The increasing sophistication and frequency of cyberattacks and a more application-driven landscape has seen next-generation firewalls (NGFWs) rapidly evolve – and now they need to deal with the challenges of cloud infrastructures.
Over the past decade, NGFWs have been the cornerstone of perimeter network security, evolving alongside the sophisticated dynamic threats that continuously come from diverse attack vectors. NFGWs are already detecting and blocking attacks at the application level, for example.
Cloud re-defines the firewall
It is paramount that NGFWs are now integrated into cloud strategies. Regardless of where applications are hosted, they still need to be protected from potential external security threats.
NGFWs have been created to protect centralized networks or distributed networks, across multiple locations, often globally, from attack. But now we are in the cloud era. Cloud by its very nature is dynamic, flexible and scalable, bringing with it benefits such as automated application deployment. Suddenly, to be effective, an NGFW has to be cloud centric. This means being cloud native with the ability to integrate cloud-based end-point security or secure web gateways for mobile users, for example.
“The game isn’t so much about transporting data anymore, it is about delivering application content to the end users who are going to consume this content,” explains Nicolas Drogou, Security Practice Head for APAC, Orange Business. “A lot of these applications are mixed in a botch of public clouds, private clouds, hybrid and legacy data centers, which makes security complex.”
A wall in the cloud
Cloud has changed the way organizations do business, opening up new risks. Data is being accessed from different locations and devices. By 2020, LogicMonitor’s Cloud Vision study forecasts that 80 percent of enterprise workloads will be in the cloud.
Together with cloud management and monitoring tools, NGFWs need to become cloud-centric, extensible security platforms with APIs that work with on-premises or via cloud access security brokers (CASBs) and DevOps tools, for example. CASBs sit between cloud service consumers and cloud service providers to enforce security, compliance and government policies for cloud apps. By the end of 2020, analyst firm Gartner predicts that 25 percent of new firewalls sold will include integration with a cloud-based CASB, primarily connected through APIs.
More applications now go into different clouds – be they public, private, hybrid and even legacy data centers. “The concept of a cloud-based NGFW that maps your overall movement in the cloud is essential,” explains Drogou.
Simplification with an extensible NGFW
In reality, many organizations are surrounding themselves with too many products in the security space and don’t know which way to turn – on top of the inordinate amount of time being eaten up in monitoring these products daily. According to IDC, some organizations have as many as 70 products deployed. Understanding what is going on in a network and the cloud from all these solutions is virtually impossible.
The security APIs and components that form part of software-as-a-service (SaaS) and cloud-provider offerings are usually not interoperable, forcing organizations to run multiple tools and management interfaces. Often, variants of one tool are not available for different cloud environments and may also require customized integration.
It is critical that security professionals can quickly glean the data they need to make key security decisions. Going through the findings of a vast array of products dramatically slows down the process. The good news, however, is that vendors continue to add more extensive security and management capabilities. This gives IT teams a much more comprehensive toolbox with which to work, without having to learn the ins and outs of a plethora of solutions. This enables NGFWs to be part of platforms “where their function is more strategic than if they were deployed as single-point products,” according to IDC.
As organizations adopt the agility of cloud, many are also looking to virtualize other parts of their infrastructure, including security. Virtualized NGFWs are highly flexible in terms of being able to activate services both remotely and instantaneously.
The truly flexible NGFW
Managing a cloud-centric NGFW more like an SaaS subscription by adding features as required, makes it far easier for enterprises to cope with today’s dynamic threat vista.
Orange Business Flexible Security Platform Cloud, for example, is a co-managed offering that uses Fortinet firewall virtualization technology to provide security on demand. Orange Business provides an end-to-end service, including installation, supervision and operational maintenance, with the enterprise retaining control. Alongside the NGFW, users can self-activate and deactivate features from an a la carte menu of options designed to provide a consistent security posture in the cloud and provide easy-to-manage configurations across multi-cloud environments.
“It is easy to get sold on advance features you don’t need,” says Drogou, “which is why we’ve made Flexible Security Platform a hassle free, flip on, flip off Swiss Army knife of security features that encompasses the power of the cloud.”
But cloud-centric NGFWs are not a panacea for everything. They don’t pretend to be zero risk; however, integrated with threat intelligence and behavior analytics features, they significantly reduce risk. Hackers will not waste their time trying to get into an enterprise that is well protected.
We are now at the point where businesses will refuse to collaborate with other businesses if they don’t have adequate security in place. Increasingly, partners will want to know what your security posturing is. And that goes for cloud environments as well. If the risk is too high, you will lose business opportunities with prospects and partners alike.
Find out how you can boost your enterprise agility with an NGFW that offers flexibility and control in our exclusive webinar with Fortinet.