lbelejka/cloud-firewall
1
0
Fork 0
forked from docs/cloud-firewall
Code Pull Requests Activity

Update content

Browse Source
This commit is contained in:
OpenTelekomCloud Proposal Bot 2024-10-12 04:00:32 +00:00
parent 641b5a4ef0
commit 2889616e69
47 changed files with 997 additions and 621 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
umn/source/_static/images/en-us_image_0000001443711605.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
umn/source/_static/images/en-us_image_0000001443792005.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
umn/source/_static/images/en-us_image_0000001673130380.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.2 KiB

BIN
umn/source/_static/images/en-us_image_0000001772296201.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 21 KiB

BIN
umn/source/_static/images/en-us_image_0000001772299481.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

BIN
umn/source/_static/images/en-us_image_0000001772301841.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
umn/source/_static/images/en-us_image_0000001772421057.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 18 KiB

BIN
umn/source/_static/images/en-us_image_0000001936832142.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.4 KiB

After

Width:  |  Height:  |  Size: 26 KiB

BIN
umn/source/_static/images/en-us_image_0000001936832146.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 9.9 KiB

After

Width:  |  Height:  |  Size: 27 KiB

BIN
umn/source/_static/images/en-us_image_0000001964045585.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 14 KiB

After

Width:  |  Height:  |  Size: 31 KiB

BIN
umn/source/_static/images/en-us_image_0000001986387925.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 342 B

BIN
umn/source/_static/images/en-us_image_0000001988385497.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 547 B

BIN
umn/source/_static/images/en-us_image_0000001988387381.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 547 B

2
umn/source/attack_defense/attack_defense_overview.rst
View File

@ -49,6 +49,8 @@ The following methods can be used:
| Virtual patch | Hot patches are provided for IPS at the network layer to intercept high-risk remote attacks in real time and prevent service interruption during vulnerability fixing. | | | | Virtual patch | Hot patches are provided for IPS at the network layer to intercept high-risk remote attacks in real time and prevent service interruption during vulnerability fixing. | | |
| | | | | | | | | |
| | Updated rules are added to the virtual patch library first. You can determine whether to add the rules to the basic defense library. | | | | | Updated rules are added to the virtual patch library first. You can determine whether to add the rules to the basic defense library. | | |
| | | | |
| | To add defense rules, enable this function to apply virtual patch rules. The protection action can be manually modified. | | |
+-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+ +-------------------------------------------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------+
| Custom IPS signature (supported only by the professional edition) | If the built-in rule library cannot meet your requirements, you can customize signature rules. | The check types are the same as those of **Basic defense**. | For details, see :ref:`Customizing IPS Signatures <cfw_01_0188>`. | | Custom IPS signature (supported only by the professional edition) | If the built-in rule library cannot meet your requirements, you can customize signature rules. | The check types are the same as those of **Basic defense**. | For details, see :ref:`Customizing IPS Signatures <cfw_01_0188>`. |
| | | | | | | | | |

2
umn/source/attack_defense/blocking_network_attacks.rst
View File

@ -27,7 +27,7 @@ Adjusting the IPS Protection Mode to Block Network Attacks
.. note:: .. note::
- You are advised to use the **observe** mode for a period of time before using the **intercept** mode. For details about how to view attack event logs, see :ref:`Attack Event Logs <cfw_01_0139__section1131659192010>` - You are advised to use the **observe** mode for a period of time before using the **intercept** mode. For details about how to view attack event logs, see :ref:`Attack Event Logs <cfw_01_0139__section1131659192010>`.
- If packets are incorrectly blocked by a defense rule, you can modify the action of the rule in the basic defense rule library. For details, see :ref:`IPS Rule Management <cfw_01_0167>`. - If packets are incorrectly blocked by a defense rule, you can modify the action of the rule in the basic defense rule library. For details, see :ref:`IPS Rule Management <cfw_01_0167>`.
.. _cfw_01_0032__section61321527141315: .. _cfw_01_0032__section61321527141315:

6
umn/source/change_history.rst
View File

@ -8,6 +8,12 @@ Change History
+-----------------------------------+------------------------------------------------------------------------------------------+ +-----------------------------------+------------------------------------------------------------------------------------------+
| Date | Description | | Date | Description |
+===================================+==========================================================================================+ +===================================+==========================================================================================+
| 2024-10-12 | This is the fifth official release. |
| | |
| | Optimized: |
| | |
| | Adapted to the new layout in :ref:`Checking the Dashboard <cfw_01_0009>`. |
+-----------------------------------+------------------------------------------------------------------------------------------+
| 2024-09-19 | This is the fourth official release. | | 2024-09-19 | This is the fourth official release. |
| | | | | |
| | Added: | | | Added: |

215
umn/source/checking_the_dashboard.rst
View File

File diff suppressed because it is too large Load Diff

2
umn/source/configuring_access_control_policies_to_control_traffic/adding_blacklist_or_whitelist_items_to_block_or_allow_traffic.rst
View File

@ -20,7 +20,7 @@ Specification Limitations
- CFW supports up to 2,000 blacklist items and 2,000 whitelist items. If there are too many IP addresses to be specified, you can put them in an IP address group and select the IP address group when configuring protection rules. - CFW supports up to 2,000 blacklist items and 2,000 whitelist items. If there are too many IP addresses to be specified, you can put them in an IP address group and select the IP address group when configuring protection rules.
- For details about how to add an IP address group, see :ref:`Adding Custom IP Address and Address Groups <cfw_01_0068>`. - For details about how to add an IP address group, see :ref:`Adding User-defined IP Addresses and Address Groups <cfw_01_0068>`.
- For details about how to add a protection rule, see :ref:`Adding Protection Rules to Block or Allow Traffic <cfw_01_0030>`. - For details about how to add a protection rule, see :ref:`Adding Protection Rules to Block or Allow Traffic <cfw_01_0030>`.
- To protect private IP addresses, use the professional edition firewall and enable :ref:`VPC border firewall <cfw_01_0078>` protection. - To protect private IP addresses, use the professional edition firewall and enable :ref:`VPC border firewall <cfw_01_0078>` protection.

