<!DOCTYPE html> <html> <head> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, maximum-scale=1"> <meta charset="utf-8"> <meta name="format-detection" content="telephone=no"> <title>云防火墙 _ SaaS化防火墙_网络安全 - 腾讯云</title> <meta name="keywords" content="云防火墙 ,SaaS化防火墙,网络安全,入侵防御,访问控制,CFW,IPS,网络蜜罐,内网流量日志,出向流量管理,零信任防护,VPC边界防火墙,VPC防火墙,NAT边界防火墙,串行防火墙,DNS防火墙,域名访问控制,SQL注入,流量管理,公网日志审计"> <meta name="description" content="腾讯云防火墙( CFW)是一款基于公有云环境下的SaaS化防火墙，主要为用户提供云上的访问控制、安全隔离与业务可视，满足云端安全策略的统一管控与日志审计的需求，具备传统防火墙功能的同时也支持云上多租户、弹性扩容。是用户业务上云的第一个网络安全基础设施"> <link rel="dns-prefetch" href="//cloudcache.tencent-cloud.com" /> <link rel="dns-prefetch" href="//qcloudimg.tencent-cloud.cn" /> <link rel="icon" href="//cloudcache.tencent-cloud.com/qcloud/favicon.ico" type="image/x-icon" /> <link rel="canonical" href="https://cloud.tencent.com/product/cfw" /> <script> document.domain = 'cloud.tencent.com'; window.CDN_DOMAIN = 'cloudcache.tencent-cloud.com' </script> <link rel="stylesheet" href="//cloudcache.tencent-cloud.com/open_proj/proj_qcloud_v2/gateway/portal/css/global.css" /> <link href="//cloudcache.tencent-cloud.com/qcloud/ui/tea-portal-material-portal/build/Main/Main-202410291035.css" rel="stylesheet" /> <link href="https://cloudcache.tencent-cloud.cn/qcloud/trisys-landing/materials/material-product.c291a1a8f1f9fc6d3ba2.css" rel="stylesheet" /> <link href="https://cloudcache.tencent-cloud.com/qcloud/portal/css/roadmap/snippet.65767bde9.css" rel="stylesheet" /> <link href="//cloudcache.tencent-cloud.com/qcloud/ui/portal-set/build/DsSale/DsSale-202309121954.css" rel="stylesheet" /> <link href="https://cloudcache.tencent-cloud.com/qcloud/portal/css/anchorWidget/snippet.efb555991.css" rel="stylesheet" /> <link id="qcportal-kit-style" rel="stylesheet" href="https://cloudcache.tencent-cloud.com/qcloud/portal/kit/full.f344ca603e99f2a3ac3a.css"> <script src="https://tam.cdn-go.cn/aegis-sdk/latest/aegis.min.js"></script> <script> if (window.Aegis) { var aegis = window.aegisIns = new Aegis({ id: "dWOw9fv7jg4XmVzQ09", pagePerformance: true, onError: true, reportAssetSpeed: true, reportApiSpeed: true, ext1: '', api: { ignoreHackReg: /^https:\/\/sse\.cloud\.tencent\.(com|cn|com\.cn)/i, }, beforeRequest: function (data) { // 过滤掉一些明确上报 var ignoreKeys = [ 'Script error', 'chrome-extension', 'qq.com', 'queryWeappQrcodeStatus', 'login/ajax/info', 'woa.com', 'trafficCollect.php', 'google', 'dscache', 'act-api', 'set_qc_cookie', 'opc.cloud.tencent.com', 'uc_gre_ad_buss', 'eb.xcj.pub' ]; var alarmMsg = [data.logs.url, data.logs.msg].join('|'); for (var i=0; i<ignoreKeys.length; i++) { if (alarmMsg.indexOf(ignoreKeys[i]) != -1) return false; } // 过滤掉爬虫和开发者工具环境 if (/bot|wechatdevtools|spider/i.test(navigator.userAgent)) { return false; } // 过滤掉堆栈里无js文件的 if (data.logs.level === '4' && data.logs.msg && data.logs.msg.indexOf('.js') === -1) { return false; } } }) } </script> </head> <body> <script> var userAgent = navigator.userAgent || 'unknown'; userAgent = userAgent.toLowerCase(); var iosReg = /ip(hone|ad|od)/i; var isIOS = iosReg.test(userAgent); var isMac = userAgent.indexOf('macintosh') > -1; var bodyClassName = isIOS || isMac ? 'tpm2-product-type-mac' : ''; if (bodyClassName) { document.body.className += ' ' + bodyClassName; } </script> <div id="qcportal-kit-topnav"><div role="navigation" id="navigationBar" data-type="cn_zh" class="pls-nav pls-nav-air "><div class="pls-nav-mod"><div class="pls-nav-top"><a class="pls-nav-top-logo" href="https://cloud.tencent.com" hotrep="hp.header.hp"><i>腾讯云</i></a><div class="pls-nav-list-wrap"><ul class="pls-nav-list"><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.act" href="https://cloud.tencent.com/act">最新活动<i class="pls-nav-tag hot"><span class="pls-nav-tag-text">HOT</span></i></a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.product" href="https://cloud.tencent.com/product">产品</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.solution" href="https://cloud.tencent.com/solution">解决方案</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.price" href="https://buy.cloud.tencent.com/pricing">定价</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.ecenter" href="https://cloud.tencent.com/act/pro/center">企业中心</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.market" href="https://market.cloud.tencent.com">云市场</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.developer" href="https://cloud.tencent.com/landing/developer-ecology">开发者</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.support" href="https://cloud.tencent.com/act/event/service-support">客户支持</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.cooperate" href="https://cloud.tencent.com/landing/partner-ecology">合作与生态</a></li><li