Firewalls for Customers on our VPS & Networks

Some customers would like Firewalls around their VPS or Colocation hosts and networks, we know, but they don’t know who to ask to get them setup or how to go about it, so we’ve created a few simple Plans for “Customer Firewalls” for Network Presence customers.

It’s as easy as being Firewall Rules for $2 / Rule / month, min. spend of $12 / month, for Firewalls that “Allow a Few Ports, then Block the Rest”. Of course as part of that we’ll help you craft those Firewall Rules to deliver the protection you’d like for your site or servers hosted within Network Presence.

We also know that there’s customers that want to have just a few ‘ports’ opened and those that want to be “mostly open, few filtered” TCP or UDP ports and we can accomodate that too, as listed in the following.

Rules may look like:

a) Baseline Web Server, no SSL, just “port 80”

Allow Port 80 sessions from the Internet
Block anything else

That’s 2 Rules, min. spend of $12 / month.

b) Commerce Web Server, including SSL

Allow Port 80 sessions from the Internet
Allow Port 443 sessions from the Internet
Block anything else

That’s 3 Rules, at $2 / Rule it’s under the min. spend of $12 / month.

c) Business Server, Web and Email

Allow Port 80 sessions from the Internet
Allow Port 443 sessions from the Internet
Allow Port 25 sessions from the Internet
Allow Port 110 (POP3) sessions from the Internet
Allow Port 995 (POP3S) sessions from the Internet
Allow Port 143 (IMAP) sessions from the Internet
Allow Port 993 (IMAPS) sessions from the Internet
Block anything else

That’s 8 Rules and at $2 / Rule it’s also under the min. spend of $16 / month.

d) Business Server, Web, FTP, Email and CMS

Allow Port 80 sessions from the Internet
Allow Port 443 sessions from the Internet
Allow Port 25 sessions from the Internet
Allow Port 110 (POP3) sessions from the Internet
Allow Port 995 (POP3S) sessions from the Internet
Allow Port 143 (IMAP) sessions from the Internet
Allow Port 993 (IMAPS) sessions from the Internet
Allow Port 8080 (custom CMS) sessions from a single host on the Internet (1 rule)
Allow FTP sessions from 2 hosts on the Internet (2 rules)
Allow CMS custom port sessions from 2 hosts on the Internet (2 rules)
Block anything else

That’s 15 Rules and at $2 / Rule it’s $30 / month.

The advantage of the way that we do our Firewalls is that you need to enable a “Port or Service” (eg: Port 8080 of a CMS or “Mail” (being POP/POP3S/IMAP/IMAPS)) for it to be accessible, so by default your IP address becomes “unaccessible” from outside of Network Presence.

Inside of Network Presence though you can continue to access your Firewalled site and IP address. This is deliberate, in that we recommend that you have an EveryNet ADSL connection to the Internet, which brings you into Network Presence’ network perimeter and inherently better access to services hosted by Network Presence.

If you want “Block a Few then Allow All” type Firewalls then we can do that too, but it’s a different Firewall methodology in that it logs exceptions and it’s priced accordingly slightly higher than the ‘permit a few, deny the rest’ being $3 / Rule, like the following templates. It’s as easy as being Firewall Rules for $3 / Rule / month, min. spend of $20 / month. We’ll help you craft those Firewall Rules to deliver the protection you’d like for your site or servers hosted within Network Presence.

a) Internet server only for our Office on a Static IP ADSL/NBN/Internet service

Allow new Port 80 sessions from the Internet into the IP address of the Office and Count them (2 Rules)
Allow new Port 443 sessions from the Internet into the IP address of the Office and Count them (2 Rules)
Block un-connected TCP packets from the Internet into the IP address of the Office (1 Rule)
Allow anything else (1 Rule)

That’s 6 Rules, at $3 / Rule means that it’s at the min. spend of $20 / month for “Block Some, Allow Most”.

b) Internet Server to the Internet, just a few exceptions

Block new Port 8080 sessions from the Internet except for our 3 Static IP Addresses (4 Rules)
Log Exceptions to that port 8080 access (1 Rule)
Allow new Port 443 sessions from the Internet into the IP address of the Office and Count them (3 Rules)
Block un-connected TCP packets from the Internet into the IP address of the Office (1 Rule)
Allow anything else (1 Rule)

That’s 10 Rules, at $3 / Rules means $30 / month for that sophisticated Firewall

All in all, we have two Firewall Plans, one that’s “block some, allow all” and another that’s “allow a few, block the rest” and they’re available to any customer within the Network Presence network and billed directly by Network Presence. There’s also a customer-maintained web based interface to updating the Firewall Rules, so there’s minimal need to contact us for you to update your Firewalls yourself.

Please contact us to discuss your Firewall requirements, regards,
Richard.

This entry was posted in Network Presence, Sales and tagged , , , . Bookmark the permalink.