638
umn/source/configuring_access_control_policies_to_control_traffic/configuring_protection_rules_to_block_or_allow_traffic/adding_protection_rules_to_block_or_allow_traffic.rst
View File

File diff suppressed because it is too large Load Diff

2
umn/source/configuring_access_control_policies_to_control_traffic/configuring_protection_rules_to_block_or_allow_traffic/example_4_configuring_snat_protection_rules.rst
View File

@ -12,7 +12,7 @@ SNAT Protection Configuration
Assume your private IP address is **10.1.1.2** and the external domain name accessed through the NAT gateway is **www.example.com**. Configure NAT protection as follows and set other parameters based on your deployment: Assume your private IP address is **10.1.1.2** and the external domain name accessed through the NAT gateway is **www.example.com**. Configure NAT protection as follows and set other parameters based on your deployment:
- **Rule Type**: **NAT** - **Rule Type**: Select **NAT**.
- **Direction**: Select **SNAT**. - **Direction**: Select **SNAT**.
- **Source**: Select **IP address** and enter **10.1.1.2**. - **Source**: Select **IP address** and enter **10.1.1.2**.
- **Destination**: Select **Domain Name/Domain Group** and **Network**, and enter **www.example.com**. - **Destination**: Select **Domain Name/Domain Group** and **Network**, and enter **www.example.com**.

28
umn/source/configuring_access_control_policies_to_control_traffic/domain_name_management/adding_a_domain_name_group.rst
View File

@ -17,13 +17,13 @@ Constraints
- The domain names in a domain name group can be referenced by protection rules for up to 40,000 times, and wildcard domain names can be referenced for up to 2,000 times. - The domain names in a domain name group can be referenced by protection rules for up to 40,000 times, and wildcard domain names can be referenced for up to 2,000 times.
**Application Domain Name Group (Layer 7 Protocol Parsing)** **Application domain name group (layer 7 protocol parsing)**
- A firewall instance can have up to 500 domain name groups. - A firewall instance can have up to 500 domain name groups.
- A firewall instance can have up to 2,500 domain names. - A firewall instance can have up to 2,500 domain names.
- A domain name group can have up to 1,500 domain names. - A domain name group can have up to 1,500 domain names.
**Network Domain Name Group (Layer 4 Protocol Parsing)** **Network domain name group (layer 4 protocol parsing)**
- A firewall instance can have up to 1,000 domain names. - A firewall instance can have up to 1,000 domain names.
- A network domain name group can have up to 15 domain names. - A network domain name group can have up to 15 domain names.
@ -40,11 +40,11 @@ Adding a Domain Name Group
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Domain Name Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. (Optional) To add a network domain group, click the **Network Domain Name Group** tab. #. (Optional) To add a network domain group, click the **Network Domain Name Group** tab.
#. Click **Add Domain Name Group** and configure :ref:`parameters <cfw_01_0183__table12362103114169>`. #. Click the **Domain Name Groups** tab. Click **Add Domain Name Group** and configure :ref:`parameters <cfw_01_0183__table12362103114169>`.
.. _cfw_01_0183__table12362103114169: .. _cfw_01_0183__table12362103114169:
@ -53,10 +53,10 @@ Adding a Domain Name Group
+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Description | | Parameter | Description |
+===================================+====================================================================================================================================================================================================+ +===================================+====================================================================================================================================================================================================+
| Group Name | Name of a user-defined domain name group. |
+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Domain Name Group Type | Application/Network | | Domain Name Group Type | Application/Network |
+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Group Name | Name of a user-defined domain name group. |
+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Description | (Optional) Enter remarks for the domain name group. | | Description | (Optional) Enter remarks for the domain name group. |
+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Domain Name | Enter one or multiple domain names. | | Domain Name | Enter one or multiple domain names. |
@ -78,25 +78,25 @@ Adding a Domain Name to a Domain Group
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Service Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click the name of a domain name group. The **Basic Information** and **Domain Names** areas are displayed. #. Click the **Domain Name Groups** tab. Click the name of a domain name group. The **Domain Name Groups** dialog box is displayed.
#. Click **Add Domain** under the domain name list and enter domain name information. #. Click **Add Domain** and enter domain name information.
You can click |image3| to add multiple services. You can click **Add** to add multiple domain names.
#. Confirm the information and click **OK**. #. Confirm the information and click **OK**.
Related Operation Related Operation
----------------- -----------------
- Batch deleting domain names: Select domain names and click **Delete** above the list. - Exporting domain name groups: Click **Export** above the list and select a data range.
- Batch deleting domain names: Select domain names in the domain name list and click **Delete** above the list.
- To edit a domain name group, click the name of the target domain name group and click **Edit** on the right of **Basic Information**. - Editing a domain name group: Click the name of the target domain name group and click **Edit** on the right of **Basic Information**.
- A domain name group takes effect only after it is set in a protection rule. For more information, see :ref:`Adding Protection Rules to Block or Allow Traffic <cfw_01_0030>`. - A domain name group takes effect only after it is set in a protection rule. For more information, see :ref:`Adding Protection Rules to Block or Allow Traffic <cfw_01_0030>`.
- To view the IP addresses resolved by a domain name group of the network domain name group type, click the domain name group name to go to the **Basic Information** page, and click **IP address** in the **Operation** column of the domain name list. - Viewing the IP addresses resolved by a domain name group of the network domain name group type: Click a domain name group name to go to the **Basic Information** page, and click **IP address** in the **Operation** column of the domain name list.
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png .. |image1| image:: /_static/images/en-us_image_0000001259322747.png
.. |image2| image:: /_static/images/en-us_image_0000001259322747.png .. |image2| image:: /_static/images/en-us_image_0000001259322747.png
.. |image3| image:: /_static/images/en-us_image_0000001988387381.png

4
umn/source/configuring_access_control_policies_to_control_traffic/domain_name_management/deleting_a_domain_name_group.rst
View File

