With reference to Equinix Connect, can Equinix configure access-lists on the router/switch to provide basic firewall functionality? We are specifically looking to only allow specific source IPs and ports to a device directly connected to the router.
Unfortunately, Equinix connect can't provide a basic firewall rules service. The customer must provide the firewall service.
The exception to this is for DDoS attacks.
During a potential DDoS attack, Equinix blackholes a single IP address temporarily, and pushes the blackhole advertisement towards the northbound ISP. All IP traffic towards that IP address is dropped. This prevents saturation of all upstream ports, thereby protecting the Equinix network and its customers.
This triggering happens automatically when a single host exceeds predefined limits for traffic and packet rate. Once the threat is removed, the customer whose traffic was blocked is reinstated after sufficient time has elapsed.
See the "Remotely Triggered Black Hole" section in the documentation for the latest updates.
Equinix is the world's digital infrastructure company. Digital leaders harness our trusted platform to bring together and interconnect the foundational infrastructure that powers their success. We enable our customers to access all the right places, partners and possibilities they need to accelerate advantage.