Posts

SonicWall Extends Next-Generation Firewalls to Public Cloud Deployments, Including AWS and Azure

Attacks on public cloud infrastructures increase every day.

“We are in the third era of computing — the cloud and mobile era — but security considerations on cloud are still not widely understood,” said Mark Russinovich, CTO of Microsoft Azure. “It is important to address the public cloud security concerns to facilitate its adoption.”

In this third era, securing the public cloud is critical. According to IDC, 83 percent of workloads are virtualized today, and 60 percent of large enterprises run virtual machines (VM) in the public cloud. With the rapid pace of cloud transformation, securing workloads in the cloud becomes challenging.

SonicWall takes on this challenge and extends the security of the private cloud to public clouds with SonicWall Network Security virtual (NSv) firewall series. In addition to public and private cloud security, NSv can also provide end-to-end security for multi-cloud deployments.

Cloud technology provides greater agility, scalability and infrastructure consistency, improving business efficiency. Public cloud environments supported by SonicWall NSv includes Amazon Web Services (AWS)* and Microsoft Azure.

True Next-Generation Virtual Firewall Series

SonicWall NSv series brings industry-leading next-generation firewall (NGFW) capabilities, such as application intelligence and control, real-time monitoring, IPS, TLS/SSL decryption and inspection, advanced threat protection, VPN and network segmentation capabilities, to protect your AWS and Azure environments.

NSv supports all security and networking features similar to SonicWall next-gen hardware firewall appliances, including our patented Reassembly-Free Deep Packet Inspection (RFDPI) technology and award-winning Capture Advanced Threat Protection (ATP) sandbox with Real-Time Deep Memory Inspection (RTDMI) to stop both known and unknown (e.g., zero day) cyberattacks.

You can gain complete visibility and control of your traffic across multiple virtual private cloud (VPC) and virtual networks (VN), plus provide seamless security and management capabilities with a single-pane-of-glass experience. With NSv, you can take advantage of agility, scalability, high-performance, lower operational cost, quick time-to-deployment and drive innovation.

The public platform support is available across multiple NSv models, such as NSv 200/400/800/1600. Based on the fully-featured SonicOS 6.5.0, NSv makes the move to the cloud easier and safer.

Protect Public Cloud Data, Applications with SonicWall NSv

NSv addresses some of the critical needs of public cloud security. Below are some of the key benefits of leveraging NSv to protect your public cloud infrastructure and resources.

  • Gain complete visibility into virtual environment for threat prevention
  • Implement proper security zoning and ensure appropriate placement of policies
  • Defend against zero-day vulnerabilities with SonicWall Capture ATP
  • Prevent service disruptions in the virtual ecosystem
  • Gain centralized control and visibility with single-pane-of-glass management via Capture Security Center
  • Leverage agility and scalability without performance impact
  • Maintain security governance, compliance and risk management

SonicWall NSv can be deployed in a variety of use cases including the ones below:

  • Internet gateway for ingress/egress traffic protection
  • Lateral protection of east-west traffic
  • Site-to-site VPN deployment
  • Secure end-to-end remote access
  • Multi-cloud secure connectivity

Why Choose SonicWall NSv?

In addition to the various key benefits in leveraging NSv, below are some additional reasons why you should choose NSv as the security of choice in the public cloud.

  • Patented technologies like RTDMI, RFDPI and more
  • Robust products with over 26 years of award-winning technological innovation
  • Powerful security, powered by SonicWall next-generation firewall capabilities, now extending to the cloud

* AWS availability date pending.

Try SonicWall NSv for Azure

SonicWall NSv is currently available for Azure public cloud environments. Visit the Azure Marketplace to gain next-generation security for your most sensitive Azure workloads.

New Virtual Firewalls: SonicWall NSv Provides Robust Security for Public, Private or Hybrid Cloud Environments

To keep pace with innovations and modernize data center operations and services, businesses are embracing today’s application-centric, virtualized world. Virtualization and cloud can cut costs and increase efficiency and operational agility.