@ -17,9 +17,9 @@ Deleting a Domain Name Group
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Domain Name Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. (Optional) To delete a network domain group, click the **Network Domain Name Group** tab. #. (Optional) To delete a network domain group, click the **Network Domain Name Group** tab.
#. Locate the row that contains the item to be deleted. Click **Delete** in the **Operation** column. In the displayed dialog box, enter **DELETE** and click **OK**. #. Click the **Domain Name Groups** tab. Locate the row that contains the item to be deleted. Click **Delete** in the **Operation** column. In the displayed dialog box, enter **DELETE** and click **OK**.
.. warning:: .. warning::

10
umn/source/configuring_access_control_policies_to_control_traffic/managing_access_control_policies/importing_and_exporting_protection_policies.rst
View File

@ -5,7 +5,7 @@
Importing and Exporting Protection Policies Importing and Exporting Protection Policies
=========================================== ===========================================
You can add and export protection rules, blacklist/whitelist items, IP address groups, service groups, and domain name groups in batches. You can add and export protection rules, blacklist/whitelist items, IP address groups, domain name groups, and service groups in batches.
Specification Limitations Specification Limitations
------------------------- -------------------------
@ -19,7 +19,7 @@ Importing Protection Rules in Batches
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Access Policies**. #. In the navigation pane, choose **Access Control** > **Access Policies**.
#. Click **Download Center** on the upper right of the list. #. Click **Download Center** on the upper right corner of the list.
#. Click **Download Template** to download the rule import template to the local host. #. Click **Download Template** to download the rule import template to the local host.
#. Configure protection policy information as required. #. Configure protection policy information as required.
@ -29,8 +29,8 @@ Importing Protection Rules in Batches
- For details about VPC border protection rule parameters, see :ref:`Parameters of Rule Import Template - Vpc-Rule-Acl-Table (VPC Border Protection Rule) <cfw_01_0129__section16691542194717>`. - For details about VPC border protection rule parameters, see :ref:`Parameters of Rule Import Template - Vpc-Rule-Acl-Table (VPC Border Protection Rule) <cfw_01_0129__section16691542194717>`.
- For details about the blacklist and whitelist parameters, see :ref:`Adding Blacklist or Whitelist Items to Block or Allow Traffic <cfw_01_0065>`. - For details about the blacklist and whitelist parameters, see :ref:`Adding Blacklist or Whitelist Items to Block or Allow Traffic <cfw_01_0065>`.
- For details about IP address group parameters, see :ref:`Adding Custom IP Address and Address Groups <cfw_01_0068>`. - For details about IP address group parameters, see :ref:`Adding User-defined IP Addresses and Address Groups <cfw_01_0068>`.
- For details about service group parameters, see :ref:`Adding a Custom Service Group <cfw_01_0070>`. - For details about service group parameters, see :ref:`Adding a User-defined Service Group <cfw_01_0070>`.
- For details about domain name group parameters, see :ref:`Domain Name Management <cfw_01_0182>`. - For details about domain name group parameters, see :ref:`Domain Name Management <cfw_01_0182>`.
.. important:: .. important::
@ -56,7 +56,7 @@ Exporting Protection Rules in Batches
#. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Access Policies**. #. In the navigation pane, choose **Access Control** > **Access Policies**.
#. Click **Download Center** on the upper right of the list. #. Click **Download Center** on the upper right corner of the list.
#. Click **Export Rule** to export rules to a local PC. #. Click **Export Rule** to export rules to a local PC.
.. _cfw_01_0129__section738713134471: .. _cfw_01_0129__section738713134471:

4
umn/source/configuring_access_control_policies_to_control_traffic/managing_access_control_policies/managing_protection_rules.rst
View File

@ -28,7 +28,9 @@ Viewing Protection Rules
| | | | | |
| | A smaller value indicates a higher priority. | | | A smaller value indicates a higher priority. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Name | Custom rule name | | Name/Rule ID | Custom rule name and ID |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Rule Type | Protection type of the rule. It can be an EIP or NAT rule. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Direction | Traffic direction of the protection rule. | | Direction | Traffic direction of the protection rule. |
+-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+

23
umn/source/configuring_access_control_policies_to_control_traffic/managing_ip_address_groups/adding_custom_ip_address_and_address_groups.rst → umn/source/configuring_access_control_policies_to_control_traffic/managing_ip_address_groups/adding_user-defined_ip_addresses_and_address_groups.rst
View File

@ -2,15 +2,15 @@
.. _cfw_01_0068: .. _cfw_01_0068:
Adding Custom IP Address and Address Groups Adding User-defined IP Addresses and Address Groups
=========================================== ===================================================
An IP address group contains multiple IP addresses. An IP address group frees you from repeatedly modifying access rules and allows you to manage access rules in batch. An IP address group contains multiple IP addresses. An IP address group frees you from repeatedly modifying access rules and allows you to manage access rules in batch.
Constraints Constraints
----------- -----------
- A firewall instance can contain up to 3898 IP address groups. - A firewall instance can have up to 3800 IP address groups.
- An IP address group can contain up to 640 IP addresses. - An IP address group can contain up to 640 IP addresses.
- A firewall instance can contain up to 30,000 IP addresses. - A firewall instance can contain up to 30,000 IP addresses.
@ -23,9 +23,9 @@ Adding Custom Address Groups
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **IP Address Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click **Add IP Address Group** and configure parameters in the **Basic Information** area. For more information, see :ref:`IP address group parameters <cfw_01_0068__table12707131818297>`. #. Click the **IP Address Groups** tab. Click **Add IP Address Group** and configure parameters on the **Add IP Address Group** slide-out panel. For more information, see :ref:`IP address group parameters <cfw_01_0068__table12707131818297>`.
.. _cfw_01_0068__table12707131818297: .. _cfw_01_0068__table12707131818297:
@ -51,15 +51,15 @@ Adding Custom Address Groups
#. Confirm the information and click **OK**. The IP address group is added. #. Confirm the information and click **OK**. The IP address group is added.
Adding an IP Address Adding an IP address to a user-defined address group
-------------------- ----------------------------------------------------
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **IP Address Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click the name of an IP address group. The **Basic Information** and **IP Addresses** areas are displayed. #. Click the name of an IP address group on the **IP Address Groups** tab. The **IP Address Group Details** dialog box is displayed..
#. Click **Add IP Address** under the IP address list. #. Click **Add IP Address**. The **Add IP Address** slide-out panel is displayed.
- To add IP addresses in batches, enter the IP addresses in the text box and click **Parse**. - To add IP addresses in batches, enter the IP addresses in the text box and click **Parse**.
- To add a single IP address, click **Add**, and enter the IP address and description. - To add a single IP address, click **Add**, and enter the IP address and description.
@ -69,7 +69,8 @@ Adding an IP Address
Related Operations Related Operations
------------------ ------------------
- Batch deleting IP addresses: In the IP address list, select IP addresses and click **Delete** above the list. - Exporting IP address groups: Click **Export** above the list and select a data range.
- Batch deleting IP addresses: In the **IP Address Group Details** slide-out panel, select IP addresses and click **Delete** above the list.
Follow-up Operations Follow-up Operations
-------------------- --------------------

