Firewall Overview

Last Updated on 2019-12-02

Features

LayerStack’s network-based and stateful firewall adds flexibility to firewall management across all of your cloud servers. Our firewall allows you to configure specific rules as a packet filter to screen both inbound and outbound traffic. You can use pre-defined rule sets to create firewall templates so you can manage your cloud servers in bulk and apply firewall rules as soon as you create a new cloud server.

Network Traffic Filter Rules

LayerStack's firewall drops all packets by default. You can use a Firewall Template to modify the rule sets and allow specific traffic to go into and out of your cloud servers through different ports within the ICMP, TCP and UDP protocols. You can allow traffic from specific sources or destination IP addresses.

Protocols and Ports

You can narrow the scope of a firewall rule by specifying protocols and/or ports. The specifications are as below:

Specification Example Explanation
No protocol and port ALL ALL means no protocol is specified. The firewall rule applies to all protocols and their applicable ports.
Protocol TCP: ALL If you specify a protocol without any port information, the firewall rule applies to that protocol and all of its applicable ports.
Protocol and single port TCP: 443 If you specify a protocol and a single port, the firewall rule only applies to that specific port of the protocol.
Protocol and port range TCP: 20-22 If you specify a protocol and a port range, the firewall rule only applies to the specified range of ports for the protocol.

Source and Destination IP Address

You can target specific IP addresses or a range of IP addresses for inbound (ingress) and outbound (egress) rules.

Source IP Address: The source IP is only applicable to inbound (ingress) rules. You can specify an IP address or a range of IP addresses as sources for packets.

Destination IP Address: The destination IP is only applicable to outbound (egress) rules. Once set up, only traffic from the IP address or a range of IP addresses you specified is allowed to pass through.

Regional Availability

Firewall is available in all regions.

Role Permissions

Role Permissions
Owner Create Firewall Templates, Edit Firewall Rules, Clone Firewall Templates, Destroy Firewall Templates, Assign Cloud Servers to Firewall Templates, Remove Cloud Servers from Firewall Templates
Member View Firewall Rules
Billing Member View Firewall Rules
Billing Admin Not Available

Limits

  • Firewall supports only ICMP, TCP, and UDP.

Quick Start Guide


Create a Firewall Template & Add Firewall Rules

  1. Log in to LayerPanel . Go to the Services section and click Firewalls button.

  2. Click + Create Firewall.

  3. Enter your firewall name. Then click + Add New Inbound Rules and + Add New Outbound Rules to apply the inbound and outbound rules.

  4. Select your cloud server from the server list and assign it to this firewall. You can select multiple servers as needed.

  5. Click Save.

Other Related Tutorials

LayerPanel 2 Setting

Server Operating System Setting

Troubleshooting / Testing