Skip to main content

FPT Cloud Native Firewall v1.0.0

I. Highlights

FPT Smart Cloud introduces NGFW v1.0 as part of the FPT Security Platform (FSP), a next-generation firewall solution for comprehensive traffic control and protection in cloud environments.

This release delivers centralized firewall management per VPC, flexible Network Access Rule configuration (Inbound, Outbound, East-West), and intuitive monitoring through Dashboard and Logs.

Users can easily set up security policies, monitor traffic in real time, detect anomalies, and control access between internal systems and the Internet.

These features strengthen security, reduce risk, and optimize cloud operations.

II. Released Features

1. Firewall Management

a. Description

Allows users to create, integrate, and manage Cloud Native Firewall for VPCs in the system.

b. Features

  • Create a Firewall and attach it to a VPC by Protected Group
  • Each Protected Group supports only 1 Firewall
  • Integrate a Firewall with a VPC
  • Track VPC status: Not Integrated / Integrated / Protected
  • Quick actions: Create, Integrate, Associate
  • Search and filter the VPC list
  • Sync to refresh status data

c. Capacity

  • Manage multiple VPCs in the same system
  • Each Protected Group manages 1 Firewall independently
  • Scales with the number of VPCs

d. Performance

  • Fast create/integrate operations
  • Status updates in real time or near real time
  • Optimized rendering for large lists

2. Subnet Protection (Associate/Dissociate)

a. Description

Lets users associate or dissociate a subnet with a Firewall to control traffic.

b. Features

  • Associate a subnet to enable protection
  • Dissociate a subnet to stop protection
  • Display subnet status: Protected / Not Protected
  • Show Floating IP and CIDR
  • Filter and search subnets
  • Sync subnet status

c. Capacity

  • Supports many subnets per VPC
  • Per-subnet status management

d. Performance

  • Progress states: In Progress / Success / Failed
  • Fast processing per subnet action

3. Network Access Rule Management

a. Description

Lets users create, edit, delete, and apply rules to control traffic through the firewall.

b. Features

  • Create rules with:
    • Source / Destination (IP/CIDR)
    • Port / Protocol
    • Direction: Inbound / Outbound / East-West
    • Action: Allow / Deny
  • NAT support:
    • SNAT (Outbound)
    • DNAT (Inbound)
  • Order rules by Priority
  • Search and filter rules by multiple criteria
  • Rule status: Applied / Not Applied / Applying
  • Actions: Add / Edit / Delete Rule
  • Apply Policy to activate rules

c. Capacity

  • Up to 100 rules per firewall policy
  • Supports multiple protocols and port formats
  • Supports rules for multiple traffic directions

d. Performance

  • Fast policy apply
  • Real-time rule list rendering
  • Optimized rule validation before submit

4. Dashboard

a. Description

Provides an overview of traffic and firewall operating status.

b. Features

  • Top Traffic Sources (highest-traffic sources)
  • Top Traffic Destinations (most-accessed destinations)
  • Total Packets over time (Allow/Deny)
  • Top Hit Rules (most-used rules)
  • Network Throughput (Inbound / Outbound / Internal)
  • Active Connections
  • CPU & Memory usage
  • Filter by Firewall and Time Range

c. Capacity

  • Aggregates data from multiple traffic sources
  • Supports multiple firewalls

d. Performance

  • Fast dashboard load
  • Near real-time data updates
  • Optimized chart rendering
Last updated on by Dang Tran