Forum Discussion

lbrooks's avatar
lbrooks
Equinix Employee
2 years ago

Firewall Functionality on Equinix Connect

With reference to Equinix Connect, can Equinix configure access-lists on the router/switch to provide basic firewall functionality? We are specifically looking to only allow specific source IPs and p...
  • Jantzen's avatar
    2 years ago
    Unfortunately, Equinix connect can't provide a basic firewall rules service. The customer must provide the firewall service.
     
    The exception to this is for DDoS attacks.

    Remotely Triggered Black Hole

    During a potential DDoS attack, Equinix black holes a single IP address temporarily, and pushes the black hole advertisement towards the northbound ISP. All IP traffic towards that IP address is dropped. This prevents saturation of all upstream ports, thereby protecting the Equinix network and its customers.

    This triggering happens automatically when a single host exceeds predefined limits for traffic and packet rate. Once the threat is removed, the customer whose traffic was blocked is reinstated after sufficient time has elapsed.


     
    See the "Remotely Triggered Black Hole" section in the documentation for the latest updates.