Four common pitfalls of modern virtual environments

However, advantages in savings and efficiency must be weighed against applying constrained budgets to prevent potential damages due to growing threats and common pitfalls. Vulnerabilities within virtual environments are well-documented. New ones are discovered regularly that yield serious security implications and challenges. Common IT challenges in securing virtualized environments include:

  1. Monitoring and securing traffic between virtual machines
  2. Managing policy change across virtual environments
  3. Tracking and controlling the sprawl of virtual machines
  4. Protecting virtualized assets in public cloud environments

What you need in a next-generation virtual firewall

To best capitalize on virtualization trends, you should operationalize the complete virtualization of computing, networking, storage and security in a systematic way. Implement a new approach for selecting an appropriate and effective next-generation virtual firewall solution. You should explore new virtual security solutions that go beyond legacy approaches and technologies. Plus, solution components must be tightly integrated to deliver application services safely, efficiently and in a scalable manner.

A next-generation virtual firewall must offer all the security advantages of your physical firewall, along with the operational and economic benefits of virtualization. These include system scalability and agility, speed of system provisioning, simple management and cost reduction.

Introducing the SonicWall NSv virtual firewall series

The new SonicWall NSv virtual firewall series offers you all the security advantages of a physical firewall with the operational and economic benefits of virtualization. With full-featured security tools and services including Reassembly-Free Deep Packet Inspection (RFDPI), security controls and networking services equivalent to what a SonicWall physical firewall provides, NSv effectively shields all critical components of your private and public cloud environments.

NSv is easily deployed and provisioned in a multi-tenant virtual environment, typically between virtual networks (VN). This allows it to capture communications and data exchanges between virtual machines (VM) for automated breach prevention, while establishing stringent access control measures for data confidentiality and VMs safety and integrity.

The NSv Series also includes infrastructure support for high availability and scaling to fulfill any Software-Defined Data Center (SDDC) scalability and availability requirements. NSv virtual firewalls help ensure:

  • System resiliency
  • Operational uptime
  • Service delivery and availability
  • Conformance to regulatory requirements

Security threats, such as cross-virtual-machine or side-channel attacks and common network-based intrusions and application and protocol vulnerabilities, are neutralized successfully through SonicWall’s comprehensive suite of security inspection services.

All VM traffic is subjected to multiple threat analysis engines, including intrusion prevention, gateway anti-virus and anti-spyware, cloud anti-virus, botnet filtering, application control and Capture Advanced Threat Protection multi-engine sandboxing.

The NSv Series is available in multiple virtual flavors carefully packaged for broad range of virtualized and cloud deployment use cases. Delivering multi-gigabit threat prevention and encrypted traffic inspection performance, the NSv Series can adapt to capacity-level increases and ensure VN safety and application workloads and data assets are available as well as secure.

Segmentation security

With NSv segment-based security capabilities, NSv can apply an integrated set of dynamic, enforceable barriers to advanced threats. By applying security policies to the inside of the VN, segmentation can be configured to organize network resources into different segments, and allow or restrict traffic between those segments. This way, access to critical internal resources can be strictly controlled.

NSv can then automatically enforce segmentation restrictions based upon dynamic criteria, such as user identity credentials, geo-IP location and the security stature of mobile endpoints.

For extended security, NSv is also capable of integrating multi-gigabit network switching into its security segment policy and enforcement. It directs segment policy to traffic at switching points throughout the network, and globally manages segment security enforcement from a single pane of glass.

Since segments are only as effective as the security that can be enforced between them, NSv applies intrusion prevention service (IPS) to scan incoming and outgoing traffic on the VLAN segment to enhance security for internal network traffic. For each segment, it enforces a full range of security services on multiple interfaces based on enforceable policy.

Governs centrally

NSv deployments are centrally managed using both on premise with SonicWall GMS, and with SonicWall Capture Security Center, an open, scalable cloud security management, monitoring, reporting and analytics software that is delivered as a cost-effective service offering.

The SonicWall Capture Security Center gives the ultimate in visibility, agility and capacity to govern the entire SonicWall virtual and physical firewall ecosystem with greater clarity, precision, and speed — all from a single-pane-of-glass.

For more information, visit our NSv web page, and watch the video below.