Control your cloud security strategy by controlling access

Firewalls are an important initial step in securing your cloud environment and the information stored in it, as well as preventing malicious activity from reaching your servers or end users. When added to your security strategy, IBM Cloud network security services help protect your servers and network, giving you greater protection and control over your cloud infrastructure.

IBM Cloud Security Groups

Security Groups are a value-added, zero cost solution that easily add instance-level network security to manage incoming and outgoing traffic on both private and public networks.


Enhanced control

Enhanced control

Define security policies at the instance level rather than the network level for a more granular control over your workloads.

Customized to meet your needs

Customized for your needs

A scalable solution at no extra cost, for when your security requirements aren’t met by appliance-based firewalls or VLAN-based firewalls.

Ingress and egress filtering

Ingress and egress filtering

Configure rules that allows or denies incoming (ingress) and outgoing (egress) traffic to your virtual server’s private or public network interfaces.


Firewalls are an essential layer of security that’s provisioned on demand without service interruptions. They prevent unwanted traffic from hitting your servers, reduce your attack surface and allow your server resources to be dedicated for their intended uses.


On demand

Provision on the fly without interrupting your service.


Total control

Retain complete control of your firewall settings via API or web portal.


Wide selection

Accommodate your security needs with a variety of hardware-based firewalls and security groups.

IBM Cloud FortiGate Security Appliance 10 Gbps: Early Access Program

As the need for analytics and compute-intensive workloads increases the demand for high-speed networking in the cloud, so does the need for securing your enterprise workloads. IBM Cloud FortiGate Security Appliance provides a reliable, powerful and consolidated way to manage and control your network at speeds up to 10 Gbps. Get early access to IBM’s next-generation, enterprise-class firewall.

Key advantages

Enhanced control

High throughput

With speeds up to 10 Gbps, this robust firewall enables you to manage and control your network traffic with reliability and scale.

Customized to meet your needs


You have the ability to associate multiple VLANs with a single firewall device, and protect your cloud with enhanced perimeter security as a result.

Ingress and egress filtering

Public and private network connectivity

For the first time, IBM provides a firewall that can protect both your public and private network.


Available firewall options


Shared hardware firewall

10 Mbps to 2,000 Mbps protection for single servers provisioned on demand without service interruptions.


Dedicated hardware firewall

1 Gbps, single-tenant protection for servers that share the same VLAN, provisioned on demand without service interruptions.


FortiGate® Security Appliance

This enterprise-class hardware firewall gives you enhanced, granular control over your network. This single-tenant firewall, for a single VLAN, provides access to add-on features, such as intrusion prevention, anti-virus protection and web filtering. It can be configured as a high-availability option, with a second firewall, for redundant 1 Gbps failover protection and automatic fallback.