Dec 12, 2014

Do I need a firewall to protect my cloud’s servers?

Best answer
12/15/2014
The protective network infrastructure technologies that is plentiful and commonplace in the physical world become few and far between when it comes to the world of VMs. And while few attacks have been observed in the wild that specifically target VMs, this doesn't mean you shouldn't protect them.

When your Windows Server or SQL database is running in a virtual machine or in some third-party cloud environment, you still need to protect it from viruses and other attacks and be able to provide the same level of access controls that you have for your physical servers.

There are several different kinds of protective technologies that are available that can be used like a traditional physical firewall to block traffic and set up security policies. For example, many virtual machine infrastructures don’t have any way to prevent users from stopping or restarting VMs, which could be disastrous. These tools can add a layer of access rules so that only certain users have this ability while others can just access the VM. You can read my review of several of these technologies here:
http://www.networkworld.com/article/2174926/virtualization/virtual-machine--vm--security-still-a-work-in-progress.html?nsdr=true

12/19/2014
You need a firewall to protect your servers of course. If you are running Linux servers you can use iptables. Here is a nice guide about how to manage your firewall in Linux
https://www.rosehosting.com/blog/securing-your-ubuntudebian-based-vps-using-iptablesnetfilter-firewall/
The security of your servers is only your responsibility so take care of that.
Best answer
12/15/2014
The protective network infrastructure technologies that is plentiful and commonplace in the physical world become few and far between when it comes to the world of VMs. And while few attacks have been observed in the wild that specifically target VMs, this doesn't mean you shouldn't protect them.

When your Windows Server or SQL database is running in a virtual machine or in some third-party cloud environment, you still need to protect it from viruses and other attacks and be able to provide the same level of access controls that you have for your physical servers.

There are several different kinds of protective technologies that are available that can be used like a traditional physical firewall to block traffic and set up security policies. For example, many virtual machine infrastructures don’t have any way to prevent users from stopping or restarting VMs, which could be disastrous. These tools can add a layer of access rules so that only certain users have this ability while others can just access the VM. You can read my review of several of these technologies here:
http://www.networkworld.com/article/2174926/virtualization/virtual-machine--vm--security-still-a-work-in-progress.html?nsdr=true

12/13/2014
If you're using Linux, IPTables running locally will probably suffice. If you're running Windows, I'd definitely recommend having a firewall in front of your server.

Of course, all a firewall can do is enforce a particular security policy, namely block access to certain services from the outside world. It will not protect you if there are security problems with the services that need to be accessible, so keeping the server well maintained and updated is still essential.
Answer this