The Firewall as a Service (FWaaS) team has been busy over the last couple of cycles coming up with an alternate model to the existing API (from Havana) to make it more usable based on feedback from a number of quarters. The FWaaS v2 API enables users to apply collections of firewall rules as a policy on a neutron port (both Layer3 & VM). Further, we can selectively apply different policies for ingress and egress traffic.
Security is needed at multiple levels and to protect against attacks originating internally, which prompts a need to support richer Security abstractions at the VM interface as well. At this point in the network, with the presence of Security Groups, the implementation takes care to exist as an additional layer over the Security Group API to provided additional enhancements.
Details of the API, along with the detailed use cases and a demo will be presented. A Roadmap of features for the Pike release and onwards and discussions for user feedback will also be covered.
The attendees will get familiar with the FWaaS v2 API. The use cases can help users see how they can deploy it in their own cloud environments. We would also like this to be a forum to connect with (potential) users to get their feedback and help drive priorities for the roadmap and the Pike release specifically.