Much like a fire-resistant wall helps keep flames from spreading in a building, a firewall in a computer network (hardware, software or both) acts as a barrier to prevent unauthorized access to the network. It does this by proactively monitoring all incoming and outgoing traffic as well as applying and enforcing an organization’s security policies.
Firewalls were originally created to protect on-site company networks, but as more companies moved their applications and data to the cloud, firewalls had to evolve. Now, firewall as a service, or FWaaS, enables firewalls to be delivered as part of a company’s cloud infrastructure.
Why Companies Need Firewall as a Service
Years ago, when companies kept all their applications and data in single, on-site data centers, they took a “castle and moat” approach to securing their networks, with on-premises firewalls serving as the main access checkpoints. However, as companies moved to the cloud, adopted infrastructure- and platform-as-a-service – IaaS and PaaS – strategies, added more company and employee-owned mobile devices to their networks, and began using more applications and data hosted on third-party infrastructure (i.e., software as a service, or SaaS), they quickly discovered they no longer had clearly defined network perimeters.
They also found that:
Because many of their applications and data were now being run and managed on third-party infrastructure, they no longer had any visibility into, or control over, their entire networks.
Since companies and cloud providers share mutual responsibility for ensuring security in cloud environments, companies realized they couldn’t just depend on their cloud providers to oversee all their security. They’d have to find a way to do that themselves.
This forced many companies to completely rethink their approach to security. It also prompted them to start taking advantage of FWaaS to deliver firewall and other network security capabilities as part of their cloud infrastructure.
Today, thanks to this approach, companies can:
Aggregate all traffic from multiple sources (e.g., on-site data centers, branch offices, mobile users, cloud infrastructure) into the cloud
Consistently apply and enforce security policies across all locations and users
Gain complete visibility into and control over their networks without having to deploy physical appliances