Linode Cloud Firewalls

Linode Cloud Firewalls is a robust cloud-based firewall solution available at no additional charge. Through this service, you can create, configure, and add stateful network-based firewalls to Compute Instances and NodeBalancers.

Enhanced security

Cloud Firewalls sit between a service (Compute Instance or NodeBalancer) and the Internet and can be configured to filter out unwanted network traffic before it even reaches your server. Defend your apps and services from malicious attackers by creating rules to only allow traffic from trusted sources. Firewall rules can filter traffic at the network layer, providing fine-grained control over who can access your servers.

Simple interface

Control inbound and outbound traffic using the Linode API, Linode CLI or Cloud Manager. Each interface can be integrated into your workflow for seamless control over firewall rules. The Cloud Firewalls service makes security more accessible and enables you to secure your network traffic without needing to learn complicated software or access the command line.

Scalable security in seconds

Stay protected as your network grows. Effortlessly apply the same ruleset across multiple Compute Instances and NodeBalancers. This saves time as you no longer need to manually configure internal software on each server.

Pricing and availability

Cloud Firewalls are available at no charge across all regions.

Limits and considerations

  • Cloud Firewalls are compatible with Compute Instances and NodeBalancers. They are not currently directly supported on other Akamai cloud computing services, such as Object Storage.
  • A Cloud Firewall can be attached to multiple services (Compute Instances and NodeBalancers), but a service can only be attached to one Cloud Firewall at a time.
  • Cloud Firewall inbound and outbound rules are applied to Compute Instances, but only inbound rules are applied to NodeBalancers.
  • When used in conjunction with NodeBalancers, a <<CLOUD_FIREWALL> inbound rules only apply to the NodeBalancer's public IP, not the IPs of the back-end nodes. This means you may also want to add individual back-end nodes to a Cloud Firewalls to protect any additional exposed IP addresses.
  • Cloud Firewall rules are applied to traffic over the public and private network but are not applied to traffic over a private VLAN.
  • A maximum of 25 rules can be added to each Cloud Firewall (both Inbound and Outbound rules combined).
  • A maximum of 255 IP addresses (and ranges) can be added to each Cloud Firewall rule.
  • All IP addresses and IP Ranges must be formatted correctly, or changes will be unable to be saved.
  • A maximum of 15 ports (and port ranges) can be defined on each Cloud Firewall rule.

Developer resources