DigitalOcean Cloud Firewalls are available at no additional cost.
Firewalls are available in every region. A Firewall’s rules can include servers from any combination of regions.
While you can apply Firewall rules to individual Droplets, a more powerful option is to use tags. Tags are custom labels that you can apply to Droplets. By using a tag for your Firewall, you automatically include any Droplets with that tag in your Firewall configuration.
You can have a maximum of 10 Droplets per Firewall and 5 Tags per Firewall. You can have an unlimited number of Firewalls per Droplet.
Each Firewall can have up to 50 total incoming and outgoing rules.
The Cloud Firewall applies rules to both public and private network and cannot be applied to only one or the other.
The Cloud Firewall supports ICMP, TCP, and UDP protocols only.