Overview

Service Overview

Firewall is a virtual logical firewall service that controls traffic occurring from VPC and Load Balancer of Samsung Cloud Platform.

The target resources that can be applied in the Firewall are Internet Gateway, Direct Connect, Load Balancer, and it is possible to manage a safe network by setting rules for communication between VPC and the internet, and VPC and customer network.

When the Firewall is first created, it blocks all Inbound/Outbound traffic according to the default rule (Any Deny).

Users can create Inbound/Outbound rules by specifying IP addresses, ports, and protocols, and only allowed traffic can communicate with the created rules.

Component

The components that make up the Firewall are as follows.

Component	Detailed Description
Applied target	Firewall applied target resource Apply Firewall to Internet Gateway, Direct Connect, Load Balancer as target Firewall checks whether to use Firewall when creating the target resource and creates it together
Firewall size	Firewall is provided in 5 sizes according to the rule quota Extra Small: 5 Small: 100 Medium: 200 Large: 500 Extra Large: 1,000
Firewall rules	When the Firewall is first created, it blocks all Inbound/Outbound traffic according to the default rule (Any Deny). Allows Inbound/Outbound rules to be added by setting the target address, protocol, and port Provides a batch creation function for rules through form creation

Component

Detailed Description

Applied target

Firewall applied target resource

Apply Firewall to Internet Gateway, Direct Connect, Load Balancer as target

Firewall checks whether to use Firewall when creating the target resource and creates it together

Firewall size

Firewall is provided in 5 sizes according to the rule quota

Extra Small: 5

Small: 100

Medium: 200

Large: 500

Extra Large: 1,000

Firewall rules

When the Firewall is first created, it blocks all Inbound/Outbound traffic according to the default rule (Any Deny).

Allows Inbound/Outbound rules to be added by setting the target address, protocol, and port

Provides a batch creation function for rules through form creation

Fig. Firewall Service Components

Constraints

The Samsung Cloud Platform’s Firewall has a quota (limit) for the maximum number of rules that can be created by size. When creating a Firewall, it is created with Extra Small by default, and the Firewall size can be changed on the Firewall details page in the Samsung Cloud Platform Console.

Size	Rule Allocation	Detailed Description
Extra Small	5 items	maximum number of rules that can be created 5 items
Small	100 pieces	maximum number of rules that can be generated 100 pieces
Medium	200	maximum number of rules that can be generated 200
Large	500 pieces	maximum number of rules that can be generated 500 pieces
Extra Large	1,000 items	maximum number of rules that can be created 1,000 items

Table. Firewall Restrictions

Preceding Service

This is a list of services that must be pre-configured before creating the Firewall service. Please refer to the user guide (reference link) below for more information and prepare in advance.

Service Category	Service	Detailed Description
Networking	VPC	A service that provides an independent virtual network in a cloud environment
Networking	Direct Connect	A service that quickly and securely connects the customer’s network and the Samsung Cloud Platform’s network
Networking	Load Balancer	A service that distributes traffic to multiple servers to maintain a stable service

Fig. Preceding Firewall Service