arrow
Características
Features
Característiques
Ventajas Advantages Avantatges Funcionalidades Functionalities Funcionalitats Infraestructura Infrastructure Infraestructura API API API Imágenes Images Imatges
arrow
Nosotros
About us
Nosaltres
Más sobre Clouding More about Clouding Més sobre Clouding Contacto Contact Contacte Blog Blog Blog
arrow
Soporte
Support
Suport
Soporte Clouding.io Clouding.io Support Suport Clouding.io Cloud Pros Cloud Pros Cloud Pros Base de conocimiento Knowledge Base Base de coneixement
Contacto Contact Contacte FAQ FAQ FAQ Iniciar Sesión Login Iniciar Sessió
language icon Catalán Catalan Català language icon Español Spanish Espanyol language icon Inglés English Anglès
arrow
Características
Features
Característiques
Ventajas Advantages Avantatges Funcionalidades Functionalities Funcionalitats Infraestructura Infrastructure Infraestructura API API API Imágenes Images Imatges
arrow
Nosotros
About us
Nosaltres
Más sobre Clouding More about Clouding Més sobre Clouding Contacto Contact Contacte Blog Blog Blog
arrow
Soporte
Support
Suport
Soporte Clouding.io Clouding.io Support Suport Clouding.io Cloud Pros Cloud Pros Cloud Pros Base de conocimiento Knowledge Base Base de coneixement
Contacto Contact Contacte FAQ FAQ FAQ Iniciar Sesión Login Iniciar Sessió
language icon Catalán Catalan Català language icon Español Spanish Espanyol language icon Inglés English Anglès

Articles in this section

banner banner banner

Create a rule in the Edge Firewall

Jesús Camacho
  • Updated

At Clouding we offer an advanced Strict Anti-DDoS feature that includes a globally distributed Edge Firewall. This firewall acts before traffic reaches the datacenter, allowing malicious packets to be filtered at the edge of the network, improving both security and performance.

What is the Edge Firewall?

The Edge Firewall is a defense layer that operates at the edge of the Anti-DDoS system. Unlike the traditional firewall that works within the platform, the Edge Firewall blocks unwanted connections before they reach Clouding's resources, saving bandwidth and CPU cycles.

By default, all traffic is allowed.

  • To restrict traffic, you must first allow the necessary ports and protocols, then block everything else.
  • You can create rules based on IP ranges (CIDR), autonomous systems (ASN), or any network.

Create a rule in the Edge Firewall

Go to the Clouding portal, click on the server, and then select the Anti-DDoS tab. From there you can manage the Edge Firewall rules.

To create a new rule, click on the orange button on the right. In this section, you can create a rule to block a specific network (CIDR) or block traffic based on an ASN. The fields to fill in depend on the type of source you want to block or allow:

For IP ranges (CIDR):

  • Source CIDR: Enter the IP range you want to block. For example: 192.0.0.0/8.
  • Protocol: Select the protocol you want to block. For example, if you choose "Any", you will be blocking or allowing all protocols. You can also select a specific one from the list. In that case, you must complete the additional fields explained below.
    • Source port: Specify the source port.
    • Destination port: Specify the destination port.
  • Action: Choose between allow or block.
  • Note: Add a description to better document the rule.

Finally, to add the rule, click the Submit button.

For ASN:

  • Source ASN: Enter the ASN you want to block or allow. The ASN must be numeric only, without the AS prefix.
  • Protocol: Select the protocol you want to block. For example, if you choose "Any", you will be blocking or allowing all protocols. You can also select a specific one from the list. In that case, you must complete the additional fields explained below.
    • Source port: Specify the source port.
    • Destination port: Specify the destination port.
  • Action: Choose between allow or block.
  • Note: Add a description to better document the rule.

Finally, to add the rule, click the Submit button.

Usage recommendations

The Edge Firewall evaluates rules in list order (from top to bottom), and the first matching rule is applied. Therefore, the order of rules matters when blocking or allowing a CIDR or ASN. For example, if you define an allow rule and then a block rule, the one higher in the list will take precedence.

To ensure a secure policy, it is recommended to place block rules above allow rules when security is the priority.

  • Use CIDR rules to block suspicious or unwanted IP ranges precisely and efficiently.

  • Apply ASN rules when you need to mitigate attacks from specific ISPs or entire regions, blocking large volumes of malicious traffic at once.

Conclusion

The Strict Anti-DDoS Edge Firewall at Clouding is a powerful tool to protect your infrastructure from the edge of the network. With proper configuration, you can mitigate attacks before they reach your servers, improving both security and service stability.

 

banner banner banner

Related articles