class="pls-nav-item" tabindex="-1"><a role="button" hotrep="hp.header.learn" href="https://cloud.tencent.com/about">了解腾讯云</a></li></ul></div><div class="pls-nav-top-operation"></div></div><section class="pls-nav-dropdown" style="visibility:hidden;height:0"><div style="height:0;transition:transform ease-in-out .2s, opacity ease-in-out .2s;opacity:0;transform:translate(0, -100%)"><a class="pls-nav-dropdown-close" hotrep="hp.header.close">关闭</a></div></section></div></div> <div id="navigationBarM" class="pls-m-nav"><div class="pls-m-nav-bar"><div class="pls-m-nav-bar-main"><a href="https://cloud.tencent.com/" class="pls-m-nav-logo"></a></div><div class="pls-m-nav-bar-extra"><a class="pls-m-nav-btn" aria-label="搜索"><i class="pls-m-nav-btn-icon search"></i></a><a class="pls-m-nav-btn profile" aria-label="用户"><i class="pls-m-nav-btn-icon user"></i></a><a class="pls-m-nav-btn" aria-label="菜单"><i class="pls-m-nav-btn-icon menu"><span></span><span></span><span></span></i></a></div></div><div class="pls-m-nav-dropdown search" style="display:none"><div class="pls-m-nav-search"><div class="pls-m-nav-search-bar"><input type="text" class="pls-m-nav-search-input" placeholder="请输入搜索的关键词" value=""/><a class="pls-m-nav-search-btn">搜索</a></div></div></div></div></div> <div id="app-root" aegis-first-screen-timing="true"> <div class="product-detail-page" style="position:relative"><div class="block-container view-control"><div class="" id="JhECKbZzu" data-id="JhECKbZzu"><div role="banner" class="tpm-prod-hero tpm-prod-hero-version-v2 tpm-prod-hero--with-video tpm-prod-hero--with-activity"><div class="tpm-prod-hero__bg-wrap"><div class="tpm-prod-hero__bg"><div class="tpm-prod-hero__bg-inner" style="background-image:url(&quot;https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/ARD_2xyU6WCbMppEn5B3Q.jpg&quot;)"></div></div></div><div class="tpm-prod-hero__inner"><div class="tpm-prod-hero__seo"><img alt="" src=""/></div><div class="tpm-prod-hero__content"><div><div><div class="tpm-prod-hero__header"><h1 class="tpm-prod-hero__tit" id="hero_tit"><span>T-Sec 云防火墙</span></h1><button hotrep="product.cfw.banner.video_title" class="tpm-prod-hero__video-btn"><i class="tpm-prod-hero__video-btn-icon"></i><span class="tpm-prod-hero__video-btn-text">观看视频</span></button></div><p class="tpm-prod-hero__desc">腾讯云防火墙（Cloud Firewall，CFW）是一款基于公有云环境下的 SaaS 化防火墙，主要为用户提供互联网边界的防护，解决云上访问控制的统一管理与日志审计的安全与管理需求。云防火墙不仅具备传统防火墙功能，同时也支持云上多租户、弹性扩容功能，是用户业务上云的第一个网络安全基础设施。</p></div></div><div class="tpm-prod-hero__btn-group"><div class="tpm-prod-hero__btn-group--primary"><a class="tpm-btn tpm-prod-hero__btn tpm-btn--primary" href="https://buy.cloud.tencent.com/cfw" hotrep="product.cfw.banner.btn1"><span class="tpm-btn__text">立即选购</span></a><a class="tpm-btn tpm-prod-hero__btn tpm-btn--primary tpm-prod-hero__btn--white" href="https://cloud.tencent.com/document/product/1132" hotrep="product.cfw.banner.btn2"><span class="tpm-btn__text">产品文档</span></a></div><div class="tpm-prod-hero__btn-group--link"><a class="tp-link tpm-link" href="https://cloud.tencent.com/apply/p/rnsd7a2ccwp" hotrep="product.cfw.banner.btn3"><span class="tp-link__inner">免费等保咨询</span></a></div></div></div></div></div><div class="tpm-prod-hero__activity is-open is-justfy"><div class="tpm-prod-hero__activity-inner"><ul class="tpm-prod-hero__activity-list"><li hotrep="product.cfw.banner.announce1" class="tpm-prod-hero__activity-item"><a href="https://cloud.tencent.com/act/event/Sec_purchase_home?module=solution&amp;solution=ccpc" class="tpm-prod-hero__activity-link"><span class="tpm-prod-hero__activity-tag tpm-prod-hero__activity-tag--promotion">优惠活动</span><span class="tpm-prod-hero__activity-text"><span class="tpm-prod-hero__activity-text-inner">腾讯云安全等保优惠活动，批量购买安全产品更优惠</span></span></a></li></ul></div></div></div><div style="padding-bottom:60px" id="4hBmPpkLq" data-id="4hBmPpkLq" class="with-gap"><header class="tpm-section__hd" style="padding-top:60px" id="fvUuZP3w4I" data-id="fvUuZP3w4I"><h2 class="tl-anchor tpm-section__title">产品特性</h2></header><div class="view-column"><div><div class="tp-grid__layout"><div><div class="tp-grid__row tp-grid--gutter-8n"><div class="tp-grid__col tp-grid__col--8 tp-grid__col--pad-12 tp-grid__col--phone-24"><div class="tpm-feature__item"><img src="https://cloudcache.tencentcs.cn/qcloud/tcloud_dtc/static/tc_portal_icon/c4882bc4-0e8f-4f01-9abd-0dd9792fded7.png" alt="" class="tpm-feature__item-icon"/><div class="tpm-feature__item-bd"><h3 class="tpm-feature__item-title">风险事前排查</h3><div class="tpm-feature__item-desc">支持互联网资产暴露面分析，并集成攻击者视角的漏洞扫描功能， 可以对云上资产的暴露情况、漏洞情况做到清晰掌握，在风险产生之前就能知晓。