Chapter 6. Managing Security Groups
Neutron includes two methods of providing network-level security to instances: security groups and virtual firewalls. The security group functionality relies on iptables rules to filter traffic on the compute node hosting the instance. Virtual firewalls are provided by the advanced Neutron service known as Firewall as a Service, or FWaaS, which relies on iptables to filter traffic at the perimeter of the network in a Neutron router.
In this chapter, we will focus on security groups and cover some fundamental security features of Neutron, including:
- A brief introduction to iptables
- Creating and managing security groups
- Demonstrating how security groups leverage iptables
- Disabling port security
Security groups in OpenStack ...
Get Learning OpenStack Networking (Neutron) - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