4
umn/source/configuring_access_control_policies_to_control_traffic/managing_ip_address_groups/deleting_ip_address_groups.rst
View File

@ -19,8 +19,8 @@ Deleting IP Address Groups
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **IP Address Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. In the **Operation** column of an IP address group, click **Delete**. #. Click the **IP Address Groups** tab. In the **Operation** column of an IP address group, click **Delete**.
#. In the displayed dialog box, confirm the information, enter **DELETE**, and click **OK**. #. In the displayed dialog box, confirm the information, enter **DELETE**, and click **OK**.
.. warning:: .. warning::

4
umn/source/configuring_access_control_policies_to_control_traffic/managing_ip_address_groups/index.rst
View File

@ -5,7 +5,7 @@
Managing IP Address Groups Managing IP Address Groups
========================== ==========================
- :ref:`Adding Custom IP Address and Address Groups <cfw_01_0068>` - :ref:`Adding User-defined IP Addresses and Address Groups <cfw_01_0068>`
- :ref:`Viewing a Predefined Address Group <cfw_01_0239>` - :ref:`Viewing a Predefined Address Group <cfw_01_0239>`
- :ref:`Deleting IP Address Groups <cfw_01_0069>` - :ref:`Deleting IP Address Groups <cfw_01_0069>`
@ -13,6 +13,6 @@ Managing IP Address Groups
:maxdepth: 1 :maxdepth: 1
:hidden: :hidden:
adding_custom_ip_address_and_address_groups adding_user-defined_ip_addresses_and_address_groups
viewing_a_predefined_address_group viewing_a_predefined_address_group
deleting_ip_address_groups deleting_ip_address_groups

4
umn/source/configuring_access_control_policies_to_control_traffic/managing_ip_address_groups/viewing_a_predefined_address_group.rst
View File

@ -29,7 +29,7 @@ Viewing a Predefined Address Group
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **IP Address Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click the **Pre-defined Address Group** tab and click the name of an address group. On the details page that is displayed, view the address group information. #. Click the **IP Address Groups** tab. Click the **Pre-defined Address Groups** tab and click the name of an address group. On the details page that is displayed, view the address group information.
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png .. |image1| image:: /_static/images/en-us_image_0000001259322747.png

30
umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/adding_a_custom_service_group.rst → umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/adding_a_user-defined_service_group.rst
View File

@ -2,8 +2,8 @@
.. _cfw_01_0070: .. _cfw_01_0070:
Adding a Custom Service Group Adding a User-defined Service Group
============================= ===================================
A service group is a collection of services (protocols, source ports, and destination ports). A service group frees you from repeatedly modifying access rules and simplifies security group rule management. A service group is a collection of services (protocols, source ports, and destination ports). A service group frees you from repeatedly modifying access rules and simplifies security group rule management.
@ -15,14 +15,14 @@ Constraints
- A firewall instance can have up to 900 services. - A firewall instance can have up to 900 services.
Adding a Custom Service Group Adding a User-defined Service Group
----------------------------- -----------------------------------
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Service Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click **Add Service Group** and configure parameters in the **Basic Information** area. Enter the service group name and description. #. Click the **Service Groups** tab. Click **Add Service Group** and configure parameters in the **Add Service Group** area. Enter the service group name and description.
.. table:: **Table 1** Service group parameters .. table:: **Table 1** Service group parameters
@ -41,23 +41,21 @@ Adding a Custom Service Group
#. Confirm the information and click **OK**. #. Confirm the information and click **OK**.
Adding a Service Adding a Service to a User-defined Service Group
---------------- ------------------------------------------------
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image2| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Service Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click the name of a service group. The **Basic Information** and **Services** areas are displayed. #. Click the **Service Groups** tab. Click the name of a service group. The **Service Group Details** dialog box is displayed..
#. Click **Add Service** in the **Services** area. The **Add Service** dialog box is displayed. #. Click **Add Service**.
.. table:: **Table 2** Adding a service .. table:: **Table 2** Adding a service
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Parameter | Description | Example Value | | Parameter | Description | Example Value |
+=======================+===============================================================================================================================+=======================+ +=======================+===============================================================================================================================+=======================+
| Service Name | User-defined service name | test |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Protocol | Its value can be **TCP**, **UDP**, or **ICMP**. | TCP | | Protocol | Its value can be **TCP**, **UDP**, or **ICMP**. | TCP |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+
| Source Port | Source ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: **80-443**). | 80 | | Source Port | Source ports to be allowed or blocked. You can configure a single port or consecutive port groups (example: **80-443**). | 80 |
@ -75,13 +73,14 @@ Adding a Service
| Description | Usage and application scenario | ``-`` | | Description | Usage and application scenario | ``-`` |
+-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+ +-----------------------+-------------------------------------------------------------------------------------------------------------------------------+-----------------------+
#. You can click |image3| to add multiple services. #. You can click **Add** to add multiple services.
#. Confirm the information and click **OK**. #. Confirm the information and click **OK**.
Related Operations Related Operations
------------------ ------------------
- Batch deleting services: Select services in the service list and click **Delete** above the list. - Exporting service groups: Click **Export** above the list and select a data range.
- Deleting services in batches: On the **Service Groups** tab, select services and click **Delete** above the list.
Follow-up Operations Follow-up Operations
-------------------- --------------------
@ -90,4 +89,3 @@ A service group takes effect only after it is set in a protection rule. For more
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png .. |image1| image:: /_static/images/en-us_image_0000001259322747.png
.. |image2| image:: /_static/images/en-us_image_0000001259322747.png .. |image2| image:: /_static/images/en-us_image_0000001259322747.png
.. |image3| image:: /_static/images/en-us_image_0000001988385497.png

