Skip to main content
Firewalls must be attached to VMs to take effect. You can manage these attachments through the firewall management interface.

Attachment Process

To attach a firewall to a virtual machine:
1

Access Attachment Interface

From the firewall card, click the “Attach” button
2

Select Target VM

Select a VM from the list of available machines:
  • Only VMs with ACTIVE status are displayed
  • VMs that have server_uuid are eligible for attachment
  • Single VM selection using radio button interface
  • Already attached VMs are marked with checkmark icon
3

Confirm Attachment

Click “Attach Firewall” to confirm the attachment
4

Monitor Attachment Status

Wait for attachment to complete and verify success

VM Compatibility Requirements

Eligible Virtual Machines

VM Status Requirements

Active VM Needed
  • VM must be in ACTIVE state to attach firewall
  • VM must have a valid server_uuid
  • VMs in HIBERNATED or STOPPED state cannot be attached
  • VM must be fully operational and responsive

Technical Requirements

System Prerequisites
  • VM networking must be properly configured
  • VM must be accessible through management interface
  • Network infrastructure must support firewall attachment
  • No conflicting security configurations

VM State Validation

  • Supported States
  • Unsupported States
  • Error States
Attachment-Ready StatesACTIVE
  • VM is running and fully operational
  • All services are available
  • Network connectivity is established
  • Ready for firewall attachment

Multi-Firewall Attachments

Multiple Firewalls per VM

Multiple Firewall Support
  • Multiple firewalls can be attached to the same VM
  • All rules from attached firewalls apply cumulatively
  • Rules are processed in order of attachment
  • Conflicting rules are resolved based on precedence
How Multiple Firewalls Work Together
  • Additive Rules: All allow rules from all firewalls are applied
  • Security Layering: Multiple layers of protection
  • Rule Conflicts: Most restrictive rule typically takes precedence
  • Performance Considerations: More firewalls may impact performance
Best Practices for Multiple Firewalls
  • Use different firewalls for different security layers
  • Organize rules by function (web, database, management)
  • Document firewall purposes and interactions
  • Test thoroughly when combining multiple firewalls

Firewall Organization Strategies

  • Application-Layer Organization
  • Environment-Based Organization
Functional SeparationWeb Tier Firewall:
  • HTTP/HTTPS traffic rules
  • Load balancer configurations
  • CDN and proxy rules
Application Tier Firewall:
  • API access rules
  • Inter-service communication
  • Database connection rules
Management Firewall:
  • SSH access rules
  • Monitoring and logging
  • Administrative interfaces

Viewing Firewall Attachments

To view and manage firewall attachments:
1

Access Firewall Details

Click “View Details” on any firewall card
2

Navigate to Attachments

Select the “Attached VMs” tab in the firewall details interface
3

Review Attachment Information

View comprehensive attachment details:
  • VM Name and identification
  • VM Status (ACTIVE, HIBERNATED, etc.)
  • Attachment Status (SUCCESS, ATTACHING, ERROR)
  • Attachment timestamp and duration
4

Manage Attachments

Use available controls to detach or modify attachments as needed

Attachment Status Types

Firewall is successfully attached and protecting the VM

Attachment Information Display

The attachment interface provides detailed information for management:

VM Information Table

  • Basic VM Details
  • Status Information
  • Attachment Metadata
Essential Information
  • VM Name: User-defined virtual machine identifier
  • VM ID: System-generated unique identifier
  • Region: Geographic location of the VM
  • Creation Date: When the VM was originally created

Detaching Firewalls

To remove firewall protection from a VM:
1

Access Detachment Interface

Navigate to firewall details and locate the attached VM
2

Initiate Detachment

Click the detach button for the specific VM
3

Confirm Detachment

Review the detachment warning and confirm the action
4

Monitor Detachment

Wait for detachment to complete and verify removal
Detachment Security Warning:Detaching a firewall immediately removes network protection from the VM. Ensure you have alternative security measures in place or that the VM doesn’t require firewall protection before proceeding.

Detachment Considerations

Protection Removal
  • VM loses firewall protection immediately
  • All blocked connections become allowed
  • Network exposure increases significantly
  • Consider alternative protection before detaching
Application Impact
  • Previously blocked traffic may suddenly be allowed
  • Application behavior may change
  • Monitor for unexpected connections
  • Test application functionality after detachment
Security Alternatives
  • Attach different firewall before detaching current one
  • Implement host-based firewall on VM
  • Use network-level security controls
  • Consider moving VM to protected network segment

Attachment Best Practices

Planning Firewall Attachments

1

Assess Security Requirements

  • Identify network traffic patterns and requirements
  • Determine necessary ports and protocols
  • Plan for different security layers and functions
  • Consider compliance and regulatory requirements
2

Design Firewall Architecture

  • Plan firewall organization and rule distribution
  • Consider performance impact of multiple firewalls
  • Design for scalability and maintainability
  • Document firewall purposes and interactions
3

Test Attachment Strategy

  • Test firewall attachments in development environment
  • Validate application functionality with firewalls attached
  • Monitor performance impact of firewall rules
  • Test failover and disaster recovery scenarios
4

Implement and Monitor

  • Attach firewalls during maintenance windows
  • Monitor application performance and connectivity
  • Validate security effectiveness
  • Document operational procedures

Operational Best Practices

Attachment Timing

When to Attach Firewalls
  • Attach firewalls before VM goes into production
  • Use maintenance windows for production changes
  • Coordinate with application deployment schedules
  • Plan for testing and validation time

Monitoring and Validation

Post-Attachment Monitoring
  • Monitor application performance after attachment
  • Validate that required traffic is allowed
  • Check that unauthorized traffic is blocked
  • Monitor firewall logs for security events

Troubleshooting Attachment Issues

Common Attachment Problems

VM Cannot Be Selected
  • Cause: VM not in ACTIVE state
  • Solution: Start or restore VM to ACTIVE state
  • Verification: Check VM status in dashboard
  • Timeline: Wait for VM to fully boot before retry
Attachment Process Errors
  • Cause: Network configuration issues or VM problems
  • Solution: Check VM networking and connectivity
  • Verification: Test VM accessibility through other means
  • Timeline: May require VM restart or network reconfiguration
Error Status After Attachment
  • Cause: Firewall rule conflicts or configuration issues
  • Solution: Review firewall rules and VM configuration
  • Verification: Test network connectivity and application functionality
  • Timeline: May require rule adjustment or firewall reconfiguration

Debugging Attachment Issues

1

Check VM Status

  • Verify VM is in ACTIVE state
  • Confirm VM has valid server_uuid
  • Test VM responsiveness and connectivity
  • Check for any VM error conditions
2

Validate Firewall Configuration

  • Review firewall rules for conflicts
  • Check firewall status and health
  • Verify firewall is in SUCCESS state
  • Test firewall functionality with other VMs
3

Test Network Connectivity

  • Test VM network connectivity before and after attachment
  • Verify DNS resolution and internet connectivity
  • Check for blocked connections in firewall logs
  • Validate application-specific connectivity requirements
4

Contact Support if Needed

  • Provide VM ID and firewall ID
  • Include error messages and timestamps
  • Describe attempted troubleshooting steps
  • Include network configuration details
When multiple firewalls are attached to the same VM, all rules apply cumulatively. Plan your firewall architecture carefully to avoid conflicts and ensure optimal security coverage.
Always test firewall attachments in a development environment before applying to production VMs. This helps identify potential connectivity issues and rule conflicts before they impact live services.
I