Firewall Manager supports unified management and automated deployment of rules across regions and multiple products, achieving centralized control of all policies, ensuring operational consistency, and reducing management costs in complex environments.
Firewall Manager supports unified management and automated deployment of rules across regions and multiple products, achieving centralized control of all policies, ensuring operational consistency, and reducing management costs in complex environments.
Intelligent analysis identifies redundant, conflicting, and invalid rule configurations, providing optimization suggestions to effectively improve rule quality and product operation management efficiency.
Intelligent analysis identifies redundant, conflicting, and invalid rule configurations, providing optimization suggestions to effectively improve rule quality and product operation management efficiency.
Firewall Manager supports unified management and automated deployment of rules across regions and multiple products, achieving centralized control of all policies, ensuring operational consistency, and reducing management costs in complex environments.
Intelligent analysis identifies redundant, conflicting, and invalid rule configurations, providing optimization suggestions to effectively improve rule quality and product operation management efficiency.
- Build a unified cloud firewall management platform that integrates various firewall forms including enterprise security groups and Lighthouse firewalls.
- Provides enterprise security groups with advanced rule encapsulation, automatically deploying rules to security groups based on customer protection requirements.
- Significantly reduces operational complexity and ensures consistency and efficient execution of network-wide security policies.
- Utilizes big data technology to deeply analyze existing rules, accurately identify redundant, conflicting, and invalid rule configurations
- providing optimization suggestions to effectively improve product performance.
Frequently
asked questions
Firewall Manager currently supports managing enterprise security group and private network security group rules (current version enterprise security group supports asset types including: VPC, SUBNET, CVM, ENI, CLB, TDSQL, TDSQL-C, MYSQL, MARIADB, SQLSERVER, POSTGRESQL, REDIS, MONGODB, LIGHTHOUSE).
Enterprise security group is a new security group control plane that redesigns security group configuration logic, maintains a unified access control management interface, greatly optimizing the security group user experience. Firewall Manager provides a five-tuple-based rule configuration interface and automatically deploys security group policies through intelligent conversion algorithms, significantly simplifying security group configuration operations.
1. Automatically generates one inbound rule and one outbound rule when configuring rules;
2. Eliminates the concept of inbound and outbound rule directions, only requiring definition of access source and destination to complete rule configuration;
3. Removes regional restrictions, all rules are displayed in the same interface, making operations management more convenient;
4. Adds configuration options such as IP/CIDR, regions, etc., with symmetric arrangement of options allowing arbitrary combinations;
5. When configuring IP addresses for access sources or destinations, automatically matches instances corresponding to the IP.
No. Rules deployed from Firewall Manager - Enterprise Security Group to Private Network - Security Group cannot be directly modified in the private network console. Reasons:
1. Rules manually modified in Private Network - Security Group will not be reflected in the Firewall Manager - Enterprise Security Group page, leading to inconsistent rule information display and hindering rule maintenance management.
2. When rules are updated in Firewall Manager - Enterprise Security Group, they are synchronously deployed to Private Network - Security Group, overwriting manually modified rules in Private Network - Security Group, affecting network security protection.
The upper limit for rules deployed from enterprise security groups to Lighthouse application server firewalls is the inherent rule limit of Lighthouse itself, which cannot exceed 100 rules. Rules cannot be deployed if this limit is exceeded.
Frequently
asked questions
Firewall Manager currently supports managing enterprise security group and private network security group rules (current version enterprise security group supports asset types including: VPC, SUBNET, CVM, ENI, CLB, TDSQL, TDSQL-C, MYSQL, MARIADB, SQLSERVER, POSTGRESQL, REDIS, MONGODB, LIGHTHOUSE).
Enterprise security group is a new security group control plane that redesigns security group configuration logic, maintains a unified access control management interface, greatly optimizing the security group user experience. Firewall Manager provides a five-tuple-based rule configuration interface and automatically deploys security group policies through intelligent conversion algorithms, significantly simplifying security group configuration operations.
1. Automatically generates one inbound rule and one outbound rule when configuring rules;
2. Eliminates the concept of inbound and outbound rule directions, only requiring definition of access source and destination to complete rule configuration;
3. Removes regional restrictions, all rules are displayed in the same interface, making operations management more convenient;
4. Adds configuration options such as IP/CIDR, regions, etc., with symmetric arrangement of options allowing arbitrary combinations;
5. When configuring IP addresses for access sources or destinations, automatically matches instances corresponding to the IP.
No. Rules deployed from Firewall Manager - Enterprise Security Group to Private Network - Security Group cannot be directly modified in the private network console. Reasons:
1. Rules manually modified in Private Network - Security Group will not be reflected in the Firewall Manager - Enterprise Security Group page, leading to inconsistent rule information display and hindering rule maintenance management.
2. When rules are updated in Firewall Manager - Enterprise Security Group, they are synchronously deployed to Private Network - Security Group, overwriting manually modified rules in Private Network - Security Group, affecting network security protection.
The upper limit for rules deployed from enterprise security groups to Lighthouse application server firewalls is the inherent rule limit of Lighthouse itself, which cannot exceed 100 rules. Rules cannot be deployed if this limit is exceeded.