Skip to content
Products
Platform
Developer Tools
Portal

Concepts

STACKIT Network Security provides centralized security management capabilities that protect your cloud infrastructure through unified control and comprehensive firewall policies. Understanding these core concepts helps you design security architectures that balance protection with operational efficiency.

Core Concepts

Section titled “Core Concepts”

Centralized Security Management

Section titled “Centralized Security Management”

At the heart of Network Security is the principle of centralized management — a unified approach to controlling security policies across all your STACKIT resources. Rather than managing security settings through multiple disconnected interfaces, network aecurity consolidates security configuration into a single, cohesive system.

When you implement centralized security management, you gain:

  • Unified visibility into all security rules and policies across your projects
  • Consistent enforcement of security standards across different resource types
  • Reduced operational complexity through consolidated management interfaces
  • Minimized configuration errors from scattered security settings
  • Improved audit capabilities with centralized tracking of security changes

This centralization ensures that:

  • Security policies remain consistent across your infrastructure
  • You have complete oversight of your security posture
  • Compliance requirements are easier to meet and demonstrate
  • Security operations become more efficient and less error-prone

Unified Firewall: Single-Pane-of-Glass Security

Section titled “Unified Firewall: Single-Pane-of-Glass Security”

The STACKIT Unified Firewall (UFW) represents the core implementation of centralized security management. It aggregates security settings from multiple sources—security groups, database ACLs, and public IP configurations—into a single, intuitive interface.

Key characteristics of STACKIT’s Unified Firewall (UFW):

  • Aggregated view: Consolidates firewall rules from security groups, database ACLs, and public IPs
  • Single interface: Manage all security configurations from one dashboard
  • Clear visibility: Visual representation of rules and their impact on your infrastructure
  • Rule templates: Pre-defined configurations for common security scenarios
  • Automated scaling: Dynamically handles increasing traffic and complex rule sets
  • API-first design: Built on robust APIs supporting full automation capabilities

The Unified Firewall doesn’t replace underlying security mechanisms like security groups; instead, it provides a management layer that makes these mechanisms easier to understand, configure, and maintain. Changes made in UFW are reflected in the underlying security components, and vice versa.

Use Cases

Section titled “Use Cases”

Network security’s flexible architecture supports diverse security scenarios:

  • Simplified Security Oversight for project owners
  • Streamlined Operations for DevOps and Security Engineers
  • Enterprise Security Governance
  • Secure Multi-Tier Application Architectures
  • Hybrid Cloud Security Coordination
  • Development and Production Environment Isolation
  • Database and Data Protection
  • Secure Bastion and Jump Host Patterns

Next Steps

Section titled “Next Steps”

Now that you understand network security concepts, explore: