By ramitmittalk
What are the pros and cons of using the Digital Ocean cloud firewall over something like UFW ? Should both be used at the same time or will that be redundant ?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
UFW is a host-based tool, while DO’s Cloud Firewall is a network-based one… Using DO’s tool will not only provide reusability of rules (deploy inbound / outbound rules to many droplets - or even tags - at once) but also processes them before even getting to the droplet. Don’t get me wrong, UFW is an amazing, full-feature and extremely efficient tool, however when it comes to deploying shared common rules to lots of servers, it’s a bit time-consuming and repetitive task.
IMHO using them both at the same time would be redundant (assuming you have same rules on both firewalls). I would just go with the Cloud Firewall… Hope I could help!!!
If I use DO cloud firewall, does that also mean I can stop using fail2ban?
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.