Q

How to decide if a cloud firewall is better than a traditional firewall

Before replacing a traditional firewall with a cloud firewall, keep these considerations in mind. Kevin Beaver shares his list of concerns.

When would it be wise to replace my traditional firewall with a cloud-based firewall? I've also heard many people

advocate a hybrid solution combining traditional with cloud-based. When could this be beneficial?

The answer to your question is specific to your business and network environment. While I can't answer it for you, I can offer a number of considerations to keep in mind when you contemplate replacing your traditional firewall with a cloud firewall. Here's what enterprises should ask themselves:

  • What are our current information risks? Are parts of our information systems at increased risk because we're using a traditional firewall? For example, are we more susceptible to denial-of-service attacks or malware infections because the traffic has not been sanitized before reaching our network?
  • Do we have the resources to focus on internal firewall management and monitoring? Is time or cost related to monitoring prohibitive?
  • Is the firewall outdated and in need of replacement? How does the cost of that replacement compare with an equivalent (or superior) cloud firewall service?
  • Are we qualified to ensure our internal firewall is properly configured and maintained?
  • Are there particular cloud firewall vendors that can help solve our problems?
  • Have we asked prospective vendors the tough questions such as:
    • What happens when your firewall goes down?
    • How do we know how secure your firewall and overall cloud environment is?
    • Will you help us in the event of a security breach? To what level?
    • Can we have access to the logs for forensics or archiving purposes?
    • How do you inspect traffic protected by SSL?

While I'm sure it exists, I can't imagine a situation where a cloud firewall could eliminate your on-premises firewall altogether. This may be why many security pros are advocating for a hybrid approach. In a hybrid firewall environment, enterprises keep their traditional firewall (perhaps simplifying the rule base) but also work with a cloud firewall vendor to serve as an intermediary for specific services or applications. Enterprises can then maintain control while leveraging the scalability, denial of service protections and presumed redundancy of cloud-based firewalls. In my opinion, it's a win-win.

Ask the Expert!
Kevin Beaver is ready to answer your network security questions. Submit them now via email!

This was first published in May 2014

Dig deeper on Application Firewall Security-Network Security: Tools, Products, Software

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close