- About Us
-
Secure, unlimited storage to ensures efficiency as well as high and continuous data access demand.
Virtual server integration for 3D Rendering, AI or ML
Enhance application capacity and availability.
Secure your exclusive advance order today and gain priority access to an all-inclusive stack for AI development, driven by NVIDIA’s powerful technology!
FPT Web Application Firewall provides powerful protection for web applications
Advanced virtual server with rapid scalability
Backup and restore data instantly, securely and maintain data integrity.
Advanced virtual server with rapid scalability
Secure your exclusive advance order today and gain priority access to an all-inclusive stack for AI development, driven by NVIDIA’s powerful technology!
Enhance application capacity and availability.
Backup and restore data instantly, securely and maintain data integrity.
Recovery, ensuring quick operation for the business after all incidents and disasters.
Diverse throughput and capacity to meet various business workloads.
Secure, unlimited storage to ensures efficiency as well as high and continuous data access demand.
FPT Web Application Firewall provides powerful protection for web applications
Intelligent and Comprehensive Virtual Web Application Firewall - Security Collaboration between FPT Cloud and Penta Security.
The Next generation firewall security service
Easily store, manage, deploy, and secure Container images
Safe, secure, stable, high-performance Kubernetes platform
Provided as a service to deploy, monitor, backup, restore, and scale MongoDB databases on cloud.
Provided as a service to deploy, monitor, backup, restore, and scale Redis databases on cloud.
Provided as a service to deploy, monitor, backup, restore, and scale PostgreSQL databases on cloud.
The service automatically initiates, maintains, manages, and protects APIs of any sizes.
- Pricing
- Partner
- Event
About Network ACL
Network ACL (NACL) is a crucial part of network security. It helps control and manage traffic flow in and out of subnets by applying rules that either allow or deny access.
- A network ACL is automatically created with a subnet that supports IPv4 only.
- Each subnet must be associated with a NACL.
- Each NACL has a maximum limit of 100 rules (both inbound & outbound rules).
Network ACL rules
- You can modify the default NACL by adding or removing rules. Any changes made to the rules of a network ACL are automatically applied to the associated subnets.
- Components of a Network ACL Rule:
-
Priority
Rules are processed in ascending order by by priority number. Once a rule matches the traffic, it is applied, even if higher-numbered priority of rules conflict with it. The system automatically increments the priority number, but the user can change it as long as it does not duplicate an existing number. -
Type
Specifies the type of traffic, such as HTTP, HTTPS, or ALL. -
Protocol
NACL supports TCP, UDP, ICMP, or any protocols. -
Port
The specific port of the traffic is targeted from 1 to 65535. -
Source
For inbound rules, this specifies the origin of the traffic (CIDR range). -
Destination
For outbound rules, this specifies the target of the traffic (CIDR range). -
Traffic Action
The specified traffic is permitted with Allow or Deny.
Notices
- The default rule is automatically created with a NACL that allows all outbound traffic, and you can delete it.
| Priority | Type | Protocol | Port | Destination | Traffic Action |
|---|---|---|---|---|---|
| 100 | ALL | ALL | ALL | 0.0.0.0/0 | ALLOW |
- If you delete the above default rule, you need to add the following outbound rules to create and deploy the server:
| Priority | Type | Protocol | Port | Source | Traffic Action |
|---|---|---|---|---|---|
| 1 | HTTP | TCP | 80 | 0.0.0.0/0 | ALLOW |
| 2 | HTTPS | TCP | 443 | 0.0.0.0/0 | ALLOW |
| 3 | DNS (UDP) | UDP | 53 | 0.0.0.0/0 | ALLOW |
What you can do with a Network ACL
Create New Rules
Creating an additional Network ACL allows (ALLOW) or denies (DENY) all or specific types of inbound and outbound traffic.
- Sign in to your FPT Cloud account, select a Tenant, a Region, and a VPC (if you have more than one).
- Navigate to AI Infrastructure > Network ACL in the sidebar.
- Choose a network ACL by clicking a NACL name or Actions > Manage rules in the list.
- Choose an Outbound or Inbound Tab (if you want to create the corresponding traffic rule).
- Click the Create new rule button.
- Enter the following details:
- Priority
- Type
- Protocol
- Port
- Source/Destination
- Traffic Action
- You can create multiple new rules. Once done, choose Apply to save the changes.
Modify Existing Rules
To modify one or more Network ACL rules, follow these steps:
- Choose a network ACL by clicking a NACL name or Actions > Manage rules in the list.
- Click on the Edit icon in the rule you want to modify.
- Change the rule value to your desired configuration.
- You can repeat and modify multiple existing rules. Once done, choose Apply to save the changes.
Remove Rules
To remove one or more Network ACL rules, follow these steps:
- Choose a network ACL by clicking a NACL name or Actions > Manage rules in the list.
- Click on the Delete icon in the rule you want to remove.
- You can repeat and delete multiple existing rules. Once done, choose Apply to save the changes.
