The alphabet soup of cloud protection

Print Friendly, PDF & Email

Note:  This is the first in a six-part series on public cloud security.   You can follow the entire series here.

When cloud was in its infancy and customers were beginning to understand the ramifications of the Shared Security Responsibility Model,  firewall security seemed to be the perfect security solution.  Next-generation firewalls and web application firewalls (WAFs) became the primary security mechanisms to protect web-facing applications and infrastructure run in the public cloud.

 

As organizations and developers increasingly embraced the cloud, it became apparent that firewalls were only part of the security story.  ~ Rich TurnerClick To Tweet

As organizations migrated more workloads to the cloud, they also began developing native applications in Azure, AWS, GCP, and others.  It quickly became apparent that firewalls were only part of the security story.  While most could secure the perimeters, and some provided additional advanced security techniques (such as those available in Barracuda CloudGen Firewall products), other security lapses were beyond their control. 

New categories of products quickly emerged to fill the void – or did they?  CWPP, SIEM, CSPM – In today’s market, there is an almost bewildering “alphabet soup” of solutions that look beyond firewall and built-in protections to address security across the control, management and data planes.  While the notion of a “plane” is really an antithesis to the cloud, where infrastructure consists of a vendor-managed network and numerous services, it is a useful way to visualize where security lapses continue to occur.

Our next blog post will review these planes and explain why it helps to keep them in mind when implementing cloud security and choosing among the alphabet soup of cloud protections.

You can read all of the posts in this series as they are published here.

'While the notion of a “plane” is really an antithesis to the cloud, where infrastructure consists of a vendor-managed network and numerous services, it is a useful way to visualize where security lapses continue to occur.' - Rich TurnerClick To Tweet
Scroll to top
Tweet
Share
Share