</div></div></div></div><div class="tp-grid__col tp-grid__col--8 tp-grid__col--pad-12 tp-grid__col--phone-24"><div class="tpm-feature__item"><img src="https://cloudcache.tencentcs.cn/qcloud/tcloud_dtc/static/tc_portal_icon/5ecb8743-6796-4f99-b74b-35a4e0e2889d.png" alt="" class="tpm-feature__item-icon"/><div class="tpm-feature__item-bd"><h3 class="tpm-feature__item-title">攻击实时拦截</h3><div class="tpm-feature__item-desc">支持防火墙 ACL 主动管控、IPS 实时拦截、虚拟补丁和恶意代码检测；并结合全网威胁情报，实时拦截主机异常外联情况。高级版以上还支持集成 NAT 能力的边界防火墙。</div></div></div></div><div class="tp-grid__col tp-grid__col--8 tp-grid__col--pad-12 tp-grid__col--phone-24"><div class="tpm-feature__item"><img src="https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/xgJ64tJHKzvA0U3n1h5j5.png" alt="" class="tpm-feature__item-icon"/><div class="tpm-feature__item-bd"><h3 class="tpm-feature__item-title">事件溯源取证</h3><div class="tpm-feature__item-desc">支持全流量的网络日志分析，可留存6个月，满足等保合规要求。并支持高级威胁溯源分析，可分析域名的注册、解析、备案及历史解析信息。</div></div></div></div></div></div></div></div></div></div><div class="tl-scene-frameworks-vertical with-gap" id="K0OArUyba" data-id="K0OArUyba"><header class="tpm-section__hd" style="padding-top:60px" id="76Ka_LsdlI" data-id="76Ka_LsdlI"><h2 class="tl-anchor tpm-section__title">应用场景</h2></header><div class="tl-tabs"><div class="view-column"><div class="tl-tabs__bar"><ul class="tl-tabs__list"><li class="tl-tabs__item is-active"><div class="tl-tabs__item-cont is-active">漏洞发现防护</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">主动外联管控</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">DMZ 分区管控</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">等保合规</div></li></ul></div></div><div class="tl-tabs__cont" style="padding-left:0;padding-right:0"><div class="tl-tabs__panel" style="transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"><div class="tl-framework tpm-media-section"><div class="view-column"><div class="tpm-draft tpm-media-section__content"><div class="tpm-rich-text"><p class="ts-p">通过云防火墙，帮助您梳理资产在互联网暴露情况。可一键开启 IPS 虚拟补丁和威胁情报，进行精准防护。</p></div></div><div class="tp-grid__row tpm-media standalone"><div class="tp-grid__col tpm-media__object"><img style="max-width:100%" src="https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/Ps1nBYyZNA4HqPuQJVIJl.png"/></div></div></div></div></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div></div></div></div><div style="padding-bottom:60px" id="xve53oefQ" data-id="xve53oefQ" class="with-gap"><header class="tpm-section__hd" style="padding-top:60px" id="8658DShG1q" data-id="8658DShG1q"><h2 class="tl-anchor tpm-section__title">产品路线图</h2><div class="tpm-section__sub"><span class="tpm-section__desc"></span><span class="tpm-section__links"><a href="https://cloud.tencent.com/product/events" class="tp-link tpm-link tp-link--arrow"><span class="tp-link__inner">查看更多</span></a></span></div></header><div class="view-column"><div id="roadmap-container" class="roadmap-container" style="min-height:426px"><!-- SSR_STUB/PRODUCT_ROADMAP --></div></div></div><div style="padding-bottom:60px" id="jqJ9Kn0dK" data-id="jqJ9Kn0dK" class="with-gap bg-gray"><header class="tpm-section__hd" style="padding-top:60px" id="AJW6Z7SDGw" data-id="AJW6Z7SDGw"><h2 class="tl-anchor tpm-section__title">帮助与文档</h2></header><div class="view-column"><div class="tpm-doc"><div class="tp-grid__row tpm-doc__list"><div class="tp-grid__col tp-grid__col--12 tp-grid__col--pad-12 tp-grid__col--phone-24"><a href="https://cloud.tencent.com/document/product/1132/38045" class="tpm-doc__item"><h3 class="tpm-doc__item-title">产品概述</h3><div class="tpm-doc__item-desc">帮助您快速了解云防火墙的产品定位、优势功能。</div></a></div><div class="tp-grid__col tp-grid__col--12 tp-grid__col--pad-12 tp-grid__col--phone-24"><a href="https://cloud.tencent.com/document/product/1132/50107" class="tpm-doc__item"><h3 class="tpm-doc__item-title">新手指引</h3><div class="tpm-doc__item-desc">本文将为刚入门云防火墙的用户提供一条学习路径。</div></a></div><div class="tp-grid__col tp-grid__col--12 tp-grid__col--pad-12 tp-grid__col--phone-24"><a href="https://cloud.tencent.com/document/product/1132/38049" class="tpm-doc__item"><h3 class="tpm-doc__item-title">购买指南</h3><div class="tpm-doc__item-desc">云防火墙为用户提供三个收费版本，分别是 高级版、企业版和旗舰版。</div></a></div><div class="tp-grid__col tp-grid__col--12 tp-grid__col--pad-12 tp-grid__col--phone-24"><a href="https://cloud.tencent.com/document/product/1132/46928" class="tpm-doc__item"><h3 class="tpm-doc__item-title">操作指南</h3><div class="tpm-doc__item-desc">提供云防火墙控制台各功能模块的操作步骤、配置指引。