When we announced our new cloud generation firewall capabilities a couple of weeks ago, it was really interesting to hear from some of our experts about what these added capabilities would mean for customers. We started with Tim Jefferson, VP public cloud who provided some thoughtful insight into what’s necessary for customers to be secure in the public cloud, and how security has to adapt to these new requirements. This week, we caught up with network security guru Klaus Gheri to discuss some of the questions that often come up in regards to network security in the cloud generation. Here’s what he had to say:
We’re still in an era where the term firewall is typically thought of as a tool for securing data center architectures because that’s what a next-generation firewall is designed to do. However, as organizations continue to inch closer to the cloud era, many are still using traditional firewalls to secure cloud workloads and applications. Is this the best way to approach security in the cloud? It might be worthwhile to step back and take a look at the cloud security requirements moving forward before continuing to implement the same security tools in an entirely different environment. For example, you need to find out if the firewall integrates with the cloud fabric, or provides a full-featured API, or if the pricing aligns with current cloud consumption models? This all depends on if the firewall is engineered for the cloud — ultimately it’s about having the right tool for the job. But don’t take my word for it, let’s ask someone who spends a lot of time in the cloud.
Q & A with Tim Jefferson, VP Public Cloud, Barracuda
Q: Does the cloud require a different set of security tools?
A: It’s critical to understand the cloud environment that your applications will be deployed in, and the native services that the IaaS provider offers to achieve security control coverage. Then, customers can instrument in their required controls that leverage the provider’s deployment best-practices. This means not necessarily bringing in legacy data-center architectures and tools, which tend to be ‘anti-patterns’ in the cloud. For example, perimeter-based firewall architectures are highly effective in a data center, but can become sources of friction when deployed in the public cloud. The public cloud also offers customers agility, while being consumed differently than traditional IT. Those who are building in the cloud, like DevOps teams, for example, are looking for the same agility when deploying security controls — specifically for ways to consume and deploy third-party security tools via API.
As AWS re:Invent 2017 quickly approaches, there’s certainly a buzz is in the air around Barracuda as we look ahead to a great week in Vegas — and just what we need to make a full recovery from the tryptophan. The show runs from Nov. 27 – Dec. 1, and AWS has put together an amazing agenda of over 1,100 sessions — we can’t wait to see what major announcements AWS makes this time around. With each re:Invent show bigger than the last, it can be a bit overwhelming to sift through the noise and decide which sessions to attend, so we’ve gone ahead and asked around our neck of the woods to help provide an AWS re:Invent session cheat sheet to help highlight the security session that folks won’t want to miss.
You can find the full listing of re:Invent sessions here: https://www.portal.reinvent.awsevents.com/connect/search.ww
And, below you’ll find our security session cheat sheet:
GPSCT311 – GPS: Planning Advanced AWS Networking Architectures 11/28/17 11:30 AM – MGM, Level 3, Premier 303
Networking is the foundation supporting many applications and services on AWS. Therefore, it is one of the first and most important things to consider when architecting a solution. In this open round table, we look at AWS networking architectural patterns. We discuss the basics as well as dive in on more advanced use cases, including transit VPCs and hybrid networking solutions. Join a discussion with AWS solution architects, where you can ask questions and learn more about networking best practices.
- Networking on AWS is foundational knowledge that’s needed in order to build a secure and well-architected environment.
GPSTEC322 – GPS: Creating Your Virtual Data Center: VPC Fundamentals, Connectivity Options, and Partners – 11/28/17 1pm – MGM, Level 1, Grand Ballroom 117
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This midlevel architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks that AWS makes available with VPC. Learn how you can connect your VPC with your offices and current data center footprint. This session adds a focus on AWS Partners and where they are relevant in AWS networking.
- VPC design is a key building block and this session will highlight how to leverage VPCs in a cloud-friendly way.
NET305 – Advanced VPC Design and New Capabilities for Amazon VPC – 11/30/17 1:45pm – Venetian, Level 4, Delfino 4002
Amazon Virtual Private Cloud (Amazon VPC) enables you to have complete control over your AWS virtual networking environment. Given this control, have you ever wondered how new Amazon VPC features will affect the way you design your AWS networking infrastructure, or even change existing architectures that you use today? In this session, we explore the new design and capabilities and how you might use them.
- VPC knowledge is invaluable. Enough said.
