How to Protect Multi-Cloud Environments with a NSv Virtual Firewall.

Secure the virtual workforce in multi-cloud environments.

The drive for virtualization places enormous pressures on modern data centers to accommodate multi-cloud networking that often features a mix of private, public and hybrid cloud computing environments.

IDC’s latest forecast predicts that “whole cloud” spending is poised for annual growth of nearly 17% and will reach more than $1.3 trillion by 2025. The forecast includes worldwide spending on cloud services, the hardware and software components to keep the cloud supply chain moving, plus professional and managed services.

As more organizations embrace the technology and multi-cloud migration expands, organizations embrace technologies, such as containers, network virtualization must develop to adequately secure highly dynamic environments ranging from public clouds to private clouds to data centers. Otherwise, organizations face the risks of visibility blind spots and control challenges. To circumvent the blind spots, IT managers are reaching out for cloud security solutions that operate well together and are easily managed.

The benefits of cloud computing are well-known and significant. However, so are the security challenges, exemplified by the many recent high-profile data breaches. Whether stored in a physical data center or a public, private or hybrid cloud, your data is the hacker’s goal.

Securing the cloud introduces a range of challenges, including a lack of network traffic visibility, unpredictable security functionality and the struggle to keep pace with the rate of change commonly found in cloud computing environments. To be efficacious, organizations need a cloud security solution that:

  • Identifies and controls network traffic within the cloud-based on identity, not the ports and protocols they may use.
  • Stops malware from gaining access to and moving laterally within the cloud.
  • Determines who should be allowed to use the applications and grants access based on need and credentials.
  • Streamlines deployment and gets a new instance up and running with a click. You do not want to configure each virtual firewall since that is time-consuming. Ideally, you have a pre-defined configuration pushed to the device, and it is up and running.
  • Cost-effectively replaces expensive WAN connection technologies, such as MPLS, with secure SD-WAN.
  • Simplifies administration and minimizes the security policy delay as virtual machines (VM) are added, removed or moved within the cloud environment.

Securing the cloud with SonicWall NSv virtual firewalls

Recently, SonicWall announced a new firmware, SonicOSX 7.0.1, on its virtual firewall platforms to provide feature parity with its hardware firewall platform running SonicOS7.

SonicWall Network Security virtual (NSv) firewalls support secure SD-WAN, Zero-Touch Deployment, DNS security, Restful API and many more features that help solve the earlier problems. The new firmware also allows users to operate the firewall in the traditional classic mode or policy mode. SonicOSX is the new SonicWall firewall firmware that lets granular control and enforcement of dynamic Layer 7 applications within the security policy. SonicOSX combines Layer 3 to Layer 7 rules into a single rule called Security Policy. Hence, the user will no longer need to configure any rules in separate tabs, as in the case of global mode. It also includes multiple improvements around user experience with rule exporting, cloning of a rule, shadowing alerts, bulk editing, and many more.

SonicWall NSv firewalls help security teams reduce different security risks and vulnerabilities, which can cause severe disruption to business-critical services and operations. With full-featured security tools and services, including reassembly-free deep packet inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shields all critical components of your private/public cloud environments.

NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VN). This allows it to capture communications and data exchanges between VMs for automated breach prevention while establishing stringent access control measures for data confidentiality and VM safety and integrity.

Security threats (such as cross-virtual-machine or side-channel attacks and common network-based intrusions and application and protocol vulnerabilities) are neutralized successfully through SonicWall’s comprehensive suite of security services.

All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and the Capture Advanced Threat Protection (ATP) multi-engine sandbox.

Clearly, the push for virtualization will continue and may even intensify. To learn more about SonicWall cloud solutions, please visit SonicWall.com/cloud.

Tiju Cherian
Product Manager, Network Security | SonicWall
Tiju oversees SonicWall’s Virtual Firewall (NSv) and SonicOS products. Prior to this position, Tiju held escalation and lead roles at SonicWall, Accenture and HCL. He has 14-plus years of experience in the technology space, specializing in firewalls, VPN technology, information and enterprise network security.
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply