Overview

Service Overview

A firewall is a virtual logical firewall service that controls traffic occurring in the VPC and Load Balancer of Samsung Cloud Platform.

The resources that can be applied in the firewall are Internet Gateway, Direct Connect, and Load Balancer, and you can set rules for communication between the VPC and the Internet, and between the VPC and the customer network, enabling secure network management.

When a firewall is first created, it blocks all inbound and outbound traffic according to the default rule (Any Deny).

Users can specify an IP address, port, and protocol to create inbound/outbound rules, and only traffic permitted by the created rules can communicate.

Component

The components that make up a firewall are as follows.

Component	Detailed description
Applicable target	Resources to which the firewall will be applied Apply the firewall to Internet Gateway, Direct Connect, and Load Balancer When creating the target resources, the firewall checks whether to use the firewall and is created together
Firewall size	Firewall is offered in five sizes according to rule quota Extra Small: 5 Small: 100 Medium: 200 Large: 500 Extra Large: 1,000
Firewall rule	When a firewall is first created, it blocks all inbound/outbound traffic according to the default rule (Any Deny) Add inbound/outbound allow rules by configuring target address, protocol, and port Provides a bulk rule creation feature through form filling

Component

Detailed description

Applicable target

Resources to which the firewall will be applied

Apply the firewall to Internet Gateway, Direct Connect, and Load Balancer

When creating the target resources, the firewall checks whether to use the firewall and is created together

Firewall size

Firewall is offered in five sizes according to rule quota

Extra Small: 5

Small: 100

Medium: 200

Large: 500

Extra Large: 1,000

Firewall rule

When a firewall is first created, it blocks all inbound/outbound traffic according to the default rule (Any Deny)

Add inbound/outbound allow rules by configuring target address, protocol, and port

Provides a bulk rule creation feature through form filling

Table. Firewall Service Components

Constraints

The Firewall of Samsung Cloud Platform has a rule quota (limit) that can be created per size. When creating a Firewall, it is created by default as Extra Small, and you can change the Firewall size on the Firewall Details page of the Samsung Cloud Platform Console.

Size	Rule quota	Detailed description
Extra Small	5	Maximum number of rules that can be created: 5
Small	100 items	Maximum number of rules that can be generated: 100
Medium	200	Maximum number of rules that can be generated: 200
Large	500	Maximum number of rules that can be generated: 500
Extra Large	1,000 items	Maximum number of rules that can be generated: 1,000

Table. Firewall constraints

Preceding Service

This is a list of services that must be pre-configured before creating a Firewall service. Please refer to the user guide (reference link) provided below for details and prepare in advance.

Service Category	Service	Detailed description
Networking	VPC	A service that provides an isolated virtual network in a cloud environment
Networking	Direct Connect	A service that quickly and securely connects the customer’s network with the Samsung Cloud Platform network.
Networking	Load Balancer	A service that distributes traffic across multiple servers to maintain stable service.

Table. Firewall Preliminary Service