How to Choose a Cloud Network Security Solution, CIO News, ET CIO
Cloud security has become essential for businesses as organizations expand and deepen their presence in the cloud. According to our 2020 Cloud Security Report, 75% of companies surveyed were very or extremely concerned about cloud security. Similarly, a recent study by Forrester stated that trust in cloud security is a top driver of adoption of more cloud services.
The figure below illustrates the kind of multi-layered yet unified cloud security platform organizations need to have in place to protect their cloud deployments and ensure a robust cloud security posture.
Figure 1: The multiple layers of a unified cloud-native security platform
It’s always important to remember that cloud security operates under a shared responsibility model. At the infrastructure (IaaS) level, cloud providers are responsible for securing the resources of their computing network storage infrastructure, while users are responsible for protecting data, applications, and other assets deployed on infrastructure. The tools and services offered by cloud providers to help users meet their end of the shared responsibility model are important parts of any cloud network security solution. However, cloud providers are not security specialists; these cloud provider tools and services must be complemented by partner solutions to achieve enterprise-grade network security.
As shown in Figure 1, a key foundational layer is cloud network security, where organizations should deploy virtual security gateways to provide advanced threat prevention, traffic inspection, and micro-segmentation. These security solutions use multiple layered security technologies including firewall, IPS, application control, DLP and others.
Here are the top ten considerations a business should take into account when choosing their cloud network security platform. They explain how you can ensure that vendor solutions have the capabilities that are important to the success and security of your organization.
1. Advanced threat prevention and in-depth security
Threat detection alone is not enough to effectively protect cloud resources in today’s complex cybersecurity landscape. You need real-time, multi-layered threat prevention for known and unknown (zero-day) vulnerabilities. The solution should provide in-depth security through features such as granular and deep traffic inspection, enhanced threat intelligence, and sandboxing that isolates suspicious traffic until it is validated or blocked. And these advanced capabilities must be deployed on both North-South (inbound/outbound) and East-West (lateral) traffic.
2. Without borders
The solution must work seamlessly and consistently in the most complex multi-cloud and hybrid (public/private/on-premises) environments. A unified management interface (sometimes called a “single pane of glass”) should provide a single source of truth about cloud network security as well as a centralized command and control console.
3. Granular traffic inspection and control
Look for next-generation firewall (NGFW) capabilities, such as fine-grained match granularity that goes beyond basic whitelisting, deep inspection to ensure traffic matches allowed port objectives , advanced filtering based on URL addresses and controls not only at the port level. but also at the application level.
In order to match the speed and scalability of DevOps, the solution must support high levels of automation, including programmatic command and control of security gateways, seamless integration with CI/CD processes , automated threat response, remediation workflows, and dynamic policy updates that don’t require human intervention.
5. Integration and ease of use
The solution should work well with your organization’s configuration management stack, including support for Infrastructure as Code deployments. Additionally, the solution must be deeply integrated with cloud provider offerings. In general, your goal should be to streamline operations and promote ease of use by minimizing the number of point security solutions that must be deployed and managed separately.
The solution’s dashboards, logs, and reports should provide end-to-end, actionable visibility into events as they occur. For example, logs and reports should use easily parsed cloud object names rather than obscure IP addresses. This visibility is also important to improve forensic analysis in the event of a breach.
7. Scalable and Secure Remote Access
The solution should secure remote access to the enterprise cloud environment with features such as multi-factor authentication, endpoint compliance scanning, and encryption of data in transit. Remote access must also be able to scale quickly so that during times of disruption such as the COVID-19 pandemic, any number of remote employees can work productively yet safely.
8. Context-Aware Security Management
The cloud network security solution must be able to aggregate and correlate information across the entire environment (public and private clouds as well as on-premises networks) so that security policies can be both contextual and consistent. Changes to network, asset, or security group configurations should be automatically reflected in their relevant security policies.
9. Vendor Support and Industry Recognition
In addition to the features and capabilities of the solution itself, it’s also important to take a close look at the vendor. Is it highly rated by independent industry analysts and third-party security testing companies? Can it meet your SLAs? Has it proven itself? Can it provide added value, such as network security consulting services? Can it support your global operations? Does it commit to innovating so that its solution is sustainable? Is its software mature, with few vulnerabilities, and does it provide timely patches?
10. Total cost of ownership
The total cost of ownership is determined by several factors, all of which should be considered as part of the purchasing process: the flexibility of the licensing model, the extent to which the cloud security platform integrates transparent to and leverages existing IT systems, the level and scope of staff required to administer the system, vendor MTTR and availability SLAs, and more. You want your cloud security platform to streamline operations, optimize workflows, and reduce costs while improving your security posture. The last thing you want is to be surprised by hidden infrastructure, staff, and other costs that only show up once the system is up and running.
Organizations are increasingly turning to the cloud to meet business demands. These organizations want the ability to control their own data and keep it private, protect against cyber threats, and securely connect their cloud to their traditional on-premises network, all while maintaining compliance with regulatory mandates. Adopting a cloud network security solution that meets these requirements will help organizations stay protected in an increasingly complex threat environment.
The author is Manager, Cloud and Growth Technologies, India and SAARC, Check Point Software Technologies