Abiquo Documentation Cookies Policy

Our Documentation website uses cookies to improve your experience. Please visit our Cookie Policy page for more information about cookies and how we use them.


Documentation

Skip to end of metadata
Go to start of metadata

Introduction to Abiquo firewalls

In Abiquo 3.0 there is a new firewall front end. By default the firewall front end is an interface to public cloud firewalls. However, it can also be used for a private cloud firewall integration.

Public cloud firewalls

You can create Abiquo firewalls in public cloud regions. The AWS VPC implements firewalls as security groups. See http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html When you create a firewall, Abiquo will try to create it in the public cloud region but if Abiquo does not have enough contextual information, the firewall may be created later. For example, AWS security groups must be assigned to a VPC and so a firewall cannot be created in AWS until a VPC is available, which means until you assign a firewall to a virtual datacenter.

The implementation of firewalls may vary across different public cloud flavors. Abiquo checks the public cloud region for firewall capabilities.

An Abiquo firewall belongs to an enterprise and is associated with a cloud location, which in this case is a public cloud region. After you associate a firewall with a virtual datacenter, users can then assign its firewall policies to virtual machines.

Private cloud firewalls

The Abiquo firewall is a generic feature and if you develop a firewall integration, Abiquo firewalls can be enabled in datacenters as a front end to a datacenter firewall system. This works in a similar manner to how the Abiquo backup front end can work with a backup integration to a datacenter backup system.

Enable private cloud firewalls

To enable private cloud firewalls for all virtual datacenters, open Configuration view in the UI. Under System Properties, go to the General page and select the Enable firewall for private VDC option.

Firewall events

The Abiquo events and messages related to firewalls are as follows.

FIREWALL_POLICY_CREATE_INFO = The firewall policy '{name}' has been created.\nSome providers could create default rules, in that case you should synchronize that info with the platform using the firewall synchronization feature.
FIREWALL_POLICY_MODIFY_INFO = The firewall policy POLICY_OLD_NAME has been modified\: name\: '{name}', description\: '{description}'.
FIREWALL_POLICY_DELETE_INFO = The firewall policy POLICY_NAME has been deleted.
FIREWALL_POLICY_RULES_MODIFY_INFO = The rules of firewall policy POLICY_NAME have changed.
FIREWALL_POLICY_RULES_MODIFY_WARN = An error occurred while adding new rules in the firewall policy POLICY_NAME. It's possible that old rules have been removed. Please check them.


VIRTUAL_MACHINE_FIREWALL_POLICY_INFO = The virtual machine '{name}' firewall policies have changed.

Firewall API docs

See the Abiquo API Resource documentation: FirewallPoliciesResource and FirewallRulesResource.

For further information about public cloud firewalls, see AWS Security Groups as Abiquo Firewalls

  • No labels