Linux Firewall Automation with ERWALL

cdn , cyber security , distributions , erwall , firewall , ipsets , iptables , iptables configurations , linux , linu server , server security
  • Home »
  • Blog
  • Linux Firewall Automation with ERWALL

Increase Your Linux Security with ERWALL

One of the challenging tasks of system administration is to manage the Network Traffic. A system administrator must be aware of the importance and have the capability to configure the firewall according to the user and system needs.

The dominance of the Linux distributions in the servers points out the significance of the iptables configurations. Managing network traffic means defining rules that organize both incoming and outgoing network packets.

According to W3Cook's analysis, 96.3% of the top 1 million web servers are running Linux. It causes the security of the Linux systems to gain popularity. However, doing complex configurations on the terminal screen is not easy even for experienced system administrators!

For more information about WAF (Web Application Firewall), which is integrated with the CDN service, which is one of the measures you can take against cyber attacks, you can review our article titled "Merlin WAF - Web Application Firewall".

Iptables Has Never Been Easier to Manage

As Merlin team, we are excited to announce that we are releasing ERWALL - Linux Security Automation tool. ERWALL is a tool that enables you to define complex iptables rules from a web interface and easily deploy them to your servers.

By using ERWALL, you do not have to deal with complicated terminal commands. All you need to do is to enter the web interface and then you can manage your server’s network traffic from there.

How Does It Work?

ERWALL consists of 2 programs, one of them is ERWALL Server and the other one is ERWALL Client. Iptables configurations are highly confidential. Thus, we have developed the ERWALL Server application in a way that you can run it on your own server.

ERWALL Server application contains the interface of the ERWALL. The changes you make with ERWALL Server are transferred to the ERWALL client application. It allows the relevant configurations to run on your server.

On-premise Solution For Your Security

Merlin Web Services works in integration with ERWALL. You can easily activate your ERWALL account with the license key you will get from Merlin's pricing page. After receiving the license key from the Merlin panel, ERWALL works on-premise. It does not require any other operation outside its own panel. 

Merlin also provides CDN and WAF services. You can check our blog article to Create Your First Distribution and start using Merlin CDN.

Define Once, Deploy to Many

Client Groups feature is one of the key features of ERWALL. Client groups enable you to deploy your configurations on many servers at once.  Gathering servers used for the same purpose under a group will allow you to easily define your configuration settings.

When you want to make changes to these settings in the future, the changes you make will be deployed simultaneously on all servers in the group. ERWALL saves your time and helps you not to miss any detail thanks to its graphical interface.

Define as many client groups as you want for your server clusters. Whether if you have a few servers or hundreds of them, the client groups feature will save you time significantly!

linux servers automation

Define Your Linux Iptables Rules

You can define your own rules according to the security policy you want to apply on your server. iptables will run these rules for all incoming and outgoing packets of your server. Keep your servers safe with the rules in the rule sets you define! For detailed information about iptables rules, please refer to ERWALL documentation.

Linux Iptables Configurations

The features we have developed to increase your user experience are not limited to these. ERWALL also offers you IPSets and User Management features.

Use IPSets for Efficiency

IPSet is the structure that can be used to group IP addresses with similar attributes. You can use IPSets while defining rules. For example, when you want to block the IPs in your blacklist, instead of entering these IPs one by one, you can create an IPSet and define your rule over it.

Since the IPSet structure performs the search over a hashmap, it provides benefits in terms of both computational complexity and ease of use.

User Management

You can register users to your ERWALL account. The comprehensive list of permissions enables you to define roles for different user types. Define the roles, register users, assign roles to them and then you can maintain ERWALL easily.

Get Started with ERWALL - Linux Firewall Automation

Visit Merlin’s pricing page for ERWALL plans. Check out documentation for detailed information about What is Erwall and how you can benefit from it. You can download Server and Client executables from documentation as well.

Start using ERWALL - Linux Security Automation tool - and protect your servers!

Your experience on this site will be improved by allowing cookies.