Interspace Cloud provides network-level DDoS protection for all virtual servers. After passing through this protection, traffic reaches your virtual server where you are responsible for configuring firewall rules in your operating system.

1.DDoS Protection

Distributed Denial of Service (DDoS) attacks can flood your cloud infrastructure with malicious traffic, making it unable to respond to legitimate users. Interspace DDoS Protection uses specialized hardware systems to filter such traffic before it reaches your systems, ensuring your applications remain continuously available.

Standard DDoS Protection is included at no cost for Elastic Cloud VPS, Cloud VPN, Cloud NАТ Gateway, Load Balancer and Cloud Web Hosting. It automatically identifies and defends against common network and transport layer attacks (L3 and L4) that flood your bandwidth or exhaust server resources. This includes SYN floods, UDP floods, ICMP floods, IP spoofing, fragmentation attacks, reflection attacks, protocol exploits and more.

Premium DDoS Protection is available for an additional fee, in case you need application layer defense (L7). It uses deep packet inspection to detect and mitigate sophisticated attacks. SLA guarantee, priority support and monitoring tools are included. Contact us for an offer tailored to your needs.

2.Operating System Firewall Configuration

After traffic passes through DDoS protection, it reaches your virtual server without any additional filtering. While this offers maximum flexibility for your security configuration, it is your responsibility to set up and configure a firewall within the operating system of your virtual server.

If your server is accessible from the Internet, we strongly recommend configuring a firewall immediately after deployment, before installing any applications or making services available.

Automated bots continuously scan the entire internet looking for vulnerable servers. Your server can be discovered and attacked within hours after going online, which is why proper firewall configuration is essential.

For Linux systems, you can use iptables, ufw or firewalld, while Windows servers come with Windows Defender Firewall. Please read the Best Practices for Firewall Security section below.

2.1.Best Practices for Firewall Security

2.1.1.Allow Only Required Ports

Each open port is a potential entry point for attackers. Keep only those ports open that are necessary for your services to function.

Configure your firewall to block all incoming traffic by default and only allow specific required services. This "deny all, permit some" approach is much safer than trying to block specific threats. The fewer open ports you have, the smaller the chance of unauthorized access to your server.

2.1.2.Secure Management Access

Change default ports for management services like SSH (22) and RDP (3389). While this alone won't stop determined attackers, it helps reduce automated scanning attempts.

When possible, restrict access to management ports to specific IP addresses or ranges. This significantly reduces the risk of unauthorized access attempts.

For additional security, consider implementing port knocking. This method keeps ports closed until a specific sequence of connection attempts is detected. Only after this "secret knock" will the firewall temporarily open the required port.

2.1.3.Rate Limiting

Configure your firewall to limit the number of connections from a single IP address. This helps prevent brute force attacks and denial of service attempts.

Common targets for rate limiting are SSH, RDP, and web application login pages.

2.1.4.Geo-blocking

Consider blocking traffic from countries where you don't conduct business. While not foolproof, this can significantly reduce the number of attacks.

2.1.5.Firewall Log Monitoring

Review your firewall logs periodically to identify unusual patterns or repeated access attempts. This can help you detect potential security threats and adjust your rules accordingly.