10 Criteria for Evaluating Your Cloud Network Security Solution – The New Stack
As organizations expand their cloud adoption and critical use cases, securing their cloud infrastructure often becomes more complex. For this reason, analysts and advisors recommend that organizations take a unified, multi-layered approach to protecting their cloud deployments and ensuring a robust cloud security posture. Approaches like the one just mentioned have mitigated security concerns, as cited in a recent study by Forrester which stated that trust in cloud security is a major driver for the adoption of more cloud services.
Jonathan is the Cloud Security Product Marketing Manager at Check Point. He has held a variety of product, professional services, marketing, and business development positions at companies ranging from three-person startups to large multinational corporations. He tries to be very green and he trains for marathons between injuries.
Based on the shared responsibility model, at the infrastructure layer (IaaS), cloud providers are responsible for securing their compute, network, and storage infrastructure resources. This leaves cloud users responsible for protecting data, applications, and other assets deployed on the infrastructure. Cloud providers offer a number of tools and services to help users meet their end of the shared responsibility model, and these are important parts of any cloud network security solution. However, cloud providers are not security specialists nor do they deal with multi-cloud infrastructures. Therefore, additional security solutions beyond these tools and services are required to achieve enterprise-grade network security.
A key foundational layer is cloud network security. Here, organizations often deploy virtual security gateways to provide advanced threat prevention, traffic inspection, and micro-segmentation. These solutions include multi-layered security technologies such as firewall, intrusion prevention system (IPS), application control, data loss prevention and others.
This article outlines 10 essential criteria when considering and choosing a cloud network security platform for your cloud deployment. It explains how you can ensure that vendor solutions have the features important to the success and security of your organization.
1. Does it offer advanced threat prevention and in-depth security?
Threat detection alone is not enough to effectively protect cloud resources in today’s complex cybersecurity landscape. Indeed, detecting a threat after it has penetrated the corporate network exposes the organization’s assets to unacceptable levels of cybersecurity risk.
You need real-time, multi-layered threat prevention for known and unknown (zero-day) vulnerabilities. The solution should provide in-depth security through features such as granular and deep traffic inspection, enhanced threat intelligence, and sandboxing that isolates suspicious traffic until it is validated or blocked. This will allow you to capture and neutralize the threat before entering the network. Additionally, these advanced capabilities must be deployed on both north-south (inbound/outbound) and east-west (lateral) traffic.
2. Is the solution borderless?
Security teams cannot deliver enterprise-grade protection with a fragmented stack of vendor- or environment-specific security tools. The solution must work seamlessly and consistently in the most complex multi-cloud and hybrid (public/private/on-premises) environments. A unified management interface, sometimes referred to as a “single pane of glass,” should provide a single source of truth about cloud network security, as well as a centralized command and control console.
3. Is there granular traffic inspection and control?
Without thorough traffic inspection, organizations are easy prey for evasion techniques that attempt to perform unauthorized actions through seemingly legitimate access points. Look for next-generation firewall (NGFW) capabilities, such as fine-grained match granularity that goes beyond basic whitelisting, deep inspection to ensure traffic matches allowed port objectives , advanced filtering based on URL addresses and checks not only on the port. level, but also at the application level.
4. Is there automation?
Any cloud solution that does not allow high levels of automation will be unsupportable and customers will abandon it. To match the speed and scalability of DevOps, the solution must support high levels of automation, including programmatic command and control of security gateways, seamless integration with CI/CD processes, automated threat response and remediation workflows, and dynamic policy updates that don’t require human intervention.
5. What is the onboarding experience and is there ease of use?
Integration is essential for a number of other considerations described here, such as the possibility of borderless operations and increased visibility. It plays an important role in building a cross-functional cloud security platform that not only addresses infrastructure security, but also application security, cloud security posture management, and more. .
Therefore, the solution should work well with your organization’s configuration management stack, including support for infrastructure-as-code deployments. Additionally, the solution must be deeply integrated with cloud provider offerings. In general, your goal should be to streamline operations and promote ease of use by minimizing the number of point security solutions that must be deployed and managed separately.
6. Is there adequate visibility and observability?
You can’t secure what you can’t see. The solution’s dashboards, logs, and reports should provide end-to-end, actionable visibility into events as they occur. For example, logs and reports should use easily parsed cloud object names rather than obscure IP addresses. This visibility is also important to improve forensic analysis in the event of a breach.
7. Is the solution scalable and does it have secure remote access?
In a world of highly distributed and mobile workforces, remote access to the corporate network that is both secure and efficient is essential. The solution should secure remote access to the enterprise cloud environment, with features such as multi-factor authentication, endpoint compliance scanning, and encryption of data in transit. Remote access must also be able to scale quickly, so that in times of disruption, like the COVID-19 pandemic, any number of remote employees can work productively yet safely.
8. Is there context-aware security management?
With asset, change, and configuration management frameworks playing a central role in vulnerability remediation efforts, your security platform must be able to transparently release changes and adapt in real time. all relevant security policies. The cloud network security solution must be able to aggregate and correlate information across the entire environment (public and private clouds as well as on-premises networks) so that security policies can be both contextual and consistent. Changes to network, asset, or security group configurations should be automatically reflected in their relevant security policies.
9. What vendor support is offered and industry recognitions?
In addition to the features and capabilities of the solution itself, it’s also important to take a close look at the vendor. Look for unbiased recommendations to find a vendor that can advance your cloud security strategy with the ability to adapt and adapt to your ever-changing business needs. Consider questions such as:
- Is it well rated by independent industry analysts and third-party security testing companies?
- Can it meet your SLAs?
- Has it proven itself?
- Can it provide added value, such as network security consulting services? Can it support your global operations?
- Does it commit to innovating so that its solution is sustainable?
- Is its software mature, with few vulnerabilities, and does it provide timely patches?
10. What is the total cost of ownership?
You want your cloud security platform to streamline operations, optimize workflows, and reduce costs, while improving your security posture. Determine total cost of ownership by looking at the flexibility of the licensing model, the extent to which the cloud security platform integrates with and leverages existing IT systems, the level and breadth of staff required to administer the system, provider MTTR and uptime SLAs, and more. The last thing you want is to be surprised by hidden infrastructure, staff, and other costs that only show up once the system is up and running.
Organizations migrating to the cloud need to be able to control their own data and keep it private, protect against cyber threats, and securely connect their cloud to their traditional on-premises network, while maintaining compliance with regulatory mandates. Adopting a cloud network security solution that meets these requirements and integrates seamlessly with their cloud provider will help organizations stay protected in an increasingly complex threat environment.
Photo by An Hoàng from Pexels.