Cloud Firewall provides the intelligent policy feature, which is based on machine learning technology. Cloud Firewall recommends intelligent policies based on your IP address assets, access history, and outbound connections. Intelligent polices can be applied to the Internet firewall to control access to each destination IP address or domain name. Intelligent policies help minimize the exposure of your assets to the Internet and block outbound traffic to malicious IP addresses and domain names. This reduces risks to your business.

Background information

Cloud Firewall automatically learns your traffic from the last 30 days and recommends multiple intelligent policies based on the traffic risks it identifies. You must promptly view the details of the recommended policies in the Cloud Firewall console and determine whether to apply the intelligent policies.

Limits

Cloud Firewall automatically generates intelligent policies only for the Internet firewall.

You must manually create access control policies for internal and VPC firewalls. For more information, see Access control on an internal firewall between ECS instances and Create access control policies for outbound and inbound traffic on the Internet firewall.

Procedure

  1. Log on to the Cloud Firewall console.
  2. In the left-side navigation pane, click Access Control.
  3. On the Internet Firewall tab, click Outbound Policies or Inbound Policies based on your business requirements.
  4. Click Intelligent Policy. In the Intelligent Policy Recommendation panel, select and apply intelligent policies based on your business requirements.
    The Intelligent Policy Recommendation panel lists the inbound and outbound access control policies that Cloud Firewall recommends. You can click View Details in the Actions column of a policy to view Recommended Reason and all the recommended policies for the destination IP address in the policy. If a large number of policies are recommended, you can filter them by Recommendation Type and Destination.
    Note We recommend that you allow access to the open ports that provide services for an open public IP address on the Internet firewall and deny access to other ports. This reduces the exposure of your assets to the Internet.
    You can select one of the following methods to apply intelligent policies to your assets:
    Warning Before you apply an intelligent policy, make sure that you understand its meaning and the possible impacts on services.
    • In the list of recommended intelligent policies, select one or more policies and click Apply Selected.
    • In the list of recommended intelligent policies, find a policy and click Apply Policy in the Actions column.

Result

An intelligent policy takes effect immediately after it is applied.

On the Access Control page, you can view, modify, and delete the access control policies that are applied. For more information, see Create access control policies for outbound and inbound traffic on the Internet firewall.