DO Network Firewall vs UFW
I have two droplets, one a DB server and one an application server. The DB server has a host-based UFW ruleset allowing access only to from a certain IP, specifically so that only the application server can communicate with it.
My question is, in a scenario like this, is DO’s Cloud Firewall preferable? My understanding is that this firewall is network-based, and would filter the traffic before it touches the host, potentially saving the host some resources.
Is this a correct assumption? And if so, would configuring the cloud firewall in this way eliminate the need for the UFW configuration?