</div></a></div></div></div></div></div><div id="rxX72_izM" data-id="rxX72_izM" class="tl-faqs with-gap"><header class="tpm-section__hd" style="padding-top:60px" id="N2sngLBJdD" data-id="N2sngLBJdD"><h2 class="tl-anchor tpm-section__title">常见问题</h2></header><div style="margin-bottom:40px"><div class="tl-tabs tl-tabs--blank"><div class="view-column"><div class="tl-tabs__bar"><ul class="tl-tabs__list"><li class="tl-tabs__item is-active"><div class="tl-tabs__item-cont is-active">一般常见问题</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">计费</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">带宽</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">防火墙</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">功能</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">日志</div></li><li class="tl-tabs__item"><div class="tl-tabs__item-cont">账号</div></li></ul></div></div><div class="tl-tabs__cont"><div class="tl-tabs__panel" style="transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"><div class="tl-faq-list tpm-faq__list"><div class="view-column"><div class="tpm-faq__item is-open"><div class="tpm-faq__item-hd"><h3 class="tpm-faq__item-title">云防火墙是什么？</h3><i class="tpm-faq__item-icon"></i></div><div class="tpm-faq__item-bd"><div class="tpm-rich-text"><p class="ts-p">云防火墙（Cloud Firewall，CFW）是一款基于公有云环境下的 SaaS 化防火墙，主要为用户提供互联网边界的防护，解决云上访问控制的统一管理、日志审计的安全和管理需求。云防火墙不仅具备传统防火墙功能，同时也支持云上多租户和弹性扩容功能，是用户业务上云的第一个网络安全基础设施。</p></div></div></div><div class="tpm-faq__item"><div class="tpm-faq__item-hd"><h3 class="tpm-faq__item-title">云防火墙是否可以防护非腾讯云上的资产？</h3><i class="tpm-faq__item-icon"></i></div></div><div class="tpm-faq__item"><div class="tpm-faq__item-hd"><h3 class="tpm-faq__item-title">云防火墙是否能部署在专有云上？</h3><i class="tpm-faq__item-icon"></i></div></div><div class="tpm-faq__item"><div class="tpm-faq__item-hd"><h3 class="tpm-faq__item-title">云防火墙和安全组有什么区别?</h3><i class="tpm-faq__item-icon"></i></div></div><div class="tpm-faq__item"><div class="tpm-faq__item-hd"><h3 class="tpm-faq__item-title">云防火墙、WAF 产品的区别？</h3><i class="tpm-faq__item-icon"></i></div></div></div></div></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div><div class="tl-tabs__panel" style="height:0;width:0;overflow:hidden;opacity:0;padding:0;margin:0;pointer-events:none;display:block;transform:translate3d(0, 10px, 0);transition:opacity .45s ease, transform .45s ease;transform-origin:center;flex-shrink:0"></div></div></div></div><div style="margin-top:40px;padding-bottom:60px" id="6MF7pw1l8e" data-id="6MF7pw1l8e"><div class="view-column" style="text-align:center"><div class="tpm-rich-text"><p class="ts-p">更多问题请查看 <a class="ts-link" href="https://cloud.tencent.com/document/product/1132/56713">常见问题</a>，也可在 <a class="ts-link" href="https://cloud.tencent.com/developer/ask">问答社区</a> 中进行提问 。</p></div></div></div></div><div class="tl-call2action" id="AM-buRGvV" data-id="AM-buRGvV"><div class="tpm-2-action-panel"><div class="tpm-2-action-panel__inner"><main class="tpm-2-action-panel__main"><div class="tpm-2-action-panel__desc">按照我们的 <a href="https://cloud.tencent.com/document/product/1132/50107">入门指南</a>，只需进行简单的配置，即可使用云防火墙功能，开启方便，无需部署。</div><div class="tpm-2-action-panel__btns"><a class="tpm-btn tpm-btn--white-hole" href="https://console.cloud.tencent.com/cfw?adtag=cfw.from.web.cfw"><span class="tpm-btn__text">开始使用</span></a></div></main><aside class="tpm-2-action-panel__side"></aside></div></div></div><div id="doc-container"></div></div></div> </div> <script> window.__QCPortalContext__ = { version: "0.5.0", resource: {}, $getCurrServerTime: (function(s, c) {return function(){return +new Date()+s-c;}})(1732695285974, +new Date()), } </script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/kit/full.c9aa1f7ce.js"></script> <script> if (window.QCPortalKit) { window.QCPortalKit.init({"version":"v2","site":{"replaceUrlTLDScope":"page"},"topNav":{"theme":"air"},"floatBar":{"satisfactionSurveyPageUrl":"https://cloud.tencent.com/product/cfw"},"footer":{"disable":false}}) } </script> <script> window.isServerContext = false; window.isClientContext = true; window.$serverTime = 1732695285975; window.$clientTime = Date.now(); window.$user = {"isLogined":false}; </script> <script src="//cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/libs/jsencrypt-standalone.min.js" crossOrigin=""></script> <script src="//cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/vendors/babel/polyfill.6.26.min.js"></script> <script src="//cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/vendors/react/react.17.0.2.min.js"></script> <script src="//cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/vendors/react/react-dom.17.0.2.min.js"></script> <script src="//cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/vendors/jquery-3.2.1.min.js"></script> <script src="/qccomponent/login/api.js"></script> <script src="https://cloudcache.tencent-cloud.com/qcloud/main/scripts/release/common/base.c9f6fc3ef1ac545931f6.js?max_age=31536000"></script> <script>window.