Filtering Traffic for Google App Engine with a firewall
Simplesysadmin.info. A day after launching a new low-cost networking tier for its cloud platform, Google Inc. has rolled out another major enhancement that should save a good amount of hassle for developers.
Limit traffic for Google App Engine
The update affects the Google App Engine, a managed environment that the tech giant provides for running web services. The company has added a native firewall that lets developers limit traffic to their applications. It’s designed as an alternative to manually regulating web requests, which was the sole option until now and only offered a partial solution.
The reason is that this approach requires implementing traffic restrictions directly into an application. Consequently, requests that don’t meet the necessary criteria still still end up reaching the service before getting rejected and incur infrastructure charges in the process. Moreover, writing extra logic to handle traffic can increase the overall complexity of a project.
The new App Engine firewall replaces hard-coded rules with a straightforward graphical interface. Developers can tailor how traffic is filtered for different use cases.
An engineer looking to, say, test a new application before making it public could restrict access to only machines that are connected to their company’s internal network. Or if they use a third-party firewall service, the management console provides the ability to block requests that aren’t routed through the system.
Accessible using programming interface
Another potential use is filtering requests from suspicious Internet Protocol addresses. The new firewall is accessible via a programming interface, which lets companies hook it up to their internal security infrastructure and automatically update the blacklist when a new source of malicious traffic is identified.
The App Engine Firewall is currently available in beta. It joins the existing traffic restriction features that Google offers for protecting virtual machines. Moreover, news broke Wednesday that the company has quietly equipped the servers and network devices powering its cloud platform with specialized security chips designed to prevent tampering.