Fourth step in cloud migration – security
This is the fifth in a multi-part series. Follow the series here.
It’s almost redundant to say, but once you’ve chosen and qualified your security framework architecture, you need to deploy it before you actually migrate workloads.
There are two different (but related) security solutions that companies migrating to the cloud consider. One is a Web Application Firewall, and this protects web-facing applications.
The Web Application Firewall or WAF is considered a Level 7 security solution: in addition to protecting a web-accessible workload from OWASP top-10 attacks and DDoS attacks, it also manages access, and prevents outgoing data loss.
The NextGen Firewall F Series or NGF is considered a Level 4 network security solution: in addition to providing secure remote access to workloads in the cloud, it provides data protection against attacks and data loss, gives granular control over users and application access, and in hybrid configurations provides end-to-end visibility of traffic to and through the cloud.
In either case, you’re simply following the framework reference architecture you qualified in the previous step. Security is a one-to-many solution, i.e., you can secure multiple workloads using the same architecture.
We’ll look at considerations for migrating and building applications in the cloud in our next post.