__TRI_PAGE_STATE__={"kind":"page","id":"blank","slug":"blank","name":"product-detail","scenes":[{"id":"1","slug":"","title":""}],"collection":{"1":[{"kind":"block","name":"hero-prod","data":{"title":"T-Sec 云防火墙","desc":"腾讯云防火墙（Cloud Firewall，CFW）是一款基于公有云环境下的 SaaS 化防火墙，主要为用户提供互联网边界的防护，解决云上访问控制的统一管理与日志审计的安全与管理需求。云防火墙不仅具备传统防火墙功能，同时也支持云上多租户、弹性扩容功能，是用户业务上云的第一个网络安全基础设施。","abstract":"腾讯云原生的 SaaS 化防火墙，客户业务上云的第一个网络安全基础设施，重保利器，等保必备","bgImage":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/ARD_2xyU6WCbMppEn5B3Q.jpg","buttons":[{"title":"立即选购","to":"https://buy.cloud.tencent.com/cfw","__vid__":"oMzlqw0-Nt07yWhUpAXm6"},{"title":"产品文档","to":"https://cloud.tencent.com/document/product/1132","type":"doc","__vid__":"403WOrpCZk_wtgAuBqb1A"}],"notices":{"list":[{"tag":"act","title":"腾讯云安全等保优惠活动，批量购买安全产品更优惠","__vid__":"n0TVU3hnbfKXa8jjAdTbt","to":"https://cloud.tencent.com/act/event/Sec_purchase_home?module=solution&solution=ccpc"}]},"links":[{"title":"免费等保咨询","to":"https://cloud.tencent.com/apply/p/rnsd7a2ccwp","__vid__":"b9j0cx-iIK9R2jrEBNqR_"}],"video":{"source":"https://cloud.tencent.com/edu/learning/quick-play/2841-53920?auto=1&source=gw.pro.media"},"contentLayout":"default","backgroundLayout":"picture","operationLayout":"notices","contentVideo":{"title":"观看视频","source":"https://cloud.tencent.com/edu/learning/quick-play/2841-53920?auto=1&source=gw.pro.media"}},"id":"JhECKbZzu"},{"kind":"block","name":"feature-matrix","data":{"list":[{"icon":"https://cloudcache.tencentcs.cn/qcloud/tcloud_dtc/static/tc_portal_icon/c4882bc4-0e8f-4f01-9abd-0dd9792fded7.png","title":"风险事前排查","desc":"支持互联网资产暴露面分析，并集成攻击者视角的漏洞扫描功能， 可以对云上资产的暴露情况、漏洞情况做到清晰掌握，在风险产生之前就能知晓。","__vid__":"umX546aCwIPyKtnbYnEiz"},{"icon":"https://cloudcache.tencentcs.cn/qcloud/tcloud_dtc/static/tc_portal_icon/5ecb8743-6796-4f99-b74b-35a4e0e2889d.png","title":"攻击实时拦截","desc":"支持防火墙 ACL 主动管控、IPS 实时拦截、虚拟补丁和恶意代码检测；并结合全网威胁情报，实时拦截主机异常外联情况。高级版以上还支持集成 NAT 能力的边界防火墙。","__vid__":"zotDkjVryk-87lO7qJUvi"},{"icon":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/xgJ64tJHKzvA0U3n1h5j5.png","title":"事件溯源取证","desc":"支持全流量的网络日志分析，可留存6个月，满足等保合规要求。并支持高级威胁溯源分析，可分析域名的注册、解析、备案及历史解析信息。","__vid__":"CSS_vEjcU_Njc_INPNnu9"}]},"id":"4hBmPpkLq","collection":{"header":[{"kind":"block","name":"section-header","data":{"title":"产品特性"},"id":"fvUuZP3w4I"}]}},{"kind":"block","name":"scene-frameworks-vertical","data":{"tabs":[{"id":"2","label":"漏洞发现防护","content":{"content":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"通过云防火墙，帮助您梳理资产在互联网暴露情况。可一键开启 IPS 虚拟补丁和威胁情报，进行精准防护。"}]}],"id":"9a22e358-acb1-47f5-9d25-344d5035cef2"}]},"image":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/Ps1nBYyZNA4HqPuQJVIJl.png","aside":{}},"__vid__":"7eCTZKdM3UiPLJwu66EXn"},{"id":"1","label":"主动外联管控","content":{"content":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙支持基于域名的访问控制，可对主动外联行为进行精准管控。"}]},{"type":"p","children":[{"text":"高级版以上还支持 NAT 边界防火墙，集成 NAT 能力，支持基于 CVM 虚拟机颗粒度的主动外联管控。"}]}],"id":"9a22e358-acb1-47f5-9d25-344d5035cef2"}]},"image":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/vx-hID7Zp6jEYlpembH26.png","aside":{}},"__vid__":"QnZm3cYgaStsFgODrbvq4"},{"id":"5gSsBABJWgT6aMnbVAlV8","label":"DMZ 分区管控","content":{"content":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"可实现传统网络中的 DMZ 区需求，将核心资产重点防护，实现 VPC 间的细粒度隔离管控。"}]},{"type":"p","children":[{"text":"企业版及以上版本可扩展支持 VPC 间的防护功能。"}]}],"id":"9a22e358-acb1-47f5-9d25-344d5035cef2"}]},"image":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/EBLNRVPEYnecMImjPp1KY.png","aside":{}},"__vid__":"5qSShuQ_Rh2sOrbFY92Ai"},{"id":"md03zgdvdPjOPjEo839aw","label":"等保合规","content":{"content":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"通过云防火墙产品能满足等保2.0的这几项要求：互联网边界隔离、漏洞扫描和入侵防御、留存6个月的网络流量日志。"