14
umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/deleting_a_service_group.rst → umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/deleting_a_user-defined_service_group.rst
View File

@ -2,12 +2,12 @@
.. _cfw_01_0071: .. _cfw_01_0071:
Deleting a Service Group Deleting a User-defined Service Group
======================== =====================================
A service group is a collection of ports. You can use service groups to easily protect high-risk ports and manage access rules, free from repeated editing of access rules. A service group is a collection of ports. You can use service groups to easily protect high-risk ports and manage access rules, free from repeated editing of access rules.
This section describes how to delete a custom service group. This section describes how to delete a user-defined service group.
Constraints Constraints
----------- -----------
@ -15,14 +15,14 @@ Constraints
The service group referenced by a protection rule cannot be deleted. Modify or delete the rule first. The service group referenced by a protection rule cannot be deleted. Modify or delete the rule first.
Deleting a Service Group Deleting a User-defined Service Group
------------------------ -------------------------------------
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Service Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. In the **Operation** column of a service group, click **Delete**. #. Click the **Service Groups** tab. In the **Operation** column of a service group, click **Delete**.
#. In the displayed dialog box, confirm the information, enter **DELETE**, and click **OK**. #. In the displayed dialog box, confirm the information, enter **DELETE**, and click **OK**.
.. warning:: .. warning::

8
umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/index.rst
View File

@ -5,14 +5,14 @@
Service Group Management Service Group Management
======================== ========================
- :ref:`Adding a Custom Service Group <cfw_01_0070>` - :ref:`Adding a User-defined Service Group <cfw_01_0070>`
- :ref:`Viewing a Predefined Service Group <cfw_01_0240>` - :ref:`Viewing a Predefined Service Group <cfw_01_0240>`
- :ref:`Deleting a Service Group <cfw_01_0071>` - :ref:`Deleting a User-defined Service Group <cfw_01_0071>`
.. toctree:: .. toctree::
:maxdepth: 1 :maxdepth: 1
:hidden: :hidden:
adding_a_custom_service_group adding_a_user-defined_service_group
viewing_a_predefined_service_group viewing_a_predefined_service_group
deleting_a_service_group deleting_a_user-defined_service_group

4
umn/source/configuring_access_control_policies_to_control_traffic/service_group_management/viewing_a_predefined_service_group.rst
View File

@ -16,7 +16,7 @@ Viewing a Predefined Service Group
#. Log in to the management console. #. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed. #. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page. #. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation pane, choose **Access Control** > **Service Groups**. #. In the navigation pane, choose **Access Control** > **Object Groups**.
#. Click the **Pre-defined Service Groups** tab and click the name of a service group. On the details page that is displayed, view the service group information. #. Click the **Service Groups** tab. Click the **Pre-defined Service Groups** tab and click the name of a service group. On the details page that is displayed, view the service group information.
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png .. |image1| image:: /_static/images/en-us_image_0000001259322747.png

2
umn/source/configuring_access_control_policies_to_control_traffic/viewing_protection_information_using_the_policy_assistant.rst
View File

@ -41,6 +41,6 @@ Viewing Protection Information Using the Policy Assistant
| Top Blocked IP Address Regions | Regions of blocked IP addresses. You can click **Destination of outbound access** or **Source of inbound access** to check IP addresses. | | Top Blocked IP Address Regions | Regions of blocked IP addresses. You can click **Destination of outbound access** or **Source of inbound access** to check IP addresses. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
- **Inactive Policies**: Policies that have not been hit or enabled for more than three months. You are advised to modify or delete the policies in a timely manner. - **Inactive Policies**: Policies that have not been hit or enabled for more than a week, a month, three months, or six months. You are advised to modify or delete the policies in a timely manner.
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png .. |image1| image:: /_static/images/en-us_image_0000001259322747.png

46
umn/source/creating_a_pay-per-use_cfw.rst
View File

@ -30,26 +30,32 @@ Creating a Pay-per-Use Professional CFW
.. table:: **Table 1** Parameters for creating CFW .. table:: **Table 1** Parameters for creating CFW
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Parameter | Description | | Parameter | Description |
+===================================+==================================================================================================================+ +===================================+=======================================================================================================================================================================================================================================+
| Billing Mode | **Pay-per-use** indicates that you will be charged for the protection on your workloads. | | Billing Mode | **Pay-per-use** indicates that you will be charged for the protection on your workloads. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Region | Region where the CFW is to be purchased. | | Region | Region where the CFW is to be purchased. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Edition | Currently, only the professional edition is supported. | | Edition | Currently, only the professional edition is supported. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Firewall Name | Firewall name. | | Firewall Name | Firewall name. |
| | | | | |
| | It must meet the following requirements: | | | It must meet the following requirements: |
| | | | | |
| | - Only letters (A to Z and a to z), numbers (0 to 9), spaces, and the following characters are allowed: -\_ | | | - Only letters (A to Z and a to z), numbers (0 to 9), spaces, and the following characters are allowed: -\_ |
| | - The value can contain 1 to 48 characters. | | | - The value can contain 1 to 48 characters. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ +-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Enterprise Project | | | Enterprise Project | In the drop-down list, select the enterprise project that you belong to. The purchased CFW then belongs to that enterprise project and protects all resources in that project. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ | | |
| Tags | It is recommended that you use the TMS predefined tag function to add the same tag to different cloud resources. | | | This option is only available if you have enabled enterprise projects, or if you are logged in using an enterprise master account. You can use an enterprise project to centrally manage your cloud resources and members by project. |
+-----------------------------------+------------------------------------------------------------------------------------------------------------------+ | | |
| | .. note:: |
| | |
| | Value **default** indicates the default enterprise project. Resources that are not allocated to any enterprise projects under your account are displayed in the default enterprise project. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Tags | It is recommended that you use the TMS predefined tag function to add the same tag to different cloud resources. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
#. Confirm the information and click **Create Firewall**. #. Confirm the information and click **Create Firewall**.

