- Enterprise Cloud Security and Governance
- Zeal Vora
- 99字
- 2021-07-02 19:21:03
Architecting firewall rules
Many of the organizations, specifically in the cloud, decide to have the firewall rule as 0.0.0.0/0.
Although this is the quickest way to make an application work, in the long term, it will lead to a lot of issues related to both security and compliance.
Fun fact
The last thing you want to show the compliance auditor is the rule of 0.0.0.0/0 for ALL. Try it!
There are two approaches that we can use to implement firewall rules:
- Deny all and allow some
- Allow all and deny some
Let's spend time understanding both the approaches.