Anytime the word “cloud” comes into play, you are more than likely surprised at what you come across. In this case, we’re talking about Cloud-Based Firewalls. Cloud-based firewalls are sold under different names like Security-as-a-Service and Network-based firewalls whose offerings have proliferated in the Managed Security Service Provider (MSSP) market in the last few years. What you need to know is that Cloud-based firewalls are deployed in the MSSP infrastructure instead of customer premise location.
Cloud-based firewalls have the following advantages over the traditional premise-based firewall solution:
- Predictable operational expense without significant upfront capital investment.
- Allows the organization to increase their firewall bandwidth capacity as the business grows without the need to upgrade the firewalls.
- Adds additional security features like Intrusion Prevention, web content filtering, data loss prevention and anti-virus/anti-spam without the need to add additional devices.
- Global organizations can add regional, cloud-based firewall locations to deploy global or regional security policies without the need to bring all the traffic back to headquarters or need for local security staff.
Although cloud-based firewalls have all these benefits, organizations may need premise-based firewalls to augment cloud-based solutions if they have extranet partners coming into their network on dedicated circuits, need segmentation and firewall between different groups and divisions or have very complex and large rule sets. Typically, corporations use cloud deployment for protecting the perimeter and use Premise Security for site-to-site protection. These two deployments could co-exist. In these scenarios, organizations can offload firewall rules for Internet traffic to cloud-based firewalls and retain premise-based firewalls for specific policies, which can help reduce firewall load and improve performance.
Organizations need to do due diligence to decide if a cloud-based firewall is the right solution for them and select the right MSSP for the service. They should make sure that the cloud-based firewall solution provides them true scalability and not just a multi-tenant solution from which they cannot grow as their bandwidth needs increase.
To conclude, below is a first in our whiteboard video series on “Cybersecurity” for your viewing pleasure.
I’m happy to answer any questions you may have around premise and cloud-based firewall security or anything related – just leave a comment below.