If you enable a firewall but no access control policies are configured for the firewall or the block mode is disabled for the threat detection engine, your service traffic passes through Cloud Firewall but malicious traffic is not blocked. As a result, your assets are not protected. You can enable or disable a firewall for your assets on the Firewall Settings page of the Cloud Firewall console. You do not need to perform complex configurations to enable a firewall. After you enable a firewall, the firewall immediately takes effect.

Limits

Cloud Firewall Enterprise Edition and Ultimate Edition support private cloud (VPC) firewalls. The Basic Edition (free of charge) and Premium Edition do not support VPC firewalls. For more information about the features that each edition supports, see Editions and regions.

For more information about the limits that you must bear in mind when you enable VPC firewalls, see VPC firewall limits.

Procedure

  1. Log on to the Cloud Firewall console.
  2. In the left-side navigation pane, choose Firewall Settings > Firewall Settings.
  3. On the Firewall Settings page, enable firewalls.
    Note Only Cloud Firewall Enterprise Edition and Ultimate Edition support VPC firewalls. If you use Basic Edition or Premium Edition, the VPC Firewall tab does not appear on the Firewall Settings page.
    You can enable the Internet firewall or VPC firewalls for your assets.
    • To enable the Internet firewall, perform the following steps:

      On the Internet Firewall tab, find the asset that you want to protect and click Enable Firewall in the Actions column. If you want to enable or disable the Internet firewall for multiple assets at a time, select the assets. In the lower-left corner of the page, click Enable Firewall or Disable Firewall.

    • To enable VPC firewalls, perform the following steps:

      On the VPC Firewall tab, find the asset that you want to protect and click Enable Firewall in the Actions column. If you want to enable or disable VPC firewalls for multiple assets at a time, select the assets. In the lower-left corner of the page, click Enable Firewall or Disable Firewall.

    You can specify filter conditions to search for specific assets and check whether firewalls are enabled for the assets. The filter conditions include Asset Type, Region, Protection Status, and Account.
    After the Internet firewall or a VPC firewall is enabled or disabled for your assets, the firewall status changes to Enabled or Disabled in the Firewall Status column. The value Enabled indicates that the firewall takes effect. The value Disabled indicates that the firewall no longer protects your assets. It requires several seconds for the firewall status to be updated.

References