Network Threat Protection
VPC Firewall Rules
Ingress/egress firewall controls for workload-level network security protection.
Google Cloud
Service information
VPC Firewall RulesShortname: Firewall Rules
Huawei equivalent shortnames: CFW, DDoS
Keywords: firewall, network security, threat
Differences vs Huawei
- Rule target model and distributed enforcement differ.
Migration to Huawei
- Map detection/prevention policy scope, enforcement points, and response workflows. For Google Cloud VPC Firewall Rules, the direct Huawei equivalence layer is CFW + DDoS; validate feature-by-feature parity for control plane, data plane, and operational behavior before cutover.
- Use a composed Huawei migration pattern where needed: CFW + DDoS + SecMaster. Treat CFW + DDoS as the core equivalent capability and use the additional services to cover integration, security, observability, and governance gaps.
- Pricing model difference: Google Cloud usually bills policy/protected-resource tiers plus request/event/scan volume; Huawei usually bills WAF/CFW/DEW/DBSS/DSC billing by edition, protected assets, requests/events, or scans. Recalculate TCO with peak load, request volume, retention period, and cross-region/interconnect traffic before production migration.
Huawei Cloud
Huawei equivalent service
Cloud FirewallShortname: CFW
General function: Network Threat Protection
Managed cloud firewall protection service.
Keywords: firewall, network security, threat
Huawei equivalent service
DDoS MitigationShortname: DDoS
General function: Network Threat Protection
Distributed denial-of-service protection service.
Keywords: ddos, attack mitigation, protection