4
umn/source/faqs/troubleshooting/what_do_i_do_if_service_traffic_is_abnormal.rst
View File

@ -98,7 +98,7 @@ The firewall administrator took the following measures:
**Figure 2** EIPs **Figure 2** EIPs
#. The administrator chose **Log Audit** > **Log Query** and clicked the **Access Control Logs** tab. He searched for the blocking logs of the access source IP address **xx.xx.xx.126**. A blocking rule named **Block-Malicious-Outreach** was found, and this rule blocked the traffic from the EIP **xx.xx.xx.126** to the Internet. #. The administrator chose **Log Audit** > **Log Query** and clicked the **Access Control Logs** tab. He searched for the blocking logs of the access source IP address **xx.xx.xx.126**. A blocking rule named **Block-Malicious-Outreach** was found, and this rule blocked the traffic from the attack source IP address to the Internet.
.. figure:: /_static/images/en-us_image_0000001950170221.png .. figure:: /_static/images/en-us_image_0000001950170221.png
@ -164,7 +164,7 @@ The firewall administrator took the following measures:
**Figure 5** Filtering attack event logs **Figure 5** Filtering attack event logs
#. The administrator clicked **Details** in the **Operation** column, clicked **Payload Content** in the display page, and created a packet capture task to determine that the service is normal. The administrator searched for the rule whose ID is 334841 from the list on the **Basic Protection** tab page by referring to :ref:`Modifying the Protection Action of an Intrusion Prevention Rule <cfw_01_0168>`. #. The administrator clicked **Details** in the **Operation** column, clicked **Payload Content** in the display page, and created a packet capture task to verify that the service is normal. The administrator searched for the rule whose ID is 334841 from the list on the **Basic Protection** tab page by referring to :ref:`Modifying the Protection Action of an Intrusion Prevention Rule <cfw_01_0168>`.
.. figure:: /_static/images/en-us_image_0000001950170229.png .. figure:: /_static/images/en-us_image_0000001950170229.png

8
umn/source/product_overview/constraints_and_limitations.rst
View File

@ -29,7 +29,7 @@ Protection Policy Quota Limit
- IP address groups - IP address groups
- A firewall instance can contain up to 3898 IP address groups. - A firewall instance can have up to 3800 IP address groups.
- An IP address group can contain up to 640 IP addresses. - An IP address group can contain up to 640 IP addresses.
- A firewall instance can contain up to 30,000 IP addresses. - A firewall instance can contain up to 30,000 IP addresses.
@ -42,13 +42,13 @@ Protection Policy Quota Limit
- Domain name groups - Domain name groups
- The domain names in a domain name group can be referenced by protection rules for up to 40,000 times, and wildcard domain names can be referenced for up to 2,000 times. - The domain names in a domain name group can be referenced by protection rules for up to 40,000 times, and wildcard domain names can be referenced for up to 2,000 times.
- **Application Domain Name Group (Layer 7 Protocol Parsing)** - **Application domain name group (layer 7 protocol parsing)**
- A firewall instance can have up to 500 domain name groups. - A firewall instance can have up to 500 domain name groups.
- A firewall instance can have up to 2,500 domain names. - A firewall instance can have up to 2,500 domain names.
- A domain name group in application mode can have up to 1,500 domain names. - A domain name group can have up to 1,500 domain names.
- **Network Domain Name Group (Layer 4 Protocol Parsing)** - **Network domain name group (layer 4 protocol parsing)**
- A firewall instance can have up to 1,000 domain names. - A firewall instance can have up to 1,000 domain names.
- A network domain name group can have up to 15 domain names. - A network domain name group can have up to 15 domain names.

2
umn/source/product_overview/related_services.rst
View File

@ -25,7 +25,7 @@ CTS records operations related to CFW, facilitating your further queries, audits
Cloud Eye Cloud Eye
--------- ---------
`Cloud Eye <https://docs.otc.t-systems.com/cloud-eye/umn/product_introduction/what_is_cloud_eye.html#en-us-topic-0015479882>`__ provides a comprehensive monitoring platform for resources such as the ECS and bandwidth. Cloud Eye monitors the metrics of CFW, so that you can understand the protection status of CFW in a timely manner, and set protection policies accordingly. `Cloud Eye <https://docs.otc.t-systems.com/cloud-eye/umn/product_introduction/what_is_cloud_eye.html#en-us-topic-0015479882>`__ provides a comprehensive monitoring platform for resources such as the ECS and bandwidth. Cloud Eye monitors the metrics of CFW, so that you can understand the protection status of the service in a timely manner, and set protection policies accordingly.
Log Tank Service (LTS) Log Tank Service (LTS)
---------------------- ----------------------

146
umn/source/system_management/alarm_notification.rst Normal file
View File

File diff suppressed because it is too large Load Diff

4
umn/source/system_management/index.rst
View File

@ -5,6 +5,8 @@
System Management System Management
================= =================
- :ref:`Alarm Notification <cfw_01_0166>`
- :ref:`Network Packet Capture <cfw_01_0178>`
- :ref:`Configuring a DNS Server <cfw_01_0085>` - :ref:`Configuring a DNS Server <cfw_01_0085>`
- :ref:`Security Report Management <cfw_01_0244>` - :ref:`Security Report Management <cfw_01_0244>`
@ -12,5 +14,7 @@ System Management
:maxdepth: 1 :maxdepth: 1
:hidden: :hidden:
alarm_notification
network_packet_capture/index
configuring_a_dns_server configuring_a_dns_server
security_report_management/index security_report_management/index

