Private Network Security Policy

September 10, 2013 5.1k views
dhjr
By:
dhjr
I'm very excited about the new private networking option. I have a couple questions: * How is the private traffic protected from sniffing by droplets not run by me? * Is it OK if I use nmap over the private network to analyze my own droplets? Thanks for the hard work launching private networking!
Log In to Comment
6 Answers
kamaln7 MOD September 10, 2013
* Is it OK if I use nmap over the private network to analyze my own droplets?
It's allowed as long as it is not against the ToS. However if you cause any system issues your droplets will be throttled.
Reply
kamaln7 MOD September 11, 2013
* How is the private traffic protected from sniffing by droplets not run by me?
We filter traffic to prevent networks from leaking to a different droplet's interface. However, we recommend that the users protect both public and private interfaces with iptables filters and use encryption where the data stored or transferred is sensitive.
Reply
gilkudik September 27, 2013
How can I enable Private Network option in a deployed CentOS 6 x64 droplet?
Reply
kamaln7 MOD September 27, 2013
@gilkudik: See https://www.digitalocean.com/community/articles/how-to-enable-digitalocean-private-networking-on-existing-droplets
How To Enable DigitalOcean Private Networking on Existing Droplets
DigitalOcean offers shared private networking for Droplets in all data centers at no additional charge. When private networking is enabled as part of creating a Droplet, it is automatically configured. If it's not set up when the Droplet is created, it can be enabled manually. In this article, we'll explain how to enable and manually configure private networking for Droplets that were created without private networking.
Reply
neil.johnson March 25, 2014
Can I use different IP addresses on the private network interfaces of my droplets ?
Reply
kamaln7 MOD April 4, 2014
@Neil: You can only use the IP address that is assigned to your droplet.
Reply
Have another answer? Share your knowledge.