When we announced our new cloud generation firewall capabilities a couple of weeks ago, it was really interesting to hear from some of our experts about what these added capabilities would mean for customers. We started with Tim Jefferson, VP public cloud who provided some thoughtful insight into what’s necessary for customers to be secure in the public cloud, and how security has to adapt to these new requirements. This week, we caught up with network security guru Klaus Gheri to discuss some of the questions that often come up in regards to network security in the cloud generation. Here’s what he had to say:
Barracuda Cloud Generation Firewall
A 2017 Barracuda-sponsored survey revealed that more than 40 percent of respondents’ organizations are currently running a portion of their infrastructure in the public cloud. According to the survey, respondents cited easy integration with legacy technology (61%), strong protection of applications (54%), and strong protection of access to applications in the public cloud (48%) as important drivers for their cloud adoption.
These organizations face an increasingly sophisticated threat landscape, as 50 percent reported being hit with some sort of cyberattack. Barracuda Cloud Generation Firewalls give customers the flexibility to cost-effectively deploy security at critical points—in the cloud, in hybrid or multi-cloud environments, and throughout the development lifecycle.
Whether you are planning to migrate to the cloud or already have applications there, you have the responsibility to secure your data and applications. There are a million reasons why the cloud can be the right move for your business, and the decision could be the catalyst for your organization’s explosive growth and performance.
To benefit from everything the cloud has to offer AND maintain effective security, companies need functionality and pricing designed for the cloud. Barracuda Cloud Generation Firewalls are engineered specifically for this and will make your cloud migration seamless, faster, and more cost-effective.
Ask any CIO today what their top priorities are and digital transformation is likely to come pretty high up. In fact, new research from Daisy Group reveals that 63% of UK firms now have a such a strategy, up from just 27% last year. Unsurprisingly, cloud computing is driving these efforts in many (46%) firms. There’s just one problem: it’s also creating huge security blind spots and gaps which attackers are more than capable of exploiting.
To combat these challenges, organisations need to look to a mix of cloud-ready security tools, which increasingly need to slot into DevOps, alongside people and process changes.
We’re still in an era where the term firewall is typically thought of as a tool for securing data center architectures because that’s what a next-generation firewall is designed to do. However, as organizations continue to inch closer to the cloud era, many are still using traditional firewalls to secure cloud workloads and applications. Is this the best way to approach security in the cloud? It might be worthwhile to step back and take a look at the cloud security requirements moving forward before continuing to implement the same security tools in an entirely different environment. For example, you need to find out if the firewall integrates with the cloud fabric, or provides a full-featured API, or if the pricing aligns with current cloud consumption models? This all depends on if the firewall is engineered for the cloud — ultimately it’s about having the right tool for the job. But don’t take my word for it, let’s ask someone who spends a lot of time in the cloud.
Q & A with Tim Jefferson, VP Public Cloud, Barracuda
Q: Does the cloud require a different set of security tools?
A: It’s critical to understand the cloud environment that your applications will be deployed in, and the native services that the IaaS provider offers to achieve security control coverage. Then, customers can instrument in their required controls that leverage the provider’s deployment best-practices. This means not necessarily bringing in legacy data-center architectures and tools, which tend to be ‘anti-patterns’ in the cloud. For example, perimeter-based firewall architectures are highly effective in a data center, but can become sources of friction when deployed in the public cloud. The public cloud also offers customers agility, while being consumed differently than traditional IT. Those who are building in the cloud, like DevOps teams, for example, are looking for the same agility when deploying security controls — specifically for ways to consume and deploy third-party security tools via API.
We hope you've seen our announcement introducing Barracuda Cloud Generation Firewall capabilities. We're excited to be adding this new functionality to our Barracuda Web Application Firewall (WAF) and Barracuda NextGen Firewall (NGF). In this blog post I'd like to take you through what this means and how it can help you.
Why Cloud Generation Firewalls?
Let's start with some background on cloud adoption. Multiple Barracuda surveys have revealed that although companies are migrating to the cloud, there is still concern and confusion over public cloud security. Developers are also concerned about the security of the applications they are building in the cloud, and many organizations are simply unsure of how to deploy their existing security strategies to a cloud or hybrid environment. Budget considerations also require usage and licensing planning, and this can be a daunting task for people who are new to concepts like meshed connectivity and metered billing.
Barracuda Cloud Generation Firewalls are engineered to help customers overcome these challenges and fully embrace the potential of the public cloud.