What is STACKIT Network Security?
STACKIT Network Security combines software-defined networking with integrated security features. The service enables Virtual Private Clouds, stateful firewalls via security groups, and site-to-site VPN for hybrid scenarios. STACKIT as a German cloud provider guarantees that all network traffic stays in German data centers.
Key Features
- Virtual Private Clouds with flexible CIDR ranges
- Stateful security groups with automatic return traffic
- Site-to-site VPN over IPsec for hybrid cloud
- VPC peering for private connections between networks
- Basic DDoS mitigation included
Typical Use Cases
- Multi-tier architectures with web, app, and database isolation
- Microservices networking in Kubernetes environments
- Hybrid cloud connectivity to on-premises data centers
Benefits
- Network traffic stays in Germany
- Zero-trust segmentation via security groups
- Included in infrastructure resource pricing
- GDPR-compliant without US CLOUD Act risks
Integration with innFactory
As an official STACKIT Partner, innFactory supports you with Network Security: architecture, migration, operations, and cost optimization.
Available Tiers & Options
Standard Networking
- Private networks
- Security groups
- Free within region
- Basic firewall capabilities
Typical Use Cases
Technical Specifications
Frequently Asked Questions
Are security groups stateful?
Yes, security groups track connection state and allow return traffic automatically without separate rules.
How does VPC peering work?
VPC peering connects two private networks directly for private traffic without public internet.
Is there DDoS protection?
Yes, basic DDoS mitigation is included. Extended protection can be activated for exposed services.
Can I build hybrid cloud connections?
Yes, site-to-site VPN over IPsec securely connects on-premises data centers with STACKIT networks.
