Skip to main content

Overview: Firewall and Network Security in Nuvion (VHI)

In the Nuvion environment, the security of your infrastructure is managed granularly through layers of virtualized networks. Unlike a centralized physical firewall, the VHI uses the concept of Distributed Security.

What is the Firewall in Nuvion?

The firewall in Nuvion operates directly on the network interfaces of your Virtual Machines (VMs). It is mainly implemented through Security Groups.

Key Concepts:

  • Security Groups: Act as a virtual firewall for your instances, controlling inbound (Ingress) and outbound (Egress) traffic.
  • Default Network (Private): If you have not created a custom network, your instances will be connected to the private network, where Security Groups manage isolation.
  • Default Behavior: By default in VHI, the security group default is created with permissive rules, allowing initial communication. It is up to the user to restrict traffic according to the project’s needs.

How Filtering Works:

The system is Stateful. This means that when allowing an incoming connection on a specific port (e.g., Port 80), the firewall automatically understands that the outgoing response of that connection should be allowed, simplifying rule management.