A cloud firewall protects cloud infrastructure from attacks, just as a traditional firewall protects on-premise networks.
Após ler este artigo, você será capaz de:
Copiar o link do artigo
A cloud firewall is a security product that, like a traditional firewall, filters out potentially malicious network traffic. Unlike traditional firewalls, cloud firewalls are hosted in the cloud. This cloud-delivered model for firewalls is also called firewall-as-a-service (FWaaS).
Cloud-based firewalls form a virtual barrier around cloud platforms, infrastructure, and applications, just as traditional firewalls form a barrier around an organization's internal network. Cloud firewalls can also protect on-premise infrastructure.
A firewall is a security product that filters out malicious traffic. Traditionally, firewalls have run in between a trusted internal network and an untrusted network – e.g., between a private network and the Internet. Early firewalls were physical appliances that connected to an organization's on-premise infrastructure. Firewalls block and allow network traffic according to an internal set of rules. Most firewalls allow administrators to customize these rules.
The border between a trusted network and the Internet is called the "network perimeter." However, with the growing popularity of cloud computing, the network perimeter is mostly gone. Thus, cloud firewalls that form a virtual barrier between trusted cloud assets and untrusted Internet traffic are increasingly important.
Firewall-as-a-Service, or FWaaS for short, is another term for cloud firewalls. Like other "as-a-service" categories, such as software-as-a-service (SaaS) or infrastructure-as-a-service (IaaS), FWaaS runs in the cloud and is accessed over the Internet, and a third-party vendor updates and maintains it.
Os bancos contam com muita segurança física. A maioria dos bancos físicos inclui recursos de segurança, como câmeras de segurança e vidro à prova de balas. Os agentes de segurança e funcionários do banco também ajudam a barrar possíveis ladrões. Além disso, o dinheiro fica guardado em cofres extremamente seguros.
But imagine if, instead of being kept in one place, each bank branch's cash was stored in different safes all over the country that were operated by a company specializing in safe maintenance. How could the bank be sure that its money was secure without deploying additional security resources around its scattered safes? This is akin to what cloud firewalls do.
The cloud is like a bank with scattered resources, but instead of money, the cloud stores data and computational power. Authorized users can connect to the cloud from anywhere and on almost any network. Applications that run in the cloud can be running anywhere, and that also applies to cloud platforms and infrastructure.
Os firewalls de nuvem bloqueiam ataques cibernéticos direcionados a esses ativos na nuvem. Implantar um firewall de nuvem é como substituir as câmeras de segurança locais e um agente de segurança físico de um banco por uma central de segurança global 24 horas por dia, sete dias por semana, com equipe centralizada e feeds de câmeras de segurança de todos os locais onde os ativos de um banco estão armazenados.
A next-generation firewall (NGFW) is a firewall that includes new technologies that weren't available in earlier firewall products, such as:
NGFWs can run in the cloud or as on-premise hardware. A cloud-based firewall may have NGFW capabilities, but an on-premise firewall could also be an NGFW. Learn more about NGFW vs. FWaaS.
O Serviço de Acesso Seguro de Borda, ou SASE, é uma arquitetura de rede baseada em nuvem que combina as funções de rede, como WANs definidas por software, com um conjunto de serviços de segurança, incluindo o FWaaS. Diferentemente dos modelos tradicionais de rede, nos quais o perímetro de data centers no local precisa ser protegido por firewalls no local, o SASE oferece segurança e controle de acesso abrangentes na borda da rede.
Within a SASE networking model, cloud-based firewalls work in tandem with other security products to defend the network perimeter from attacks, data breaches, and other cyber threats. Rather than using multiple third-party vendors to deploy and maintain each service, companies can use a single vendor that bundles FWaaS, cloud access security broker (CASB) services, secure web gateways (SWG), and zero trust network access (ZTNA) with SD-WAN capabilities.
Cloudflare Magic Firewall is designed to protect both on-premise and cloud infrastructure via the Cloudflare global network. Magic Firewall is included in the Cloudflare One SASE platform — learn more here.
Navegação no Centro de Aprendizagem