Skip to main content
The Distributed Cloud Firewall (DCF) is a comprehensive security solution that provides granular network security controls across your multi-cloud environment. It enables you to define and enforce security policies at the network level, ensuring consistent protection across all your cloud deployments.

Key Features

Centralized Policy Management

DCF provides a single pane of glass for managing security policies across multiple cloud providers. You can create, modify, and enforce policies from the Aviatrix Controller, eliminating the need to configure security rules in each cloud provider’s native console.

Microsegmentation

With DCF, you can implement microsegmentation to control traffic between workloads at a granular level. This allows you to:
  • Define policies based on application requirements
  • Isolate workloads within the same VPC/VNet
  • Implement zero-trust security models

SmartGroups

SmartGroups enable dynamic grouping of resources based on tags, attributes, or other metadata. This simplifies policy management by allowing you to:
  • Automatically include new resources that match group criteria
  • Apply consistent policies across similar workloads
  • Reduce manual policy updates when infrastructure changes

WebGroups

WebGroups allow you to define groups of web applications and URLs for use in security policies. This enables:
  • URL-based filtering and access control
  • Application-aware security policies
  • Simplified management of web application access

ThreatGroups

ThreatGroups provide protection against known malicious IP addresses and domains by:
  • Leveraging threat intelligence feeds
  • Automatically blocking traffic to/from known bad actors
  • Providing real-time protection against emerging threats

Architecture

The Distributed Cloud Firewall operates at the Aviatrix Gateway level, providing:
  • Inline inspection: Traffic is inspected as it passes through gateways
  • Distributed enforcement: Policies are enforced at each gateway location
  • Centralized management: All policies are managed from the Controller

Benefits

BenefitDescription
Simplified OperationsManage security policies across all clouds from a single interface
Consistent SecurityApply uniform security policies regardless of cloud provider
Reduced ComplexityEliminate the need to learn multiple cloud-native security tools
Improved VisibilityGain comprehensive visibility into network traffic and security events
ScalabilityAutomatically scale security with your infrastructure

Getting Started

To begin using the Distributed Cloud Firewall:
  1. Ensure your Aviatrix Controller is properly configured
  2. Define your SmartGroups to organize resources
  3. Create security policies based on your requirements
  4. Monitor and refine policies using traffic analysis