Table of Contents
Updated by Mitchell Paul-Soumis
What is an Application Firewall in Sonar
An application firewall, strictly defined, is a type of firewall that governs traffic to, from, or by an application or service. Application Layer Firewalls accomplish this through a series of configured policies and rules in order to determine whether to block, restrict, or allow communications to or from the applications.
While traditional firewalls control data flow by examining each packet as it passes across it, application firewalls take it even further by controlling how files can be accessed and code executed by specific applications. By taking this extra step, application firewalls ensure that even if a bad actor somehow gains entry to a network or server, malicious code can't be executed.
The application firewall built into Sonar is specifically a web application firewall, which serves to filter, monitor, and block web traffic to and from a web application.
What are Application Firewall Rules used for?
You can create Application Firewall Rules under Settings -> Security -> Application Firewall Rules, followed by clicking on the "Create Application Firewall Rule" button:
Application Firewall Rules in Sonar allow you to restrict access to and from your instance. When creating a rule, you define the Subnet to allow through, and provide a description for what's being allowed through to the application. The description field is only used for internal purposes, so make sure it's descriptive enough that you'll remember it by the time you need to go back and make changes.
The rules you set in your instance strictly determine what's allowed through, and take effect as soon as the application firewall is enabled, which is done through Settings -> System Settings -> Application Firewall checkbox:
Common IP Addresses to allow through the firewall
Beyond the IP Address or subnet of your local system, we also recommend allowing the following IP Addresses to your Application Firewall, as these services and devices require access to your Sonar instance in order to function correctly:
- The RADIUS Server
- The Customer Portal
- Inline Device(s)
- Any integrations (Marketing Providers, Preseem, Webhooks)
- External API configurations
Common Mistakes to avoid
Make sure not to activate the Firewall until you've entered and described the IP addresses needed to continue accessing your instance