Forum Discussion

lbrooks's avatar
lbrooks
Equinix Employee
3 years ago
Solved

Firewall Functionality on Equinix Connect

With reference to Equinix Connect, can Equinix configure access-lists on the router/switch to provide basic firewall functionality? We are specifically looking to only allow specific source IPs and ports to a device directly connected to the router.

interconnection services
SD-WAN
security
  • Jantzen's avatar
    Jantzen
    3 years ago
    Unfortunately, Equinix connect can't provide a basic firewall rules service. The customer must provide the firewall service.
     
    The exception to this is for DDoS attacks.
    Remotely Triggered Black Hole

    During a potential DDoS attack, Equinix black holes a single IP address temporarily, and pushes the black hole advertisement towards the northbound ISP. All IP traffic towards that IP address is dropped. This prevents saturation of all upstream ports, thereby protecting the Equinix network and its customers.

    This triggering happens automatically when a single host exceeds predefined limits for traffic and packet rate. Once the threat is removed, the customer whose traffic was blocked is reinstated after sufficient time has elapsed.

     
    See the "Remotely Triggered Black Hole" section in the documentation for the latest updates.

1 Reply

  • Jantzen's avatar
    Jantzen
    Equinix Employee
    3 years ago
    Unfortunately, Equinix connect can't provide a basic firewall rules service. The customer must provide the firewall service.
     
    The exception to this is for DDoS attacks.
    Remotely Triggered Black Hole

    During a potential DDoS attack, Equinix black holes a single IP address temporarily, and pushes the black hole advertisement towards the northbound ISP. All IP traffic towards that IP address is dropped. This prevents saturation of all upstream ports, thereby protecting the Equinix network and its customers.

    This triggering happens automatically when a single host exceeds predefined limits for traffic and packet rate. Once the threat is removed, the customer whose traffic was blocked is reinstated after sufficient time has elapsed.

     
    See the "Remotely Triggered Black Hole" section in the documentation for the latest updates.

Featured Places

  • Node avatar for Discussions

    Discussions

    Engage with industry experts, share insights, ask questions, and grow your network.
  • Node avatar for Ideas

    Ideas

    We're listening! Submit your ideas to shape the future of Equinix!
  • Node avatar for Groups

    Groups

    Ready to collaborate? Join a Group or upcoming beta program.
  • Node avatar for What's New

    What's New

    Stay ahead with the latest from Equinix. Discover new product announcements, insightful tutorials, and practical use cases.
  • Node avatar for Events

    Events

    Your Guide to Upcoming Events - Online, Hybrid, and In-Person!