}]}],"id":"9a22e358-acb1-47f5-9d25-344d5035cef2"}]},"image":"https://qcloudimg.tencent-cloud.cn/trisys/assets/product/images/jHnXbIfd4Yn6aGYIn5d9E.png","aside":{}},"__vid__":"Vx1hIzNbHpaoagzetTat9"}]},"id":"K0OArUyba","collection":{"header":[{"kind":"block","name":"section-header","data":{"title":"应用场景"},"id":"76Ka_LsdlI"}]}},{"kind":"block","name":"roadmap","data":{},"logics":[],"id":"xve53oefQ","collection":{"header":[{"kind":"block","name":"section-header","data":{"title":"产品路线图","links":[{"title":"查看更多","to":"https://cloud.tencent.com/product/events","__vid__":"zcniJ_3mSms1LQ4WopGyX"}]},"logics":[],"id":"8658DShG1q","collection":{}}]}},{"kind":"block","name":"documents","data":{"documents":[{"title":"产品概述","desc":"帮助您快速了解云防火墙的产品定位、优势功能。","to":"https://cloud.tencent.com/document/product/1132/38045","__vid__":"iBfT3cTE24foHi88GF06Y"},{"title":"新手指引","desc":"本文将为刚入门云防火墙的用户提供一条学习路径。","to":"https://cloud.tencent.com/document/product/1132/50107","__vid__":"LoRewBltfAA64pcZLfHbk"},{"title":"购买指南","desc":"云防火墙为用户提供三个收费版本，分别是 高级版、企业版和旗舰版。","to":"https://cloud.tencent.com/document/product/1132/38049","__vid__":"SJY1UiTib31dDfVNn3Z4I"},{"title":"操作指南","desc":"提供云防火墙控制台各功能模块的操作步骤、配置指引。","to":"https://cloud.tencent.com/document/product/1132/46928","__vid__":"vOpSLoT-2UHaIUUxCI_Q3"}]},"id":"jqJ9Kn0dK","collection":{"header":[{"kind":"block","name":"section-header","data":{"title":"帮助与文档"},"id":"AJW6Z7SDGw"}]},"className":"bg-gray"},{"kind":"block","name":"faqs","data":{"groups":[{"id":"1","label":"一般常见问题","list":[{"question":"云防火墙是什么？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙（Cloud Firewall，CFW）是一款基于公有云环境下的 SaaS 化防火墙，主要为用户提供互联网边界的防护，解决云上访问控制的统一管理、日志审计的安全和管理需求。云防火墙不仅具备传统防火墙功能，同时也支持云上多租户和弹性扩容功能，是用户业务上云的第一个网络安全基础设施。"}]}],"id":"2868a923-42b0-4af4-86e3-c74cfec41597"}]}},{"question":"云防火墙是否可以防护非腾讯云上的资产？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"防火墙仅能防护腾讯云账号下的 IP 资产，不支持非腾讯云的资产。"}]}],"id":"1efc9813-28ae-4075-9c90-7df66f0c363a"}]}},{"question":"云防火墙是否能部署在专有云上？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"TCE 专有云从380版本后，开始支持云防火墙服务。"}]}],"id":"2adcf651-5d57-49c1-b5ce-091fee911d4c"}]}},{"question":"云防火墙和安全组有什么区别?","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙和安全组是两个独立的系统，在外网 EIP 开启互联网开关开启的状态下，策略同时放通，流量才放行。"}]},{"type":"uli","children":[{"text":"二者控制的目标不一样。 互联网边界防火墙控制的是公网 IP 的公网访问流量，安全组控制的是 CVM 网卡的所有流量。"}]},{"type":"uli","children":[{"text":"云防火墙和安全组作用的粒度不一样的，安全组作用于实例，云防火墙作用于公网 IPS 、NAT边界防护和 VPC 间的对等连接或云联网。"}]},{"type":"uli","children":[{"text":"安全组 ACL 只是云防火墙最基本功能，云防火墙更重要的是有全流量日志审计及入侵防御（IPS）的实时拦截能力。"}]}],"id":"195c9036-70d3-4395-8900-888c485a3b56"}]}},{"question":"云防火墙、WAF 产品的区别？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"WAF 只针对 Web 业务防护，对非 Web 类业务没有防护能力，且只防护由外对内的攻击。对业务的恶意主动外联没有监测和防护能力。"}]},{"type":"uli","children":[{"text":"云防火墙包涵全部业务防护，支持对 Web 漏洞的基础防护，同时支持内对外的主动外联流量检测。支持失陷主机和恶意外联的自动拦截。"}]}],"id":"195c9036-70d3-4395-8900-888c485a3b56"}]}}],"__vid__":"XdwH5t1WlsYPSxtCnV4Pg"},{"id":"2","label":"计费","list":[{"question":"云防火墙是否支持修改配置？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙可以通过升级扩容来提升已购买的配置，暂时不支持自主降低已购买的版本配置。"}]}],"id":"69514914-4be6-4a40-a40b-f1afb0c2d692"}]},"__vid__":"4E_wZKi5FZLgkokrC3b-X"},{"question":"云防火墙到期后可以续费吗？到期后资源会被系统回收吗？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙使用期限只支持在购买时选择，在到期之后会自动停止服务，需要继续使用可以重新购买，对业务不会造成影响。"}]},{"type":"uli","children":[{"text":"若在产品到期14天内续费，可以恢复配置信息。"}]},{"type":"uli","children":[{"text":"产品到期14天后，系统回收所有云防火墙的资源且无法恢复，只能重新购买后再次配置。"}]}],"id":"ab2bfb23-0988-43fa-9e9b-fa8ef84b40b1"}]},"__vid__":"6uj2I_raI6B0dLjuTTPu_"},{"question":"一个账号可以购买几个云防火墙？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"一个账号能购买一个云防火墙，目前云防火墙提供四个收费版本，分别是 IPS 版、高级版、企业版和旗舰版。"}]}],"id":"ca17ce23-bd56-4878-a2ba-8c629b4b85be"}]},"__vid__":"ElD_3FB3wzi4_SL_mxcVf"},{"question":"我买了NAT防火墙后，还需要支付 NAT 防火墙绑定的外网 EIP 的流量费么？","answer":{"mod":"slate","content":[{"type":"uli","children":[{"text":"如果您使用的为接入模式，防火墙与NAT网关之间为内网路由，不会收取额外费用。"}]},{"type":"uli","children":[{"text":"如果您使用的为新增模式，防火墙可以绑定EIP，具体收费以EIP侧为准。"}]}]},"__vid__":"IbGs5zd9rgAibzCyq5I6n"},{"question":"云火墙是否可以退费？","answer":{"mod":"slate","content":[{"type":"p","children":[{"text":"云防火墙产品遵守腾讯云 "},{"type":"link","url":"https://cloud.tencent.com/document/product/555/7440","title":"https://cloud.tencent.com/document/product/555/7440","children":[{"text":"云服务退货说明"}]},{"text":"，若您在购买云防火墙后有任何不满意，我们支持五天无理由退款。如需退款，请 "},{"type":"link","url":"https://console.cloud.tencent.com/workorder/category?level1_id=517&level2_id=727&source=0&data_title=%E5%85%B6%E4%BB%96%E8%85%BE%E8%AE%AF%E4%BA%91%E4%BA%A7%E5%93%81&level3_id=728&radio_title=%E5%8A%9F%E8%83%BD%E5%92%A8%E8%AF%A2&queue=3026&scene_code=17783&step=2","title":"https://console.cloud.tencent.com/workorder/category?level1_id=517&level2_id=727&source=0&data_title=%E5%85%B6%E4%BB%96%E8%85%BE%E8%AE%AF%E4%BA%91%E4%BA%A7%E5%93%81&level3_id=728&radio_title=%E5%8A%9F%E8%83%BD%E5%92%A8%E8%AF%A2&queue=3026&scene_code=17783&step=2","children":[{"text":"提交工单"}]},{"text":" 联系我们，产品使用超过5天后，不支持退款。"}]}]},"__vid__":"zUm80q3vSNBvOM9LdbG_2"}],"__vid__":"flfjcBkfo1eiQmjq7DI7c"},{"id":"计费","label":"带宽","list":[{"question":"带宽是什么，用户怎么挑选合适的带宽？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"云防火墙的带宽与其他网络产品的带宽相互独立，因此云防火墙的带宽需要单独购买。"