Skip to content

Firewall Management

Tenantos provides a vendor-neutral firewall management layer. Out of the box, Proxmox is supported. Through custom development, you can add your own providers or integrate hardware firewalls.

The layer is not limited to firewall rule management. It can also manage other systems, such as DDoS protection. Documentation for adding custom providers will follow with Tenantos version 1.0.39 at the latest.

Availability

The "Firewall" tab is only shown when a connection with firewall support is assigned to the server. The provider behind that connection determines which firewall features are available.

Capabilities

All capabilities are provider-driven. Depending on what the provider supports, the following options are available:

  • Firewall settings (such as default policy, etc.)
  • Rule management
  • Staged editing

If a provider does not support a capability, the corresponding option is not shown.

Staged Editing

With staged editing enabled, changes to the rule set are collected and applied together using the "Apply" button, instead of being sent one by one. This is useful when reordering rules or preparing several changes at once. With staged editing disabled, every change is applied immediately.

Whether staged editing is available depends on the provider.

Required Permissions

Access to the firewall is controlled by three role permissions:

  • View Server Firewall: View the firewall tab, the default policy, and the rules.
  • Update Server Firewall Settings: Change the firewall settings.
  • Manage Server Firewall Rules: Create, edit, delete, and reorder rules.

These permissions are not provider-specific and apply to every firewall provider.