Network isolation and security

Isolation with network namespaces

Each container endpoint is placed in its own network namespace. The management host vNIC and host network stack are located in the default network namespace. In order to enforce network isolation between containers on the same host, a network namespace is created for each Windows Server container and containers run under Hyper-V isolation into which the network adapter for the container is installed. Windows Server containers use a Host vNIC to attach to the virtual switch. Hyper-V isolation uses a Synthetic VM NIC (not exposed to the Utility VM) to attach to the virtual switch.



Network security

Depending on which container and network driver is used, port ACLs are enforced by a combination of the Windows Firewall and VFP.

Windows Server containers

These use the Windows hosts' firewall (enlightened with network namespaces) as well as VFP

  • Default Outbound: ALLOW ALL

  • Default Inbound: ALLOW ALL (TCP, UDP, ICMP, IGMP) unsolicited network traffic

    • DENY ALL other network traffic not from these protocols


    Prior to Windows Server, version 1709 and Windows 10 Fall Creators Update, the default inbound rule was DENY all. Users running these older releases can create inbound ALLOW rules with docker run -p (port forwarding).

Hyper-V isolation

Containers running in Hyper-V isolation have their own isolated kernel and therefore run their own instance of Windows Firewall with the following configuration:

  • Default ALLOW ALL in both Windows Firewall (running in the utility VM) and VFP


Kubernetes pods

In a Kubernetes pod, an infrastructure container is first created to which an endpoint is attached. Containers that belong to the same pod, including infrastructure and worker containers, share a common network namespace (same IP and port space).


Customizing default port ACLs

If you want to modify the default port ACLs, please read our Host Networking Service documentation first (link to be added soon). You'll need to update policies inside the following components:


For Hyper-V isolation in Transparent and NAT mode, you currently can't reprogram the default port ACLs. This is reflected by an "X" in the table.

Network driver Windows Server containers Hyper-V isolation
Transparent Windows Firewall X
NAT Windows Firewall X
L2Bridge Both VFP
L2Tunnel Both VFP
Overlay Both VFP