firewalld vs CSF on a Centos 7 VPS

I just got a new GoDaddy dedicated VPS and I am trying to secure it. Its Centos 7.7 and the WHM does not come with any installed FW that I can tell. On an older VPS configServ security and firewall was pre-installed (but not active) on Centos 6.8 WHM. I tried getting it running once, ran into trouble and backed out never to touch it again. But now I need to get a FW operational. Are both firewalld and csf just front ends to using iptables? Or are they completely different? Which is easier to use, which has a better gui interface?....is the protection the same? Is there even a gui for firewalld - if so, how do I access it because I can't seem to find anything? It appears I have both firewalld and iptables installed (are iptables always installed?): ~]$ systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1) For iptables I get this: # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner GID match mailman ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner GID match mail ACCEPT tcp -- anywhere localhost multiport dports smtp,urd,submission owner UID match cpanel ACCEPT tcp -- anywhere anywhere multiport dports smtp,urd,submission owner UID match root # systemctl status iptables Unit iptables.service could not be found. So...is iptables actually running...or not? Please help me make sense of all this.