By default, the ENF firewall denies all communication – no endpoint can talk to any other endpoint. The flexibility of the ENF firewall allows fine-grained control of the allowed communication. When considering network security, it is a best practice to limit communication channels to only what is essential.
In most cases, it is not necessary for one remote IoT device to communicate directly with another. The administrators should not, therefore, add generic rules to the firewall that would allow this.
Since IoT devices are often in remote locations, it is possible that a malicious actor could gain physical access to an endpoint. Even with the best security, a malicious actor with access to the hardware may be able to compromise the device. By isolating the endpoints from each other, the compromised endpoint is prevented from affecting any other device. When anomolous behavior is observed, the compromised device can then be quarantined by revoking its access in the IAM.
By setting the firewall rules appropriately, IoT endpoints can communicate with server endpoints unhindered. Many use cases require the IoT devices to communicate only with the server, while the server can communicate with any device.