In October 2022, the automatic traffic redirection mode is released for virtual private cloud (VPC) firewalls. You can enable the mode for VPC firewalls that are created for the Enterprise Edition transit routers of Cloud Enterprise Network (CEN) instances. This mode helps you protect east-west traffic at VPC boundaries with a few clicks. This mode is suitable in the following scenarios:
- Traffic between VPCs in the same region
- Traffic between cross-region VPCs that are connected by using an Enterprise Edition transit router
- Traffic between a VPC and a virtual border router (VBR) or a data center
- Traffic between a VPC and a Cloud Connect Network (CCN) instance
- Traffic between VBRs
- Traffic between a VBR and a CCN instance
Only Cloud Firewall Enterprise Edition and Ultimate Edition support the automatic traffic redirection mode. For more information, see Functions and features.
Suggestions
If your workloads are deployed on complex networking architectures by using an Enterprise Edition transit router of a CEN instance, you can create a VPC firewall in automatic traffic redirection mode. In automatic traffic redirection mode, you can create traffic redirection scenarios for network instances based on your business requirements. The VPC firewall automatically protects east-west traffic on the transit router based on the scenarios. This significantly improves the efficiency of O&M. For more information, see Configure a VPC firewall.