SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Why businesses need a virtual firewall for optimal cloud protection
Tue, 20th Feb 2024

Organisations have embraced cloud-based operations, reaping benefits like scalability, agility, and constant data accessibility; however, this transition has introduced significant security challenges. According to an Apple-commissioned study, a historic 80 per cent of cyber breaches in 2023 involved data stored in the cloud. (1) With increased dependence on cloud-hosted applications, data, and services, the traditional boundaries of network security have become more spread out and less defined.

Ilan Rubin, Chief Executive Officer of Wavelink, says that adapting to the cloud era means company leaders must rethink their approach to security, with the responsibility to secure the cloud perimeter now extending beyond the IT department to encompass all facets of the enterprise. Virtual firewalls are key to helping organisations safeguard their data, ensure business continuity, protect customer trust, and stay compliant.

Virtual firewalls are specialised network security solutions designed for scenarios where traditional hardware firewalls are not feasible, such as in cloud settings, software-defined networks (SDNs), and software-defined wide-area networks (SD-WANs). These firewalls are vital to secure virtual, hybrid, and multi-cloud architectures due to their flexibility and ease of deployment. They are adept at managing both incoming and outgoing network traffic, ensuring robust protection against unauthorised access and data transmission.

This capability is critical to safeguard a company's sensitive data from external threats and for controlling the internal flow of information, preventing employees from inappropriately transferring sensitive documents. This function is particularly crucial in:

Securing public clouds: virtual firewalls are highly effective in securing services from public cloud providers like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. They typically operate as guest virtual machines within these environments and can provide visibility across multiple cloud service provider deployments. They help in fulfilling user security obligations, ensuring compliance with regulatory standards like the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), and Health Insurance Portability and Accountability Act (HIPAA), and augment the built-in security features of each public cloud platform.
Extending security to branches and software-defined environments: in SDNs and SD-WANs, virtual firewalls are crucial for securing virtual branch offices. They ensure consistent network security across various locations, isolate critical systems like point-of-sale (POS) systems, and provide inline security in SD-WAN environments. This capability is particularly important for privacy and compliance in branch locations.
Safeguarding private cloud assets: in private clouds, which are used exclusively by one business, virtual firewalls play a significant role. They secure virtualised compute resources and hypervisors such as VMware ESXi, Microsoft Hyper-V, and Azure Stack. Additionally, they help reduce the time and effort required for manual security provisioning through policy-based, automatic provisioning of network security capabilities.
Ilan Rubin said, Virtual firewalls provide certain unique advantages, such as being less expensive, as well as easier to configure and set up. They can also be centrally administered, compared to physical firewalls, which often need IT and network support staff to install, administer, and support them on-site. They also maximise investments in highly virtualised environments and simplify processes like segmentation and micro-segmentation. This segmentation is crucial for isolating workloads from one another and then securing them individually, enhancing the overall security posture of an organisation. Without one, companies may struggle to efficiently manage security protocols in a virtual landscape, potentially exposing increased cybersecurity risks and operational inefficiencies.