Note: This is the first in a six-part series on public cloud security. You can follow the entire series here.
When cloud was in its infancy and customers were beginning to understand the ramifications of the Shared Security Responsibility Model, firewall security seemed to be the perfect security solution. Next-generation firewalls and web application firewalls (WAFs) became the primary security mechanisms to protect web-facing applications and infrastructure run in the public cloud.
As organizations and developers increasingly embraced the cloud, it became apparent that firewalls were only part of the security story. ~ Rich TurnerClick To Tweet
As organizations migrated more workloads to the cloud, they also began developing native applications in Azure, AWS, GCP, and others. It quickly became apparent that firewalls were only part of the security story. While most could secure the perimeters, and some provided additional advanced security techniques (such as those available in Barracuda CloudGen Firewall products), other security lapses were beyond their control.
New categories of products quickly emerged to fill the void – or did they? CWPP, SIEM, CSPM – In today’s market, there is an almost bewildering “alphabet soup” of solutions that look beyond firewall and built-in protections to address security across the control, management and data planes. While the notion of a “plane” is really an antithesis to the cloud, where infrastructure consists of a vendor-managed network and numerous services, it is a useful way to visualize where security lapses continue to occur.
Our next blog post will review these planes and explain why it helps to keep them in mind when implementing cloud security and choosing among the alphabet soup of cloud protections.'While the notion of a “plane” is really an antithesis to the cloud, where infrastructure consists of a vendor-managed network and numerous services, it is a useful way to visualize where security lapses continue to occur.' - Rich TurnerClick To Tweet
Rich is the Product Marketing Manager, Information Management. He's been with Barracuda since the acquisition of C2C Systems in 2014. Rich specializes in cloud-deployed solutions, information management, and archiving systems. His experience includes extensive work on OEM opportunities and the legal community.
You can email Rich at firstname.lastname@example.org.