Firewall: What it is, how it works and how to manage it?

What is a Firewall?

A firewall is a key tool for protecting IT systems against unauthorized access and external network attacks.

It allows users to establish rules that determine whether to block or allow specific incoming and outgoing connections. A firewall can be implemented either as software or dedicated hardware.

Its primary purpose is to secure private networks, manage network traffic and ensure data integrity and confidentiality.

How It Works?

A firewall continuously analyzes packets transmitted between the internal and external networks, filtering them based on predefined rules, which may consider IP addresses, port numbers, and protocols. Firewalls can operate at various levels of the OSI model, from packet header analysis (layers 3 and 4) to application-level inspection (layer 7).

Basic Types of Firewalls:

• Host-based Firewall – Installed directly on endpoint devices. Protects individual computers by controlling local connections between applications and network connections.

• Network-based Firewall – Operates on network devices like routers, switches, or dedicated firewall hardware. Its purpose is to protect entire networks or segments by controlling data flow between devices.

• Application-level Firewall – Performs detailed verification of network traffic directed at a specific application, checking protocol details.

Firewall in MEVSPACE

For each dedicated server, we offer a free firewall solution. Firewall management is straightforward and done via an administration panel.

At the network device level, the firewall analyzes packet headers before they reach the server. Based on defined rules, traffic is either accepted or blocked.

To provide additional protection against public network threats, each server is covered by Anti DDoS protection.

Managing the Firewall Feature

Navigation

• Go to the Mevspace admin panel.

• Click on the Network tab in the left menu, then select Firewall from the dropdown list.

• Tab provides quick and intuitive access to all key firewall features.

Creating a Firewall Group

• Click on the plus icon to create a new group, where you can assign appropriate rules.

• Enter a description to easily identify the group and its applied filters.

• After entering the details, click Create.

• System will automatically generate a new group with a unique prefix fw.

Displaying Created Firewall Groups

After creating a group, a new entry with key information will appear on the list:

• description,

• number of assigned rules,

• number of associated hosts (instances),

• creation date

Detailed View of a Firewall Group

• To view group’s details, click on the selected ID or use the action button and choose the View option from the dropdown list.

• In the detailed view, you can create rule sets for IPv4 and IPv6 protocols and assign them to selected resources.

• You can also perform additional operations, like editing the group’s name or deleting it.

Creating an IPv4 Rule

• Go to the IPv4 Rules tab.

• In the Create IPv4 Rule form, configure all parameters for the new rule:

  • Choose a protocol from the list: TCP, UDP, ICMP or ANY.

  • Specify the port or port range on which the rule will operate on.

  • Define the source using available options: Custom, Anywhere or My IP.

  • Optionally, add a note to describe the purpose of the rule.

• Once the new rule is created, it will be marked in blue, indicating it is a draft version awaiting approval.

• You can freely create additional rules. When you are ready, click Apply Changes button. Keep in mind that the rules will not be processed until you approve their execution.

IPv4 rule creation form includes several key parameters:

• Protocol:

  • TCP - a connection communication protocol that ensures the delivery of all packets in an established connection session. Commonly used by application layer programs such as HTTP, SSH, and SMTP.

  • UDP - a connectionless communication protocol that prioritizes transmission speed without implementing packet control. Often used in video conferencing and VoIP services.

  • ICMP - a diagnostic protocol used to monitor network performance with tools such as ping and traceroute.

  • ANY – an option that allows connection without specifying a particular protocol.

• Port - the port number or range (example format 22,53,3306 or port range 22,53,3306,1024-2048,443) to which the rule will apply. Examples: SSH uses port 22 by default, Telnet – 23, DNS – 53, HTTP – 80, HTTPS – 443.

• Source - the rule will apply to the IP address from which packets originate. Available options:

  • Custom - an option that allows manually entering a specific IP address in CIDR format (including the mask).

  • Anywhere - the rule will apply to any source IP addresses (stored in CIDR 0.0.0.0/0 format).

  • My IP - the rule will apply to packets originating from the current IP address.

• Notes - an optional text field where you can describe the purpose or justification for the rule.

Editing and Deleting an IPv4 Rule

• To edit a rule, click the action button and select Edit from the dropdown list. To delete a rule, select the Delete option.

• Edited rules will be marked in blue as drafts awaiting approval, while rules marked for deletion will appear in red, indicating they are ready for removal.

• You can freely create, edit, and delete rules. When ready, click Apply changes button. Keep in mind that rules will not be processed until you approve their execution.

Restoring Deleted Rules

• To restore a deleted rule, click the action button and select Restore from the dropdown list.

• After restoring the rule, it will be marked in white, indicating that the rule has been restored to its original state.

Creating an IPv6 Rule

• To create a rule for IPv6 addresses, go to the IPv6 Rules tab.

• The process of creating an IPv6 rule is similar to creating an IPv4 rule, follow the steps listed in Creating an IPv4 Rule guide.

• After creating a new rule, it will be marked in blue, which means that the rule is a draft version awaiting approval.

• You can freely create additional rules. When you are ready, click Approve changes button. Keep in mind that the rules will not be processed until you approve their execution.

Creating a Resource Link – Firewall Activation

To activate the created rule set, link it to the selected IP addresses:

• Go to the Related instances tab, then click the plus icon.

• In the search field, enter the IPv4 address (primary or secondary) associated with your host.

• Select the appropriate address from the list to associate it with the firewall group, then click Confirm button.

• After creating the link, entry will be marked in blue, indicating that the link is a draft awaiting approval.

• You can freely create additional rules and links. When you are ready, click Approve changes button. Keep in mind that changes will not be activated until you approve them.

Deleting Resource Link

• To delete a link from an address, click the action button and select Delete from the dropdown list.

• The link marked for deletion will be highlighted in red, indicating that the entry is a draft ready for removal.

• You can freely manage rules and links. When you are ready, click the Apply changes button. Keep in mind that changes will not be activated until you approve them.

Deleting a Group

• If you need to delete a group, click the trash can icon or use the action button in the firewall groups list, then select Delete from the dropdown list.

• Once you approve the changes, system will permanently delete the selected group.