• 1.  Issues with SDN firewalls?

    Posted Jan 07, 2021 10:16:00 AM


    In the Security Guidance V4, I see that there are many benefits to SDN firewalls as opposed to hardware-based firewalls. However, I was wondering if there are any issues with SDN firewalls in general?

    Thanks :)


    Jenna Morrison
    Training Department Intern
    Cloud Security Alliance

  • 2.  RE: Issues with SDN firewalls?
    Best Answer

    Posted Jan 08, 2021 07:42:00 AM
    It’s more a matter of understanding how they work. Think of an SDN firewall as simply a rule in the network- traffic that doesn’t match, or is explicitly blocked, is just dropped by the network itself. But, for example, AWS security groups are default deny with allow rules only… so the drawback would be if you wanted to block a specific IP address range or write FQDN based rules… security groups can’t do either. Instead you would have to use either a different service from AWS (their new Firewall) or a virtual appliance.

  • 3.  RE: Issues with SDN firewalls?

    CSA Instructor
    Posted Jan 11, 2021 09:14:00 AM
    Great answer, Rich.

    Peter HJ van Eijk
    CCSK & CCAK trainer