Cloud Firewall allows you to configure access control policies to specify the accessible ports on your assets and control the access from your assets to the Internet. You can use access control policies to control inbound and outbound traffic.
You could add a group of IP addresses or ports to the Address Books. With this Address Book, you can quickly configure the control policy with multiple IP or addresses.
- Log on to the Cloud Firewall console.
- On the Create Policy to configure an access control policy.
Configurations are as follows:
page of the console, click
- Source Type: The data sender type. Select IP or Address book.
- Source: The address of data sender. If you select IP for Source Type, you must enter an IP address or CIDR block in Access Source.
- Destination Type: The type of the data's destination. You can select IP, Address Book or Domian Name.
- Destination: The data's destination address.
- Protocol: The protocol of the data. The supported protocols include TCP, UDP, and ICMP.
- Port Type: The type of the port, including Ports and Address Book.
- Destination Port: The port of the data's recipient.
- Application: The application to which the access control policy applies in the specified protocol.
- Policy Action: The action on the access traffic. You can select Allow, Monitor or Deny.
- Description: The remarks on the access control policy.