By default, the ENF firewall denies all communication – no endpoint can talk to any other endpoint. The flexibility of the ENF firewall allows fine-grained control of the allowed communication. When considering network security, it is best practice to limit communication channels to only what is essential.
In most cases, one remote edge device doesn’t need to communicate directly with another. The administrators should, therefore, not add generic rules to the firewall that would allow this.
Since edge devices are often in remote locations, malicious actors could gain physical access to an endpoint. Even the best security leaves room for a malicious actor with access to the hardware to compromise the device. By isolating the endpoints from each other, the compromised endpoint is prevented from affecting any other. When anomalous behavior is observed, the compromised device can be quarantined by revoking its access in the IAM.
By setting the firewall rules appropriately, edge endpoints can communicate with server endpoints unhindered. Many use cases require the devices to communicate only with the server, while the server can communicate with any device.