96
umn/source/system_management/network_packet_capture/creating_a_packet_capture_task_to_check_the_network_status.rst Normal file
View File

@ -0,0 +1,96 @@
:original_name: cfw_01_0179.html
.. _cfw_01_0179:
Creating a Packet Capture Task to Check the Network Status
==========================================================
You can create network packet capture tasks to locate network faults and attacks.
Specification Limitations
-------------------------
Only the professional edition instances can capture network packets.
Constraints
-----------
- Only one packet capture task can be executed at a time.
- A maximum of 20 packet capture tasks can be created every day.
- A maximum of 1 million packets can be captured.
Creating a Packet Capture Task to Check the Network Status
----------------------------------------------------------
#. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation tree on the left, choose **System Management** > **Packet Capture**.
#. Click **Create Capture Task** and configure :ref:`parameters <cfw_01_0179__table20466164010119>`.
.. _cfw_01_0179__table20466164010119:
.. table:: **Table 1** Packet capture task parameters
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Parameter Name | Description | Example Value |
+========================+===================================================================================+=======================+
| Task Name | Task name. | cfw |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Max. Packets Captured | Maximum number of captured packets. Enter an integer in the range 1 to 1,000,000. | 100000 |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Capture Duration (min) | Maximum duration for capturing packets. Enter an integer in the range 1 to 10. | 3 |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| IP Type | IP address type for packet capture. The value is **IPv4** by default. | IPv4 |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Protocol Type | Protocol type of captured packets. It can be: | Any |
| | | |
| | - Any | |
| | - TCP | |
| | - UDP | |
| | - ICMP | |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Source Address | It can be: | 192.168.10.5 |
| | | |
| | - A single IP address, for example, **192.168.10.5** | |
| | - Consecutive IP addresses, for example, **192.168.0.2-192.168.0.10** | |
| | - Address segment, for example, **192.168.2.0/24** | |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Source Port | (Optional) Source port. | 80 |
| | | |
| | The input rules are as follows: | |
| | | |
| | - If this parameter is left blank, it indicates all port numbers (1 to 65535). | |
| | - Enter a single port number in the range 1 to 65535. | |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Destination Address | It can be: | 192.168.10.6 |
| | | |
| | - A single IP address, for example, **192.168.10.5** | |
| | - Consecutive IP addresses, for example, **192.168.0.2-192.168.0.10** | |
| | - Address segment, for example, **192.168.2.0/24** | |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
| Destination Port | (Optional) Destination port. | ``-`` |
| | | |
| | The input rules are as follows: | |
| | | |
| | - If this parameter is left blank, it indicates all port numbers (1 to 65535). | |
| | - Enter a single port number in the range 1 to 65535. | |
+------------------------+-----------------------------------------------------------------------------------+-----------------------+
#. Click **OK**.
Related Operations
------------------
- To copy a task, click **Copy** in its **Operation** column. In the displayed dialog box, enter the task name and click **OK**.
- To stop a packet capture task, click **Stop** in its **Operation** column.
- To delete packet capture tasks, select them and click **Delete** above the list.
- :ref:`Viewing a Packet Capture Task <cfw_01_0180>`
- :ref:`Downloading Packet Capture Results <cfw_01_0181>`
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png

45
umn/source/system_management/network_packet_capture/downloading_packet_capture_results.rst Normal file
View File

@ -0,0 +1,45 @@
:original_name: cfw_01_0181.html
.. _cfw_01_0181:
Downloading Packet Capture Results
==================================
Constraints
-----------
For an abnormal task, its possible packet capture results are as follows:
- The packet capture data is completely lost and cannot be downloaded.
- Some packet capture data is lost. Existing data can be downloaded.
Downloading Packet Capture Results
----------------------------------
#. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation tree on the left, choose **System Management** > **Packet Capture**.
#. In the row of a task, click **Download** in the **Operation** column to view the packet capture result.
.. note::
For an abnormal task, its possible packet capture results are as follows:
- The packet capture data is completely lost and cannot be downloaded.
- Some packet capture data is lost. Existing data can be downloaded.
#. Obtain the packet capture result.
- You can click **Copy all** to share the link with others.
- You can click **Open URL** to open it in a new browser tab. Switch back to this dialog box, click **Copy access code**, paste the copied code to the **Extraction Code** text box on the new tab, and click **Obtain Shared File List**.
- You can click **Copy link**, and paste and open the link it in a new browser tab. Switch back to this dialog box, click **Copy access code**, paste the copied code to the **Extraction Code** text box on the new tab, and click **Obtain Shared File List**.
.. note::
You can switch between Chinese and English in the lower left corner of the browser.
#. Click **Download** or **Download As**.
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png

18
umn/source/system_management/network_packet_capture/index.rst Normal file
View File

@ -0,0 +1,18 @@
:original_name: cfw_01_0178.html
.. _cfw_01_0178:
Network Packet Capture
======================
- :ref:`Creating a Packet Capture Task to Check the Network Status <cfw_01_0179>`
- :ref:`Viewing a Packet Capture Task <cfw_01_0180>`
- :ref:`Downloading Packet Capture Results <cfw_01_0181>`
.. toctree::
:maxdepth: 1
:hidden:
creating_a_packet_capture_task_to_check_the_network_status
viewing_a_packet_capture_task
downloading_packet_capture_results

75
umn/source/system_management/network_packet_capture/viewing_a_packet_capture_task.rst Normal file
View File

