+- Orbit OS -- Forums (https://forum.orbit-os.org)
+-- Forum: Networking & Security (https://forum.orbit-os.org/forumdisplay.php?fid=19)
+--- Forum: Network Setup & Firewalls (https://forum.orbit-os.org/forumdisplay.php?fid=20)
+--- Thread: Best firewall baseline for OrbitOS edge devices? (/showthread.php?tid=10)
Best firewall baseline for OrbitOS edge devices? - tiago.netops - 04-25-2026
Hi all,
For production deployments, what baseline firewall profile are you using on OrbitOS nodes?
I am aiming for:
- deny by default
- explicit allowlist for app ports
- remote management only via VPN
Any recommended defaults from the team?
RE: Best firewall baseline for OrbitOS edge devices? - PR1000 - 04-25-2026
Good question. Recommended baseline from our side:
1) default deny inbound
2) expose only required service ports
3) keep SSH disabled unless break-glass access is needed
4) route admin operations through VPN + audit logs
We are preparing a hardening checklist and can publish it in Security soon.