NET306 Planning Advanced AWS Networking Architectures – 11/29/17 4:45pm – Venetian, Level 1, Casanova 507
Networking is the foundation supporting many applications and services on AWS. As such, it is one of the first and most important things to consider when architecting with AWS. In this session, we discuss planning for your advanced AWS networking architectures.
- Networking in AWS is different, which makes cloud generation security different. This session will help articulate those differences, and provide guidance on how to implement AWS networking architectures successfully.
Additionally, we hope you’ll have time to check out some of these as well:
- NET 405 – Another Day, Another Billion Flows
- NET 404 – Networking Many VPCs: Transit and Shared Architectures
- SID206 – Best Practices for Managing Security Operation on AWS
- SID210 – A CISO’s Journey at Vonage: Achieving Unified Security at Scale
- SID304 – SecOps 2021 Today: Using AWS Services to Deliver SecOps
- SID306 – How Chick-fil-A Embraces DevSecOps on AWS
- SID315 – Security and DevOps: Agility and Teamwork
- SID317 – Automating Security and Compliance Testing of Infrastructure-as-Code for DevSecOps
- SID321 – How Capital One Applies AWS Organizations Best Practices to Manage Multiple AWS Accounts
- SID326 – AWS Security State of the Union
- SID328 – Cloud Adoption in Regulated Financial Services
- SID331 – Architecting Security and Governance Across a Multi-Account Strategy
- STG201 – Storage State of the Union
- STG202 – Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Office 365
- STG305 – Deep Dive on Backup to the AWS Cloud
Lastly, you can find Barracuda at AWS re:Invent in booth #1533 — don’t be a stranger.
If you asked an end user within an organization that recently migrated from Microsoft Office Suite to Office 365, they’d probably tell you that the transition was smooth and hardly noticeable. They might even say that they’re really enjoying the additional productivity on any device, the always up-to-date applications, and the anytime availability and access. Office 365 presents a wide range of benefits for users and organizations, which is why millions continue to adopt the platform. But, is there anything we need to know that isn’t quite so obvious? Does our security approach need updating as well, or can we just move right along and everything will be ok?
Let’s find out. This year, Barracuda conducted a global customer survey to measure the current trends around the adoption and use of Office 365. We came away with a wealth of information in the recently published survey titled, “Office 365 Adoption Survey: Drivers, Risks, and Opportunities.” Here are a few of the key findings:
Adoption rates and the most used features
Of the over 1,100 respondents, a little over 63 percent said that they’re currently using Office 365, which is about a 20 percent increase over a similar survey from last year. Exchange Online is the most commonly used feature, however, OneDrive for Business and SharePoint Online are also seeing high usage.
With so many dedicated people at Barracuda contributing to all that goes on around here, it would be nearly impossible to choose a single “rising star” to recognize, which is exactly why we’re glad SC Media went ahead and did it for us. We’re excited to let you know that Asaf Cidon, Barracuda’s VP, Content Security Services has been recognized today as a Rising Star in SC Media’s 2017 Reboot Awards.Great to see @Barracuda’s @asafcidon among this elite group of #SCLeadershipAwards honorees #infosecClick To Tweet
Here’s what you need to know about the recognition:
For a company that lives and breathes in the IT channel, there’s no greater compliment than when our work is recognized by the channel community. Fortunately, this is the case today as the readers of ChannelPro Network recently voted for their favorite channel vendors in dozens of product categories, and guess what? It turns out that we’re not the only ones who appreciate Barracuda’s email security solutions.
According to ChannelPro Network, they received well over 500 votes between April and June to determine this year’s winners, which includes Barracuda as the gold winner for the “Best Email Security Vendor.”ChannelPro SMB readers choose Barracuda as the 'Best Email Security' VendorClick To Tweet
Whether you’re just starting to explore the cloud, are already moving small projects, or you’ve fully embraced the new wave of IT — the cloud is an important endeavor for your business. The cloud adds speed and agility to your business model along with offering significant cost savings; however, there are still a lot of questions about how to migrate existing security controls. Fortunately, this is familiar territory for Barracuda, and one of the reasons we continue to invest in the public cloud — so our customers can migrate the best way possible for their business.
A recent example is Barracuda’s Cloud Ready Program, which is designed to help customers accelerate migrations, and it provides an easy path for customers to meet shared security responsibilities in the cloud. Along with innovation and resources, we also need cloud people, which is why we couldn’t be happier to have Tim Jefferson, Barracuda’s new VP of Cloud on board to help take our cloud business to the next level. Tim joins us from AWS, and we recently sat down with him to gather his thoughts on joining Barracuda, here’s what he had to say: