Professional: provides Alibaba Cloud-developed rules, AI-based deep learning, and proactive protection rules, and allows you to create custom rules.
Stable: enables multi-line and multi-node disaster recovery and intelligent routing, protects services that have millions of QPS, and enables millisecond-level responses.
Timely: automatically detects and defends against the latest web vulnerabilities, including zero-day vulnerabilities first exposed by Alibaba Cloud, within hours.
Comprehensive: delivers end-to-end protection against vulnerabilities, web attacks, and bot traffic, ensures data and account security, and meets the requirements of security O&M.
Compliant: complies with the requirements of classified protection and PCI DSS, and boosts security compliance construction for enterprises.
Exclusive threat intelligence: provides exclusive network-wide threat intelligence, which is accumulated and updated from the real service scenarios of Alibaba Cloud.
Recognized by international authorities: WAF is recognized by Gartner, Forrester, IDC, and Frost & Sullivan.
Recognized by the market: A report of Frost & Sullivan shows that Alibaba Cloud WAF ranks first in the cloud WAF market in Greater China.
Extensive experience: WAF protects core services of Alibaba Cloud and accumulates a large amount of attack and defense experience from Tmall and Taobao Double 11 events over the years.
Multi-scenario deployment: You can deploy WAF in the cloud or deploy protection clusters in your data centers to meet the requirements of different scenarios, such as public clouds, hybrid clouds, and data centers. Both Alibaba Cloud and third-party clouds are supported. WAF delivers the same protection capabilities for services in the cloud and in data centers.
Flexible access: You can connect Alibaba Cloud SLB, CDN, and ECS to WAF with a few clicks, and quickly configure the DNS records for your services that are deployed in data centers.