What is bandwidth? How can I select appropriate bandwidth configuration?
CFW bandwidth is independent from bandwidth of other network products. Therefore, you need to purchase CFW bandwidth separately.
NAT and CFW are independent from but connected with each other. Therefore, you need to ensure that the CFW bandwidth purchased is the same as or higher than that of NAT, so that both systems meet users' needs for bandwidth or throughput.
What is peak bandwidth? Does it refer to uplink or downlink bandwidth?
Peak bandwidth refers to the maximum bandwidth in both uplink and downlink directions. For example, if you purchase bandwidth of 100 Mbps, CFW can process traffic of 100 Mbps in both uplink and downlink directions at the same time.
Will my business be affected if the business bandwidth exceeds the Edge Firewall bandwidth limit?
The business will not be affected if the business bandwidth exceeds the Edge Firewall bandwidth limit. Packet loss or traffic rate decrease will not occur, but the protection feature will be unavailable.
Starting from September 25, 2024, the following measures will be taken when the business bandwidth exceeds 100% of the Edge Firewall bandwidth limit:
Some Edge Firewalls will be disabled, and part of the traffic will be forwarded in bypass mode to protect only traffic within the bandwidth specifications.
Weights can be set to determine the priority for automatically disabling firewalls.
Note:
You can enable Edge Firewall manually after they are disabled automatically. If the business bandwidth exceeds the Edge Firewall bandwidth limit after you enabling the firewalls, the above measures are taken.
For example:
The Edge Firewall bandwidth limit is 400 Mbps, including 200 Mbps for the Guangzhou region with 4 Edge Firewalls enabled. When the business bandwidth of the Guangzhou region reaches 310 Mbps, 2 Edge Firewalls are disabled , and the firewall bandwidth limit for the Guangzhou region is still 200 Mbps.
After the cooldown period, if the business bandwidth is lower than the Edge Firewall bandwidth limit, disabled firewalls will be enabled automatically.
|
3 times or less | 2 hours |
4 times to 7 times | 1 day |
8 times or more | 3 days |
For example:
The Edge Firewall bandwidth limit is 600 Mbps, and 5 Edge Firewalls are enabled. When the business bandwidth reaches 610 Mbps, 1 Edge Firewall is disabled while the other 4 firewalls remain enabled. The Edge Firewall bandwidth limit is still 600 Mbps. Over the past month, the business bandwidth has exceeded the limit more than 10 times. After the 3 days of cooldown period ends, all 5 Edge Firewalls are enabled.
Pay attention to bandwidth alarms and disable some Edge Firewalls or increase the bandwidth limit to ensure business security.
Does it affect my business when the peak bandwidth is exceeded?
The Edge Firewall is deployed in a bypass mode, so exceeding the peak bandwidth will not cause a packet loss or affect the traffic speed of your service; NAT Firewall is deployed in a serial mode, so exceeding the peak bandwidth will cause a packet loss. If the public network traffic is higher than the purchased CFW bandwidth, CFW does not promise to protect the traffic beyond peak bandwidth. Such traffic will be directly allowed to pass.
Please keep your eye on CFW bandwidth alerts. In case of high bandwidth, disable the firewall toggle for some networks or expand the bandwidth to ensure normal service running.
Will the CFW Edge Firewall bandwidth limit the traffic?
No. CFW does not limit the traffic.
How is inbound/outbound bandwidth calculated? Will rule matching of inbound traffic be affected when the outbound bandwidth exceeds the purchased configuration?
Inbound bandwidth and outbound bandwidth are calculated respectively.
CFW does not promise to protect the traffic beyond the purchased bandwidth configuration. If only the outbound traffic exceeds the upper limit, rule matching of inbound traffic will not be affected.
Is the bandwidth of Edge Firewall and NAT Firewall calculated respectively?
Yes. The bandwidth for them is calculated respectively.
Note
The bandwidth of NAT Firewall is the same as that of Edge Firewall. You can expand the bandwidth of NAT Firewall by expanding that of Edge Firewall.
Can I scale up or down the CFW bandwidth?
Bandwidth can only be scaled up.
Does the CFW bandwidth limit depends on the bandwidth of accessed CVM?
No. The CFW bandwidth limit is configured based on actually used bandwidth to ensure that traffic bandwidth consumed at a time does not exceed the bandwidth configuration of CFW.