Web Application Firewall (WAF)

Available in 25 Regions

Huawei Cloud WAF is available in 25 regions around the world. No matter where your business operates, in China, Asia Pacific, Latin America, Africa, or Europe, Huawei Cloud WAF keeps your businesses safe.

Protection for Tens of Millions of QPS

WAF checks up to tens of millions of QPS and can protect traffic equal to over 10 times of your normal peak traffic volume.

99.95% of SLA

WAF offers uninterrupted protection as it uses an architecture that enables intra-AZ, cross-AZ, and cross-region disaster recovery deployment.

Available Specifications/Editions

Available Specifications/Editions

Edition

Standard

Professional

Platinum

Number of domains

10 (Supports one top-level domain name.)

50 (Supports five top-level domain names.)

80 (Supports eight top-level domain names.)

Peak rate of normal service requests

2,000 QPS

WAF-to-Server connections: 6,000 per domain name

5,000 QPS

WAF-to-Server connections: 6,000 per domain name

10,000 QPS

WAF-to-Server connections: 6,000 per domain name

Protection against common web attacks, such as SQL injections, XSS, and command/code injections
Updating protection rules against zero-day vulnerabilities to the latest on the cloud
Protection for ports except 80 and 443
CC attack prevention
Web page tampering protection
Gelocation access control
Website anti-crawler protection
IPv6 protection
Customization of standard ports other than ports 80 and 443
Price
$615 USD /Month
$1,560 USD /Month
$4,730 USD /Month

Standard

Number of domains

10 (Supports one top-level domain name.)

Peak rate of normal service requests

2,000 QPS

WAF-to-Server connections: 6,000 per domain name

Protection against common web attacks, such as SQL injections, XSS, and command/code injections
Updating protection rules against zero-day vulnerabilities to the latest on the cloud
Protection for ports except 80 and 443
CC attack prevention
Web page tampering protection
Gelocation access control
Website anti-crawler protection
IPv6 protection
Customization of standard ports other than ports 80 and 443
$615 USD /Month

Professional

Number of domains

50 (Supports five top-level domain names.)

Peak rate of normal service requests

5,000 QPS

WAF-to-Server connections: 6,000 per domain name

Protection against common web attacks, such as SQL injections, XSS, and command/code injections
Updating protection rules against zero-day vulnerabilities to the latest on the cloud
Protection for ports except 80 and 443
CC attack prevention
Web page tampering protection
Gelocation access control
Website anti-crawler protection
IPv6 protection
Customization of standard ports other than ports 80 and 443
$1,560 USD /Month

Platinum

Number of domains

80 (Supports eight top-level domain names.)

Peak rate of normal service requests

10,000 QPS

WAF-to-Server connections: 6,000 per domain name

Protection against common web attacks, such as SQL injections, XSS, and command/code injections
Updating protection rules against zero-day vulnerabilities to the latest on the cloud
Protection for ports except 80 and 443
CC attack prevention
Web page tampering protection
Gelocation access control
Website anti-crawler protection
IPv6 protection
Customization of standard ports other than ports 80 and 443
$4,730 USD /Month

Why Huawei Cloud WAF?

Precise and efficient threat detection in all common security and O&M scenarios

Precise and efficient threat detection in all common security and O&M scenarios

  • WAF uses rule and AI dual engines and integrates our latest security rules and best security practices.

  • WAF can detect OWASP top 10 threats, decode 10+ types of code, and it uses a Huawei-patented technique that prevents threats from bypassing security controls, improving the detection rate by 40%.

  • WAF enables precise protection with customizable enterprise-grade protection policies, including custom alarm pages, composite rules for CC attack prevention, and IP address blacklists.

Privacy data protection and storage of all logs

Privacy data protection and storage of all logs

  • You can anonymize your sensitive data, such as accounts and passwords, in attack logs.

  • You can also configure the minimum TLS version and cipher suite to make your services compliant with PCI-DSS certification.

  • You can authorize WAF to use Log Tank Service (LTS) to store as many logs as you need, including access, attack, and request logs.

Compliance assistance

Compliance assistance

  • WAF makes it easier for you to meet compliance requirements such as PCI DSS certification.

  • WAF provides protection for IPv6 traffic to help meet the compliance requirements of governments and enterprises.

0-day vulnerabilities patched fast

0-day vulnerabilities patched fast

  • A 24/7 professional security operation team is equipped, making it possible to fix emergency 0-day vulnerabilities within as little as 2 hours.

  • WAF uses virtual patches on the cloud so that 0-day vulnerabilities can be fixed in a timely manner and without any manual intervention.

  • WAF responds to and contains risks quickly with presets protection rules so that your web services will get protected all the time even before the third-party vendors fix vulnerabilities.

Three Typical Deployments for Web Service Security and Stability

Basic Web Protection
Basic Web Protection

Backed by an extensive preset reputation database, WAF defends against the Open Web Application Security Project (OWASP) top 10 threats, vulnerability exploits, web shells, and other threats.

Comprehensive Protection

WAF detects and blocks attacks, including SQL injection, XSS, file inclusion, directory traversal, sensitive file access, command/code injection, web shells, and third-party vulnerability exploits.

Zero-day Vulnerabilities Patched Fast

WAF uses virtual patches to block 0-day vulnerability exploits within as little as 2 hours, keeping your cloud services stable.

Related Services
CC Attack Protection
CC Attack Protection

WAF protects your web services from malicious Challenge Collapsar (CC) attacks, ensuring business and service continuity.

Rate Limit With Flexible Conditions

You can create custom CC attack protection rules by IP address, cookie, and referer to limit access to specific URLs on your website. WAF will precisely identify and mitigate CC attacks based on rules you create.

Diverse Customization

You can configure custom pages and response content for blocked requests to meet your different needs.

Related Services
Zero-day Vulnerability Protection
Zero-day Vulnerability Protection

If a 0-day vulnerability is disclosed in a third-party framework or plug-in, WAF can issue a virtual patch in time to prevent possible vulnerability exploits.

Swift Response

WAF delivers virtual patches and updates protection rules in a timely manner without having to wait for vendors to release patches.

Lower Costs

The virtual patches produce lower costs and less impact on services than the traditional patches.

Related Services

Get Started with


Free Huawei Cloud Services
Try Free

More Services

More Services