OpenStack FWaaS (Firewall-as-a-Service) provides security and traffic control in cloud networks. Its features include:
Rules in OpenStack FWaaS (firewall-as-a-service) are configured in the Horizon dashboard.
To learn how to log in and work with the Horizon dashboard, read the article
КHow to create a virtual server in the Horizon Openstack control panel
A window with three tabs will open:
In our case, we will block access to port 80.
Fill in the form:
Firewall groups in OpenStack FWaaS provide convenient and flexible management of firewall rules for different network objects, simplifying their configuration, management and updates.
To create a firewall group, go to the Groups tab.
Enter the group name and then click the "Add" button
Policies in OpenStack FWaaS provide centralised management of firewall rule sets, simplify the grouping and application of rules to network objects, and provide flexibility, scalability and ease of network security management in the cloud infrastructure.
They specify sets of rules for managing network traffic. These rules determine what traffic is allowed and denied, and what actions should be taken on network packets according to security requirements.
To create policies, go to the Policy tab.
4.1 Enter the policy name and a brief description, then click the "ADD" button:
4.2 The Policy tab opens for selecting rules for the policy. Select the required rule.
In the drop-down list of the group row, select Add Port Add Port
In the opened window select the required port - R1 (router)
Go to the "Policy" tab, select the desired policy. Then click the down arrow and choose "Insert Rule" from the dropdown list.
In the window that opens, specify the order in which the rules are to be applied.
Click “Save changes”