Protect your cloud infrastructure from cyberattacks, define what services are visible on your Droplets, and easily block traffic with Cloud Firewalls, available at no additional cost.
Create rules to permit certain types of traffic to your Droplet and block everything else with simple and effective Firewalls.
Cloud Firewalls are designed to grow with you. Once you define your filtering rules, you can easily apply them to new and existing Droplets.
For groups of Droplets, simply tag them and the appropriate rules are immediately applied.
See all Cloud Firewall rules in one centralized view. Add, edit, and remove rules in a single place and update your whole infrastructure.
DigitalOcean Cloud Firewalls are built to be secure by default to protect you from malicious traffic. Get granular control by controlling which ports are open and which devices can access them. Whitelist by IP address range, tags, Droplets, or Load Balancers. Everything else is blocked by your Cloud Firewall.
Cloud Firewalls are simple to set up and maintain. Set up a Cloud Firewall in the dashboard, CLI, or API, and enable protection without installing or maintaining any software.
Find out more about Cloud Firewalls and protecting against cyber attacks with the help of these step-by-step tutorials.
General information about cloud firewalls:
DigitalOcean Cloud Firewalls are a product from DigitalOcean that act as a barrier between incoming traffic and DigitalOcean Droplets. In general, cloud-based firewalls are a security feature deployed on cloud infrastructure that act as a barrier between web applications and data and external traffic. Firewalls are designed to protect your application from suspicious traffic and cyber attacks by acting as a virtual barrier and enabling users to set up filtering rules, such as defining which IP addresses are allowed to access your application. A cloud firewall gives security teams granular control over what traffic accesses their application, and allows them to monitor network traffic. Firewalls are an important part of an organization’s overall security policies, and can prevent attacks such as distributed denial of service (DDoS) attacks and other cyber attacks.
Unlike traditional firewalls that are deployed on-premise within a data center, cloud-based firewalls are hosted within the cloud, making them more flexible and scalable than traditional firewalls for those who leverage cloud computing solutions. Those utilizing cloud infrastructure services will require cloud-based firewalls, while those using on-premise hardware would use a traditional firewall.
A cloud firewall is generally easier to manage and maintain than a traditional firewall, as a cloud firewall is managed through a central console that can be accessed from anywhere rather than through on-premise systems. Next generation firewalls are another, newer type of firewall-as-a-service which provide even more advanced security features, such as an intrusion prevention system and deep packet inspection to detect malware.
Firewalls provide organizations utilizing cloud infrastructure to host their applications and databases with enhanced security that can help protect them from attack. Cloud firewalls block hacks and suspicious traffic before it has a chance to access sensitive data, take systems offline, or cause other disruption to your application. Cloud firewalls are the main firewall option for those using cloud infrastructure—they are built to be integrated with your existing cloud infrastructure and can scale easily to handle an increase in web traffic.
A cloud firewall should be simple to set up and deploy, and enable the user to set up a range of firewall rules to block or allow traffic. A cloud firewall should also provide the user with visibility into the traffic accessing their application, and detect and block potentially malicious traffic from bots and other bad actors.
DigitalOcean’s Cloud Firewalls are provided at no additional cost to DigitalOcean users, and can be created through our CLI, API, or in the cloud control panel. In the cloud control panel, simply open the create menu in the upper right and choose Cloud Firewalls, and then create rules to define what traffic to allow to access your application. Cloud Firewalls are easy to manage and maintain, saving security teams valuable time.
A cloud firewall is just one example of a security-as-a-service that helps organizations reduce their attack surface and set up a secure network perimeter. Other security services include access management and access control systems, using SSH keys, load balancers, DDoS attack prevention solutions, and more advanced threat mitigation solutions. It’s also best practice to back up your data regularly using a cloud backup solution.