Virtual Private Cloud

Virtual Private Cloud (VPC) helps you build a fully and logically isolated network over which you have complete control in Kingsoft Cloud. You can deploy various Kingsoft Cloud services in your customized virtual network. You can also use Direct Connect or VPN to connect your VPC to your existing data center. This allows you to build a hybrid cloud.
Product Updates
Quick Start


Software-defined Network

You can customize the network configurations, divide the network, allocate IP addresses, configure routing policies, and deploy cloud resources to meet your needs in various scenarios. The software-defined network saves equipment and O&M costs.

Secure Isolation

The VPCs that are isolated based on VXLAN can prevent multiple tenants from interfering with each other. You can configure network ACLs for subnets and security groups for servers to control access to a VPC. The configuration can be refined all the way to protocols and ports. VPCs can satisfy your network security requirements in an all-around manner.

High-performance Internet Access

NAT, EIP, and SLB help you break network performance bottlenecks with ease. NAT supports a maximum bandwidth of 15 Gbit/s for a single IP address and multi-node hot standby.


You can use Peering to connect cloud resources in multiple regions and easily implement a geo-disaster recovery solution where three data centers are deployed across two regions. In addition, cross-account peering connections allow you to exchange data with your partners on Kingsoft Cloud. This allows you to quickly build an open cloud ecosystem.

Easy Deployment of a Hybrid Cloud

You can build a hybrid cloud by using stable and reliable IPsec VPN and Direct Connect to connect your VPC to your on-premises data center. You can scale cloud resources such as KEC instances based on your business volume. You can also directly connect physical servers to your VPC. This way, the IT O&M cost is reduced and security of mission-critical data is ensured.


Custom Network Configuration

You can flexibly divide the private IP addresses in a VPC into one or more virtual subnets and configure routing policies based on your needs.


You can bind highly available EIPs to resources such as KEC, EPC, and SLB instances as needed.


You can use the ultra-stable public NAT gateway service.


SLB improves service capabilities and security. It eliminates single points of failure (SPOFs). It also provides free DDoS attack defense, which can dynamically start without delay.

Direct Connect or VPN

You can use various connection methods, such as Direct Connect and VPN, to build a flexible hybrid cloud.


Peering enables highly available communication among VPCs by using Kingsoft Cloud internal network bandwidth.

Security Group or ACL

You can configure security domains with controllable access rules to improve security.

Product Updates


VPC Released

VPC is released and supports network, ACL, security group, and routing policy customization.
New Features

Default VPC

Default VPC is supported.
New Features

Host Routing

Routing is supported for hosts.
New Features

Multiple NICs

Multiple NICs are supported.
New Features

Security Group for EPC

You can configure security groups for EPC instances.
New Features

Multiple Availability Zones

Multiple availability zones are supported.
New Features

IPv6 VPC Released

Dual-stack VPCs that support both IPv4 and IPv6 addresses are released.
New Features


Web Application Scenario

Hybrid Cloud Scenario

Classic Web Application Scenario

Deploy a multi-layer web application in a VPC.


Fast business deployment in the cloud, security and controllability, and multi-layer business

Deployment method

Plan the network at three layers. Implement access control by using security groups and ACLs. Use SLB and NAT to provide unified access and hide the internal services.


Network planning can be completed within several minutes. VPC enables business isolation and provides high service scalability.

Classic Hybrid Cloud Scenario

Deploy multiple data centers on the cloud and connect them to on-premises data centers to build a hybrid cloud.


The business traffic of a large e-commerce platform varies heavily with time. When a large promotion such as Double 11 and 618 Shopping Festival starts, the traffic volume can suddenly increase by 10 times, but only remains elevated for a few of hours. A traditional solution would have required the enterprise to purchase a large number of servers in advance to deal with such sudden demands.

Deployment method

Keep internal core systems and mission-critical data in the on-premises data center. Deploy applications on the cloud to handle traffic surges in real time.


The security of the original core systems is ensured, and millions of costs can be saved every year for the customer.