Will Linode offer a cloud firewall?
Is Linode planning on offering a feature like DigitalOcean's cloud-based firewall? We're heavily invested in Linode and would love a feature like this!
- Operates at the network level, so blocked traffic never reaches the servers.
- Rules are managed in the web portal.
- Configurations can be applied to machines via role-based tags.
- Changes apply instantly to all machines.
@wshweb - Thanks for expressing your interest in this. This is a feature we are discussing implementing, though I don't have a timeline for you yet. I've added your request for this to our internal tracker in the meantime.
We would also love this feature. We have some additional machines we would migrate to Linode if this were available.
Cloud Firewalls are on our roadmap, though we don't have an ETA to share yet.
Any future announcements regarding this will be made on our blog:
I'd like to see this also, even if it's a paid addon. Having the ability to block IPs, protocols, ports, etc., higher up from the VM would be very nice to have for certain things in case the OS firewall gets stopped or cleared for some unforeseen circumstance.
We're still waiting… :-(
Any good news about this basic functionality?
DigitalOcean & Vultr give it as an "obvious" service and it's very usefull as described by @wshweb
I registered on the community just to add my vote for cloud firewall support. I have had several servers constantly in service on Linode for over 10 years. I hope Linode will accelerate this feature. Lack of this feature is the kind of thing what could make even loyal, long-time customers move to your competitors. Implementing this needs to be one of Linode's top priorities given the state of the Internet today.
Linode's most recent policy to block SMTP ports, incoming, for accounts and specific Linode's, as well as removal of the blocked ports upon request, proves they already have the infrastructure for a cloud firewall in place, at least, to a small degree. I imagine they simply have to fine tune it and determine how best to allow the public access to such a system that they already have in place.
When it becomes available, because I believe that it will, I'd like the ability to see any firewall rules that are added by the Linode administrators, even if they are read-only and can only be removed by the admins upon request. It would also be nice to have the ability to set up your own VLAN's that could be set up within a single data center only, or even across data centers to other Linode's, that only you would have access to. I could see such a thing being quite a useful feature, especially if you could extend it to any VPN setup you may want to create, to create your own WLAN over the internet, connecting you to all your Linode's, whether they be in the same data center, or multiple ones. I could easily see the cloud firewall being expanded to allow you far greater network control.
I would love VLAN capabilities along with the cloud firewall, myself. I'd have fun playing around with that, and I imagine others would have some uses for it, too.
@Nikky - Hang in there. While I'm not able to share an exact timetable here, you should be expecting some good news soon. This is on our roadmap for 2020.
@davent - It's good to have you here! Thanks for sharing, and consider your vote counted. I've spoken to them personally, and I can tell you that our developers are actively working on this. I can also confirm that it is at the top of our priority list, and testing is in the works.
@tech10 - Fine tuning and testing for public implementation is exactly what's going on behind the scenes.
Regarding your suggestions: This is awesome and extremely useful feedback. I agree that being able to see all the network rules in one place would be a great feature, even if it's just for informative purposes. I've passed along all of these feature requests (including your suggestions regarding the expansion of network control) to our developers. If you have any other specific suggestions, I would encourage you to email firstname.lastname@example.org. We would love to hear what you have to say!
Thanks for being patient, everyone. We're just as excited as you are, and we can't wait for when it's ready.
We all are waiting for this Cloud Firewall feature. When you are going to add this feature?
+1 for this. Hope to hear more about the Cloud Firewall feature as it becomes available.
Yes! How many of us run Docker now? And Docker's handing of iptables is insane! A cloud firewall would simplify things for those of us… I wonder how many people think they're running iptables in front of docker and never tested it…
Cloud Firewall is one of the items we mentioned in the 2020 Roadmap in our 2019 year in review blog post. Look to our blog for future announcements on this and other features as they become available.
Thanks for adding the specific use case you're looking to use it for. We just announced a One-Click app Docker option, which may be helpful to you if you're spinning up new Linodes to use Docker.
+1 for the Cloud firewall option.
Have been a Linode customer for a few years and am looking to use Linode for our 3CX PBX instances, but a lack of firewall is currently pushing us to DigitalOcean for simplicity.
Am open to suggestions of a suitable way around this until this feature is completed on the road map (fingers crossed its not the back end of 2020).
+1 for the Cloud firewall option.
It's also the reason I joined this forum, though I have several Linode accounts (via my clients).
It's the main reason I recently deployed a project with another competitor instead of Linode (though I trust you more and I would preferred you), because of the simplicity of cloud firewall for kubernetes nodes and normal nodes.
So please emphasize the importance of cloud firewall.
Hoping this comes soon! I can't go with Linode at this time because of this missing feature.
+1 It's time to add this feature many of us miss here.
Things have to be simple, there is no sense in configuring a local firewall for every server I have, specially now with Docker and Kubernetes.
I’ve been watching the release notes of the Linode Manager versions and based on the changes being made, they are definitely working on it.
This is one of the reasons I left Linode in 2016 when they had no plans for it.
Now it’s a WIP, I’m back :)
I know that Windows on Linode is unsupported, but I once had an instance of Windows running and someone RDP bounce attacked me through open 3389. Windows firewall sucks, I migrated that one instance over to Vultr because of their cloud firewall, once we get cloud firewall I am going to move it back.
This is an absolute showstopper for us being able to migrate to Linode. Individually managing firewalls via ufw doesn't scale and is a security problem just waiting to happen. I was very surprised to find that Linode still doesn't support this given how long they have been in this space and that all of their competitors already provide this. Other than that, the service looks great.
I encourage you to sign up for our Green Light program to request access to the upcoming Cloud Firewall beta.
I did the moment it was announced :-)
Cloud Firewall is basically a software-based cloud-deployed network device. It is built to stop unwanted access to private networks. This technology is based on modern businesses.
Right now, we have no idea about the Linode cloud firewall. But in future this service will be offered by Linode. So keep in touch and reading Linode Blog.
Just subscribe to the feeds of Linode Blog here.