A practical guide to the four major Linux firewall technologies - iptables, nftables, firewalld, and ufw. Covers real-world cloud server hardening with concrete examples, from locking down SSH to b...
Sure, but what if youve configured your waf or w/e incorrectly, what if someone gains access to another part of your network? Having sane firewall settings is always better than none at all.
All the cloud services I’ve used had virtual network firewalls for internal traffic. Security Groups for AWS, Cloud Firewall for GCP, etc. That’s typically how lateral traffic gets managed. Defense in depth is good, but as I said I haven’t used host firewalls in forever, and we get audited for security certificates every year, and no auditor has asked about them that I recall.
Sure, but what if youve configured your waf or w/e incorrectly, what if someone gains access to another part of your network? Having sane firewall settings is always better than none at all.
All the cloud services I’ve used had virtual network firewalls for internal traffic. Security Groups for AWS, Cloud Firewall for GCP, etc. That’s typically how lateral traffic gets managed. Defense in depth is good, but as I said I haven’t used host firewalls in forever, and we get audited for security certificates every year, and no auditor has asked about them that I recall.