Physical firewall still recommended/necessary?

Hi,

Stupid question time. Is a physical (Cisco) firewall even necessary or recommended with a WAF like Cloudflare? The only thing I can find on the topic is a 7 year old web forum post that says yes http://www.webhostingtalk.com/showthread.php?t=1145801

Help a newbie out. Thanks.

Andy

Yes. Any kind of firewall. Not necessarily hardware. You’d need it to block attacks on lower layers. Don’t forget that CF is protecting your domain and the host it resolves to. Direct attacks against your IP adresses are still possible.

That’s an implicit deny rule for eaxample. 4.5 million connections against my IP network:

image

Most modern firewalls have their own WAF, but I for my self would deactivate this feature while using Cloudflare.

1 Like

That makes a lot of sense. Much thanks!

1 Like