Firewalls are a vital part of Carbon60’s layered approach to information security. For every end-to-end cloud hosting solution, we configure and maintain three layers of firewall services: Global, Perimeter and Host layer firewalls. These services are supported 24/7 with the expertise necessary to help keep the most sensitive information secure.
Global Firewall Services
By leveraging global cloud security services, we setup a robust front-line of defense against network based denial of service attacks by only forwarding well-formed http/s requests to your hosting origins. For additional protection, an advanced web application firewall service is also implemented as part of this front-line defense to filter out malicious http/s requests.
Perimeter Firewall Services
The perimeter firewall service is integrated into the core network at each cloud hosting origin. These firewalls control the ingress and egress of all network traffic at the data centre. We configure and maintain your firewall rules based on best practices and the specific requirements of your cloud hosting solution. Key features of the perimeter firewall service include:
- High performance packet inspection of all egress and ingress network traffic
- Default deny-all firewall rules
- Fully customizable rules to address your application’s exact security requirements
- Support for all major web services and protocols (HTTP/S, FTP, VoIP, IPSec, and custom)
- Deployed in high availability mode with stateful, sub-second failover
Host Level Firewall Services
A final layer of firewall services is setup and maintained on each host. Global and perimeter firewalls cannot provide protection for traffic generated inside a trusted network. For this reason, host-based firewalls running on individual servers are used to restrict network traffic between hosts on your private network to expected patterns.