@ -0,0 +1,75 @@
:original_name: cfw_01_0180.html
.. _cfw_01_0180:
Viewing a Packet Capture Task
=============================
Viewing a Packet Capture Task
-----------------------------
#. Log in to the management console.
#. In the navigation pane on the left, click |image1| and choose **Security** > **Cloud Firewall**. The **Dashboard** page will be displayed.
#. (Optional) If the current account has only one firewall instance, the firewall details page is displayed. If there are multiple firewall instances, click **View** in the **Operation** column of a firewall to go to its details page.
#. In the navigation tree on the left, choose **System Management** > **Packet Capture**.
#. (Optional) Search for a task by task name or IP address.
- Task name search supports fuzzy match. The input rules are as follows:
- To search by IP address, enter a single complete IP address, for example, 0.0.0.0.
#. Check the packet capture task. For more information, see :ref:`Table 1 <cfw_01_0180__table1190315241617>`
.. _cfw_01_0180__table1190315241617:
.. table:: **Table 1** Packet capture task parameters
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Parameter Name | Description |
+===================================+===========================================================================================================================+
| Task Name | Task name |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Status | Task status. |
| | |
| | - **Running**: The packet capture command has been delivered and the task is in progress. |
| | - **Completed**: The packet capture result has been uploaded and the task is complete. |
| | - **Exception**: Packet capture data upload times out due to network problems, and some packet capture results are lost. |
| | |
| | .. note:: |
| | |
| | To retry a task, you can click **Copy** in its **Operation** column to create and execute it again. |
| | |
| | - **Stopping**: The task is being stopped and the packet capture result is being uploaded. |
| | - **Expired**: The packet capture result has been uploaded and the task has been manually stopped. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Protocol Type | Protocol type specified for packet capture. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| IP Address | IP addresses specified for packet capture, including the source and destination addresses. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Port | Ports specified for packet capture, including the source and destination ports. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Max. Packets Captured | Maximum number of captured packets in the current task. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Packet Capture Time | Start time and end time of a packet capture task. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Capture Duration (min) | Duration of packet capture. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Remaining Retention Period (Days) | Number of days for storing a packet capture task. The default value is 7. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
| Capture Size | Size of captured packets. |
+-----------------------------------+---------------------------------------------------------------------------------------------------------------------------+
Related Operations
------------------
- To copy a task, click **Copy** in its **Operation** column. In the displayed dialog box, enter the task name and click **OK**.
- To stop a packet capture task, click **Stop** in its **Operation** column.
- To delete packet capture tasks, select them and click **Delete** above the list.
- :ref:`Creating a Packet Capture Task to Check the Network Status <cfw_01_0179>`
- :ref:`Downloading Packet Capture Results <cfw_01_0181>`
.. |image1| image:: /_static/images/en-us_image_0000001259322747.png

108
umn/source/viewing_cfw_protection_logs/querying_logs.rst
View File

File diff suppressed because it is too large Load Diff

20
umn/source/viewing_traffic_statistics/viewing_inbound_traffic.rst
View File

@ -28,19 +28,13 @@ Viewing Inbound Traffic
.. table:: **Table 1** Value description .. table:: **Table 1** Value description
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Time Range | Value | Time Range Value
+===================================+=============================================================================+ ============= ====================================
| Last 1 hour | Average value within every minute | Last 1 hour Average value within every minute
+-----------------------------------+-----------------------------------------------------------------------------+ Last 24 hours Average value within every 5 minutes
| Last 24 hours | Average value within every 5 minutes | Last 7 days Average value within every hour
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Last 7 days | Average value within every hour |
+-----------------------------------+-----------------------------------------------------------------------------+
| Custom | - 5 minutes to 6 hours: average value within every minute |
| | - 6 hours (included) to 3 days: average value within every 5 minutes |
| | - 3 (included) to 7 days (included): average value within every 30 minutes |
+-----------------------------------+-----------------------------------------------------------------------------+
- **Visualizations**: Top 5 items ranked by certain parameters regarding inbound traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0230__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed. - **Visualizations**: Top 5 items ranked by certain parameters regarding inbound traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0230__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed.

20
umn/source/viewing_traffic_statistics/viewing_inter-vpc_traffic.rst
View File

@ -28,19 +28,13 @@ Viewing Inter-VPC Traffic
.. table:: **Table 1** Value description .. table:: **Table 1** Value description
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Time Range | Value | Time Range Value
+===================================+=============================================================================+ ============= ====================================
| Last 1 hour | Average value within every minute | Last 1 hour Average value within every minute
+-----------------------------------+-----------------------------------------------------------------------------+ Last 24 hours Average value within every 5 minutes
| Last 24 hours | Average value within every 5 minutes | Last 7 days Average value within every hour
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Last 7 days | Average value within every hour |
+-----------------------------------+-----------------------------------------------------------------------------+
| Custom | - 5 minutes to 6 hours: average value within every minute |
| | - 6 hours (included) to 3 days: average value within every 5 minutes |
| | - 3 (included) to 7 days (included): average value within every 30 minutes |
+-----------------------------------+-----------------------------------------------------------------------------+
- **Visualizations**: Top 5 items ranked by certain parameters regarding inter-VPC traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0232__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed. - **Visualizations**: Top 5 items ranked by certain parameters regarding inter-VPC traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0232__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed.

20
umn/source/viewing_traffic_statistics/viewing_outbound_traffic.rst
View File

@ -28,19 +28,13 @@ Viewing Outbound Traffic
.. table:: **Table 1** Value description .. table:: **Table 1** Value description
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Time Range | Value | Time Range Value
+===================================+=============================================================================+ ============= ====================================
| Last 1 hour | Average value within every minute | Last 1 hour Average value within every minute
+-----------------------------------+-----------------------------------------------------------------------------+ Last 24 hours Average value within every 5 minutes
| Last 24 hours | Average value within every 5 minutes | Last 7 days Average value within every hour
+-----------------------------------+-----------------------------------------------------------------------------+ ============= ====================================
| Last 7 days | Average value within every hour |
+-----------------------------------+-----------------------------------------------------------------------------+
| Custom | - 5 minutes to 6 hours: average value within every minute |
| | - 6 hours (included) to 3 days: average value within every 5 minutes |
| | - 3 (included) to 7 days (included): average value within every 30 minutes |
+-----------------------------------+-----------------------------------------------------------------------------+
- **Visualizations**: Top 5 items ranked by certain parameters regarding outbound traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0231__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed. - **Visualizations**: Top 5 items ranked by certain parameters regarding outbound traffic within a specified time range. For more information, see :ref:`Table 2 <cfw_01_0231__table12362103114169>`. You can click a data record to view the traffic details. A maximum of 50 data records can be viewed.