Understanding Firewall Rules Best Practices

Hafeez Baig |
18 steps |
53 seconds

Google Cloud

Type "**VM instance**" in the search bar and click on the **VM instance** option

**What is VM instance?**\ \ A **VM instance** (Virtual Machine instance) is a virtualized computing resource that functions like a physical computer but operates on virtual hardware within a cloud environment. In services like Google Cloud Compute Engine, VM instances allow you to run applications, host websites, and perform computations without the need for physical servers. They are scalable, allowing you to adjust resources such as CPU, memory, and storage as needed, and isolated, ensuring that different workloads run independently. VM instances offer flexibility and configurability, enabling you to select various operating systems and machine types to meet specific requirements.

**VM instances** wizard will open, click on the **CREATE INSTANCE** button

The **Create an instance** wizard will open. Enter the Name as **instance-2**.

Navigate to the **Networking** section by selecting it from the left-hand sidebar. In the **Firewall** section, you can configure the **Firewall** settings like - Allow the HTTP and HTTPS traffic

**What is Firewall?**\ \ A **firewall** is a security system that controls network traffic based on rules to protect internal networks from unauthorized access and threats. It filters incoming and outgoing traffic, blocking or allowing data based on criteria like IP addresses and ports, and provides monitoring and logging to detect potential security issues.

Scroll to the **Network tags**, give the tag as - "**disable-http"**

**What are Network tags?**\ \ **Network tags** are labels assigned to VM instances or other resources to help manage network traffic and apply specific policies. They allow you to group resources and apply firewall rules or configurations based on these tags, making it easier to organize and control network settings effectively.

Scroll to the **Hostname** text input field, here you can give the Hostname.

**What is Hostname?**\ \ A **hostname** is a label assigned to a device or server on a network that uniquely identifies it within that network. It serves as a human-readable name, making it easier to access and manage devices compared to using IP addresses. In a network, a hostname can be used to resolve the device’s IP address and facilitate communication between devices, servers, and applications.

Scroll to the **Network interfaces** section, here you can configure the Network Interfaces.

**What is Network interfaces?** \ \ **Network interfaces** are components that connect a virtual machine (VM) or server to a network, enabling communication with other devices and services. Each network interface includes unique IP addresses for identification, along with configuration settings for routing, security, and connectivity. They define how the VM interacts with different network segments, such as public or private networks, and manage traffic flow, security rules, and overall network performance.

Scroll the page and click on the **CREATE** button

Type "**Firewall**" in the search bar and click on the **Firewall** option

**What is Firewall?**\ \ A **firewall** is a security system designed to monitor and control network traffic based on predefined rules. It acts as a barrier between a trusted internal network and untrusted external networks, such as the internet. Firewalls can be hardware-based, software-based, or a combination of both, and they filter incoming and outgoing traffic to prevent unauthorized access and protect against threats. By enforcing rules related to IP addresses, ports, and protocols, firewalls help safeguard systems and data from cyberattacks and malicious activities.

**Firewall policies** wizard will open, click on the **CREATE FIREWALL RULE** button

**What is Firewall rule?**\ \ A **firewall rule** is a specific set of criteria that defines how network traffic should be allowed or blocked by a firewall. Each rule specifies conditions such as source and destination IP addresses, ports, and protocols, determining whether the traffic should be permitted or denied. Firewall rules are used to enforce security policies by controlling which network traffic can enter or leave a network, protecting systems from unauthorized access and potential threats. Rules can be applied to various network interfaces and services, ensuring that only authorized communications are allowed based on the defined criteria.

Scroll to the **Name** text input field and give the Name as -"**my-tag**"

Scroll to the **Logs** section and select the option **Off** **Note:** You can select the option as per your requirement.