Cloud Firewall

Cloud Firewall is one of the first SaaS firewall deployed on the public cloud. It is your first choice for network security that safeguards your businesses in the cloud.

Alibaba Cloud Firewall centrally manages the policies that control the traffic from the Internet to your businesses. It also controls the traffic between VPC networks, the traffic on Express Connect instances, and the traffic generated by VPN-based remote access. Cloud Firewall is embedded with an Intrusion Prevention System (IPS) and can detect outbound connections from your assets. Alibaba Cloud Firewall can also visualize network traffic and access between businesses as well as can store network traffic logs generated within the last six months.

Core Competitiveness

Easy Activation
You can quickly activate Cloud Firewall without complex network configuration or image file installation. The firewalls are deployed in clusters to ensure high reliability. Smooth capacity expansion is supported.
Unified Public IP Management
Cloud Firewall centrally manages public IP addresses. It enables access control based on IP addresses, ports, domains, or applications. Micro-segmentation between ECS instances is supported.
Embedded Intrusion Prevention System (IPS)
IPS is developed based on the defense capabilities of Alibaba Cloud accumulated over the past ten years. It provides threat intelligence about the entire network at a low false positive rate. IPS can also block malicious requests. Cloud firewalls and IPS are required in classified protection evaluation.
Victim Server Detection and Unusual Activity Interception
Cloud Firewall detects victim servers and automatically intercepts outbound connections and other unusual network activities started by these servers. It also collects and analyzes all traffic data in real time.

Features

Traffic control at the Internet perimeter

Cloud Firewall centrally manages the inbound and outbound traffic of all public IP addresses in the cloud. It also has an embedded Intrusion Prevention System (IPS) engine.

Traffic control on Express Connect connecting Alibaba Cloud and data centers

Cloud Firewall allows you to set access policies for Express Connect instances connecting Alibaba Cloud and on-premises data centers. This helps isolate your cloud assets and data center assets.

Access control policies between VPC networks

Cloud Firewall provides access control between VPC networks and generates network logs.

Visualization of traffic between security groups

Cloud Firewall allows you to view the traffic between security groups without modifying any configuration. You can analyze the visualized traffic data to detect internal errors in your business.

Scenarios

Unified network segmentation and traffic control in the cloud

Unified network segmentation and traffic control in the cloud

Unified network segmentation and traffic control based on cloud firewalls

Cloud Firewall centrally manages the traffic that flows through the Internet perimeter, the traffic between VPC networks, the traffic between ECS instances, the traffic on Express Connect instances, and the traffic generated by VPN-based remote access.