New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
dome9 alternative
For people that dont know https://dome9.com/ is an easy to use web interface that controls the firewall on your servers.
You install their agent on all of your servers and then create security rules that instantly apply to all servers. Whitelist IPs, open ports...
Instead of managing all that manually using iptables which can be a huge pain in the ass this tool makes everything easier (whitelisting 1 IP on 20 servers for example takes 2 seconds)
I really like this service but they unfortunately removed their free plan and the cheapest one is $250/month.
Are there any cheaper alternatives?
Comments
Why, not just build an bash script to run a command into the 20 servers, which will also be free of cost:),
you can whitelist, deny etc..., using ssh keys or etc...
You can write a cron that will check for a new copy of /etc/sysconfig/iptables from a central server and download it.
I guess thats the only option now. Kinda strange that there are no other similar services, it would not be that hard to build.
Some control panels do it - it's unusual to get a separate service just for this I guess.
Copy and paste your ruleset, install iptables-persistent - done
If you want to apply the same modifications to several machines, you can do as @racksx recommends (probably safest) or @OnraHost_Zack's idea (but you are fucked if the central server gets compromised)
I use old (cloudflare.com powered) Dome9 account to manage few VPS. Do you have old account? Try using it.
It seem you are still able to register for free at cloudflare
I dont see Dome9 in the applications. I guess you cant register anymore that way