Network Threat Protection
AWS Network Firewall
Managed network firewall for VPC traffic inspection and threat prevention.
AWS
Service information
AWS Network FirewallShortname: Network Firewall
Huawei equivalent shortnames: CFW, DDoS
Keywords: firewall, network security, threat, ddos
Differences vs Huawei
- Rule group model and stateful inspection semantics differ.
Migration to Huawei
- Map detection/prevention policy scope, enforcement points, and response workflows. For AWS AWS Network Firewall, the direct Huawei equivalence layer is CFW + DDoS; validate feature-by-feature parity for control plane, data plane, and operational behavior before cutover.
- Use a composed Huawei migration pattern where needed: CFW + DDoS + SecMaster. Treat CFW + DDoS as the core equivalent capability and use the additional services to cover integration, security, observability, and governance gaps.
- Pricing model difference: AWS usually bills protected resources, rule/policy count, request/event volume, or scan volume; Huawei usually bills WAF/CFW/DEW/DBSS/DSC billing by edition, protected assets, requests/events, or scans. Recalculate TCO with peak load, request volume, retention period, and cross-region/interconnect traffic before production migration.
Huawei Cloud
Huawei equivalent service
Cloud FirewallShortname: CFW
General function: Network Threat Protection
Managed cloud firewall protection service.
Keywords: firewall, network security, threat
Huawei equivalent service
DDoS MitigationShortname: DDoS
General function: Network Threat Protection
Distributed denial-of-service protection service.
Keywords: ddos, attack mitigation, protection