}]},{"type":"uli","children":[{"text":"NAT 和云防火墙相互独立，并相互串联。因此，需要挑选相同或更高容量的云防火墙带宽，来以确保边界防火墙带宽和 NAT 边界吞吐量满足用户的需求。"}]}],"id":"c6f63629-6968-47bb-9cf1-a59a6e22dce9"}]},"__vid__":"ngk5Xz6mO2haPhp10rS_o"},{"question":"峰值带宽是指什么，是上行带宽还是下行带宽？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"峰值带宽指的是上行和下行的带宽最大值。例如果购买100Mbps带宽，那么云防火墙能够同时处理上行100Mbps和下行100Mbps。"}]}],"id":"fe26538e-00b5-429f-a6c3-1690adb4b087"}]},"__vid__":"M9h4Cz2hIgeMfUZauyCZC"},{"question":"业务带宽超峰值带宽限制，会对我有业务影响么？","answer":{"mod":"slate","content":[{"id":"JfxPQJgkcYYgR2ZYt01Ha","children":[{"text":"互联网边界防火墙属于旁路部署，超过防护带不会造成客户业务流量丢包，不会影响客户流量速率，但是不会进行防护。"}],"type":"uli","start":false},{"id":"ujFnS9uqbTxQsGS_R0MAw","children":[{"text":"请持续关注云防火墙带宽告警，在带宽较高时，关闭一部分云防火墙开关，或扩展带宽以保证监控正常运行，确保业务安全。"}],"type":"uli","start":false},{"id":"8Inm79fYTWwQNlD4F4UOe","children":[{"text":"自2023年06月15日起，互联网边界防火墙将对超过带宽规格的公网流量更新为以下服务降级措施："}],"type":"uli","start":false},{"id":"Qh0CZQY8Pc6k3GaT7eBFF","children":[{"text":"当公网流量持续超量达（5分钟）带宽规格120%，入侵防御功能失效，但访问控制和日志功能仍然有效。"}],"type":"uli","start":false,"indent":1},{"id":"-RHsCSWd-ltBTfLAYMd6E","children":[{"text":"当公网流量持续超量达（5分钟）带宽规格150%，入侵防御功能、访问控制和日志功能失效。"}],"type":"uli","start":false,"indent":1},{"id":"gBmOQV8_0gVVzYQ_Z62eQ","children":[{"text":"当公网流量连续（1分钟）下降到带宽规格之下时，入侵防御功能、访问控制和日志功能会自动恢复。"}],"type":"uli","start":false,"indent":1}]},"__vid__":"_lfgsveu1_9IVsQVJitnI"},{"question":"云防火墙互联网边界带宽会限制流量吗？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙不会限制流量。"}]}],"id":"fe26538e-00b5-429f-a6c3-1690adb4b087"}]},"__vid__":"jQKBqf6_n36XIIllL9fYU"},{"question":"出入站的带宽是分别计算的吗？若出站带宽超出购买规格，会影响入站流量的规则匹配吗？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"是的，出入站的带宽是分别计算的。"}]},{"type":"uli","children":[{"text":"云防火墙对超出购买带宽部分不承诺防护，若仅是出站的流量超出购买带宽无法匹配规则，不会影响入站流量的规则匹配。"}]}],"id":"fe26538e-00b5-429f-a6c3-1690adb4b087"}]},"__vid__":"ouVJ0bs2nZS8Hgp9euBeq"}],"__vid__":"xz49JT5FrrCNqpnwYO5BJ"},{"id":"Ft94GW445005YF4AWO2G2","label":"防火墙","list":[{"question":"云防火墙支持防护哪些协议？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"互联网边界防火墙目前支持 TCP、HTTP 以及 HTTPS 协议。"}]},{"type":"uli","children":[{"text":"NAT 边界防火墙支持 TCP、UDP、ICMP、HTTP、HTTPS、SMTP、SMTPS 以及 FTP 协议。"}]},{"type":"uli","children":[{"text":"VPC 间防火墙支持 TCP、UDP 以及 ICMP 协议。"}]}],"id":"763c2445-e5f6-47b9-bb5e-d88359f5a1a4"}]},"__vid__":"Vdwxypkfxiz745pjwVXwY"},{"question":"什么是互联网边界防火墙？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"互联网边界是指互联网与腾讯云内网的边界，互联网边界流量就是您的云上资产与互联网之间通信的流量，也称南北向流量。"}]},{"type":"uli","children":[{"text":"互联网边界防火墙是检测南北向流量的防火墙，是一种集群式防火墙。"}]},{"type":"uli","children":[{"text":"互联网边界防火墙生效于您的弹性公网IP的关联资产与外部互联网之间。"}]}],"id":"763c2445-e5f6-47b9-bb5e-d88359f5a1a4"}]},"__vid__":"PRDFObJfMoB-dI_Emmihe"},{"question":"NAT 防火墙出去的数据会不会过两遍防火墙?","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"过两遍，一道管理内网 IP，一道管理公网 IP。"}]}],"id":"763c2445-e5f6-47b9-bb5e-d88359f5a1a4"}]},"__vid__":"DDgHgBimZFSqXoIGMB-CS"},{"question":"为什么有部分 VPC 间防火墙开关无法开启？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"由于路由和网段冲突等原因，云防火墙对产生冲突的开关进行了限制，您可以根据开关错误提示消除冲突后，再尝试开启 VPC 间防火墙。"}]}],"id":"763c2445-e5f6-47b9-bb5e-d88359f5a1a4"}]},"__vid__":"AzEMdj68ZlAIgT5mnVxqF"}],"__vid__":"LSlTw_nrs8Zji8Dd940_P"},{"id":"i7uUxzQeErF0UdAjbRSx4","label":"功能","list":[{"question":"云防火墙流量带宽图的具体延迟时间多长？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"一般情况下延迟1分钟。"}]}],"id":"37bd29ab-b8c4-4a19-9c02-dbc9d5131792"}]},"__vid__":"eOHQl3C8UgK7N-Cx1wIA7"},{"question":"未配置任何规则时，云防火墙默认规则是放行还是拦截？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙默认放行所有流量，打开云防火墙开关后，云防火墙会开始记录流量日志并产生入侵防御告警，但由于没有配置规则，所以此时不会阻断任何流量。"}]}],"id":"eb62c0b9-d30f-4b6a-9738-b84f0c2a7fd8"}]},"__vid__":"svIPF7AaO9Uzx1xH7LMaw"},{"question":"哪些流量经过入侵防御模块的检查？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"互联网防火墙和 NAT 防火墙的流量都会经过入侵检测模块的检查。"}]}],"id":"000d5cfa-c3ee-43b8-855b-af8beeddc229"}]},"__vid__":"7HevY9mOZV_lqL39vHeAa"},{"question":"入侵防御防护模式为拦截模式时会拦截哪些事件？","answer":{"mod":"slate","content":[{"children":[{"text":"在拦截模式下，防火墙会根据以下特征进行拦截。"}],"type":"p"},{"children":[{"text":"威胁情报：自动拦截高置信度的网络攻击/恶意访问，支持自动拦截出站恶意访问。"}],"type":"uli","start":false},{"children":[{"text":"基础防御：针对部分高置信度的规则支持自动拦截，其他规则仍然产生安全事件告警。"}],"type":"uli","start":false},{"children":[{"text":"虚拟补丁：支持自动拦截所有被检测为漏洞利用的流量。"}],"type":"uli","start":false}]},"__vid__":"nfIJu5TFHQtwWaODLbO6z"},{"question":"有了虚拟补丁，我还需要在主机修复补丁吗？","answer":{"mod":"slate","content":[{"type":"p","children":[{"text":"还是需要的，虚拟补丁可以为您做最前线的防护，但是根本漏洞还是需要做彻底的解决，才能做到最安全。"}]}]},"__vid__":"oXR5-BA3XiL826-EfbUVx"}],"__vid__":"XKavUNFQHwo88WwcJJnMm"},{"id":"1fBylPLr339Bhkgzc1OA_","label":"日志","list":[{"question":"云防火墙日志默认存储多长时间？最大存储容量是多少？