inspect all access requests and forward requests to backend servers. Hybrid Cloud WAF can balance the load of backend servers. Hybrid Cloud WAF in cluster mode offers the following benefits: multi-node redundancy, high scalability, high performance of WAF, and high service availability.

Benefits

Hybrid Cloud WAF consists of the network, detection, monitoring, and logging modules, and supports web protection, bot management, real-time logging, and HTTP flood protection. Hybrid Cloud WAF offers the following core benefits:
  • Provides a console that allows you to perform security O&M and management operations in a centralized manner. This reduces O&M costs.
  • Synchronizes protection rules and threat intelligence from Alibaba Cloud WAF in real time. This improves the protection of your services.
  • Obtains the threat intelligence of Alibaba Cloud and uses the security operations capabilities of Alibaba Cloud. This helps accurately identify and block threats.
  • Supports online elastic scale-out. This approach is flexible and controllable, and ensures stable performance.

For more information, see WAF deployment plans and editions.

Procedure

Notice Before you purchase a Hybrid Cloud WAF instance, we recommend that you contact Alibaba Cloud technical support. For more information, see Consultation about Hybrid Cloud WAF.
  1. On the Web Application Firewall buy page, purchase a Hybrid Cloud WAF instance. Hybrid Cloud WAF
  2. In the Web Application Firewall console, deploy a protection cluster for Hybrid Cloud WAF. For more information, see Deploy a protection cluster for Hybrid Cloud WAF.
  3. In the Web Application Firewall console, add a website to the protection cluster and complete the required configurations. For more information, see Add a website.

Consultation about Hybrid Cloud WAF

If you want to consult about Hybrid Cloud WAF, use DingTalk to scan the following QR code and contact Alibaba Cloud technical support. QR code for consultation