Differences Between WAF and CFW

Last updated: 2020-12-15 16:16:22

    What are the differences between Web Application Firewall (WAF) and Tencent Cloud Firewall (CFW)?

    Their differences are as follows:

              Product

    Item
    WAF CFW
    SaaS WAF CLB WAF
    Protection Object Web and API service Web and API service Businesses entirely opened to the Internet
    Use Cases Cybersecurity classified protection, intensifying protection, web and API security protection, application layer protection, and anti-cheating protection. Cybersecurity classified protection, intensifying protection, web and API security protection, application layer protection, anti-cheating protection, and layer-7 CLB instance application. Cybersecurity classified protection, intensifying protection, CVM host and web security protection.
    Core Protection Capability
    • Web vulnerability defense, unknown threat defense, and self-service false-negative and false-positive attack processing.
    • CC attack defense.
    • Bot action management and crawler defense.
    • API security and business security protection.
    • Anti-leak and anti-tampering.
    • Web vulnerability defense, unknown threat defense, and self-service false-negative and false-positive attack processing.
    • CC attack defense.
    • Bot action management.
    • API security and business security protection.
    • IPv6 web protection.
    • IPS virtual patching, which eliminates the needs for realistic CVM patches and restarting. The basic vulnerability defense for OWASP top 10 attacks is covered.
    • Automatic detection for compromised hosts and automatically blocking CVM malicious external connections.
    • Domain name-based active external connection control.
    Core Strength The wide scenarios ranging the application needs of users both within and outside Tencent Cloud. It is a Tencent Cloud native service, which can be connected across regions, eliminating the need to adjust the existing network architecture. Web business forwarding and security protection are separated, therefore WAF service can be easily disconnected during service breakdown to achieve stable and reliable web security protection. It can only be used for businesses within Tencent Cloud. The Tencent Cloud native firewall can be quickly enabled not affecting the existing businesses. It integrates security capabilities such as IIPS, threat intelligence, and vulnerability scanning, etc., which is ideal for cybersecurity classified protection and intensifying protection. It can only be used for businesses within Tencent Cloud.
    Service Selection For businesses requiring web and API security protection for both Tencent Cloud and local IDCs, we recommend using SaaS WAF. For businesses using or planning to use layer-7 CLB instances, we recommend using CLB WAF. For businesses requiring CVM protection, especially the ones with other public network services opened except the web service, we recommend using CFW.

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback
    Help