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"云防火墙免费默认存储7天内的日志，最大50GB存储容量。留存超过7天和50GB外的日志将会被自动覆盖。"}]},{"type":"uli","children":[{"text":"开通日志分析服务后，云防火墙会默认存储6个月内的日志，存储容量1000GB起售，最大可扩展至100TB。"}]}],"id":"d09de8aa-ee10-4d3c-af2e-0d299c726d72"}]},"__vid__":"vhVX4OiXvI9HP7MaV0-RQ"},{"question":"日志存储超过套餐规定时间或容量会怎么处理？","answer":{"mod":"slate","content":[{"type":"p","children":[{"text":"日志存储达到套餐容量时云防火墙将会停写，建议根据使用量合理扩容。"}]}]},"__vid__":"gLxlDsDvZZvMCr8wqMk45"},{"question":"日志审计与分析与 CLS 是什么关系？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"目前日志审计是云防火墙内置，与 CLS 无关。防火墙日志可以进行投递，方便用户自行分析。"}]}],"id":"a747ccde-2b01-4a77-a011-fe71841876af"}]},"__vid__":"9pgL3OBKs4LZHuzVWrrWt"},{"question":"访问控制日志、入侵防御日志、流量日志分别记录什么流量？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"uli","children":[{"text":"访问控制日志记录命中访问控制规则的流量。"}]},{"type":"uli","children":[{"text":"入侵防御日志记录命中入侵防御规则的流量。"}]},{"type":"uli","children":[{"text":"流量日志记录放行的流量。"}]}],"id":"a747ccde-2b01-4a77-a011-fe71841876af"}]},"__vid__":"ANhMJeQL6Ps1MFtPHUBFS"},{"question":"可以把防火墙日志拿出来做归档吗？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"可以，日志支持导出和日志投递功能，投递到客户的 kafka。"}]}],"id":"a747ccde-2b01-4a77-a011-fe71841876af"}]},"__vid__":"VwecSHn5NIpIPWkVO5eR1"}],"__vid__":"cial6FRaA_0ny3lNkCs2e"},{"id":"318kBO2WKd9nvtqoxkcrU","label":"账号","list":[{"question":"云防火墙可以给其他腾讯云账号使用么？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"云防火墙不可以跨账号使用，云防火墙仅能防护当前腾讯云主账号下的云资产。"}]}],"id":"70d78dd2-dbe1-4a25-9cd2-1f037b04d98c"}]},"__vid__":"ZmvE-FuGZ6us7SH7n8jD8"},{"question":"进行角色创建授权会影响业务正常进行吗？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"不会，创建角色授权是用户通过授权允许云防火墙后台系统读取您的云上资源、私有网络、子网等数据，用来构建页面操作所需数据呈现，不会进行任何影响业务的自动化操作。"}]}],"id":"5e9059e3-c7ba-46e5-8244-2ec84e129ec5"}]},"__vid__":"aVxO1Ud3ev-Wo-T195x2n"},{"question":"告警中心设置告警对象不勾选主账号和子账号的情况下，还能收到带宽告警么？","answer":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"若未勾选接收告警的主账号和子账号，将不会收到告警中心的短信、站内信和微信通知，但控制台依然会显示告警。"}]}],"id":"10bc514c-4758-42e5-bbec-eef6188a6fba"}]},"__vid__":"j5H8803WgoUDIRSdUQRM0"}],"__vid__":"x_-IvahwrQcPRB04dWFay"}]},"id":"rxX72_izM","collection":{"header":[{"kind":"block","name":"section-header","data":{"title":"常见问题"},"id":"N2sngLBJdD"}],"addons":[{"kind":"block","name":"section-footer","data":{"content":{"mod":"slate","content":[{"type":"topic","children":[{"type":"p","children":[{"text":"更多问题请查看 "},{"type":"link","url":"https://cloud.tencent.com/document/product/1132/56713","title":"https://cloud.tencent.com/document/product/1132/56713","children":[{"text":"常见问题"}]},{"text":"，也可在 "},{"type":"link","url":"https://cloud.tencent.com/developer/ask","title":"https://cloud.tencent.com/developer/ask","children":[{"text":"问答社区"}]},{"text":" 中进行提问 。"}]}],"id":"2270e8ed-9c1b-4fd9-be82-74d07b7387ee"}]}},"id":"6MF7pw1l8e"}]},"className":""},{"kind":"block","name":"call2action","data":{"content":"按照我们的 <a href=\"https://cloud.tencent.com/document/product/1132/50107\">入门指南</a>，只需进行简单的配置，即可使用云防火墙功能，开启方便，无需部署。","buttons":[{"title":"开始使用","to":"https://console.cloud.tencent.com/cfw?adtag=cfw.from.web.cfw","__vid__":"a5ppTH4ju_6PvPRLYgVZX"}]},"id":"AM-buRGvV"}]},"settings":{"seo":{"title":"云防火墙 _ SaaS化防火墙_网络安全 - 腾讯云","keywords":"云防火墙 ,SaaS化防火墙,网络安全,入侵防御,访问控制,CFW,IPS,网络蜜罐,内网流量日志,出向流量管理,零信任防护,VPC边界防火墙,VPC防火墙,NAT边界防火墙,串行防火墙,DNS防火墙,域名访问控制,SQL注入,流量管理,公网日志审计","description":"腾讯云防火墙( CFW)是一款基于公有云环境下的SaaS化防火墙，主要为用户提供云上的访问控制、安全隔离与业务可视，满足云端安全策略的统一管控与日志审计的需求，具备传统防火墙功能的同时也支持云上多租户、弹性扩容。是用户业务上云的第一个网络安全基础设施"},"siteSearch":{"enable":true}}};</script> <script src="https://cloudcache.tencent-cloud.cn/qcloud/trisys-landing/materials/material-product.9240a0d12.js"></script> <script> if (window.__TRI_PAGE_STATE__ && window.__TRI_PAGE_STATE__.settings && window.__TRI_PAGE_STATE__.settings.toc && window.__TRI_PAGE_STATE__.settings.toc.enable ) { window.__TRI_PAGE_STATE__.settings.toc.enable = false; } window.__TRI_PAGE_STATE__.legacy = false; if (window.$render) { window.$render(); } </script> <script>window.G_PAGE_CONTEXT={"business":"product","entryId":2402};</script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/scripts/roadmap/snippet.da465ea7f.js"></script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/scripts/dianshiSale/snippet.735baf81e.js"></script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/scripts/anchorWidget/snippet.9a559fa41.js"></script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/scripts/anchor/snippet.cab1ab41d.js"></script> <script src="https://cloudcache.tencent-cloud.com/qcloud/portal/scripts/videoCopy/snippet.8074c5c9b.js"></script> <script src="//dscache.tencent-cloud.cn/ecache/qcstat/qcloud/qcloudStatApi.js" async></script> </body> </html>