2018 Press Releases

March 30, 2018

Research Highlights the Importance of Cloud-Specific Security Capabilities

Note from Editor:

The digitalised era has brought about the need for better and stronger security as information gets shared faster and in more ways than we can count. We spoke to Tim Jefferson, VP, Public Cloud at Barracuda Networks on the steps taken to improve their offering following this press release.

He shared with us examples of how security tools specifically designed for the public cloud can make a business more secure than they were when they operated purely on-premises.

“Yes, by supporting and integrating with the IaaS platform native services, security tools have access to more actionable security telemetry via the management plane APIs. These services provide better visibility into cloud specific threat vectors like unauthorised/suspicious use of credentials, and configuration vulnerabilities".

He also gave us an idea of how customers benefit from the cloud without compromising their security position.

“Customers can be actionably more secure in public cloud than (they) can be on-premises. By default, they inherit hundreds of security controls via the Shared Responsibility Model, and can leverage the platform native services APIs to automate security controls that suit their security risk model”.

He shared also that the reason such a high percentage, 83 percent of respondents, have concerns about deploying traditional firewalls in the cloud was because firewalls that are not designed for public cloud environments tend to add friction to migrations. These firewalls are designed around data-center constructs: they’re optimized around architectures that are tightly-coupled and scale vertically. This, he said was an anti-pattern for public cloud deployment best practices which suggest building loosely-coupled architectures that scale horizontally. Customers are realising they need the security controls that firewalls provide, but must choose solutions that are optimised for the environments they are getting deployed into.
The original article follows.

Barracuda Networks, Inc., today released “Firewalls and the Cloud,” a survey of IT professionals responsible for cloud environments. This survey, which is comprised of data collected from over 600 respondents from around the world, provides an overview of experiences and attitudes in regards to cloud security. In order to accomplish this, a wide range of questions on the current state of security in the cloud were sent to participants who were identified as having security responsibility in environments with significant cloud investments.
Key Findings Include:
The cloud is redefining the role of the firewall 
An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, with 39 percent naming “pricing and licensing not appropriate for the cloud,” and 34 percent citing “lack of integration prevents cloud automation” as their top two concerns. 
Value found in cloud-specific security capabilities
74 percent of respondents cite the most beneficial cloud-specific firewall capability as “Integration with cloud management, monitoring, and automation capabilities,” and 59 percent cite “easy to deploy and configure by cloud developers” as the second most beneficial capability.
DevOps teams benefit from security automation   
Of the organizations that have adopted DevOps, DevSecOps, or CI/CD (continuous integration and continuous deployment), 93 percent have faced challenges integrating security into those practices.
“A few points really stand out based on the information presented from this survey,” said Tim Jefferson, VP public cloud, Barracuda. “We’re continuing to see questions and concerns around how organizations should be approaching security with their cloud deployments, especially from larger companies. There are a number of reasons for this, but for organizations that are used to operating under traditional data center architecture, moving to the cloud will require a new way of thinking when they approach security. Using security tools specifically designed for the public cloud can actually make a business more secure than they were when they operated purely on-premises.” 
Barracuda Cloud Generation Firewalls (CloudGen Firewall, and CloudGen WAF) provide the following security, access, and reliability features for cloud-connected networks:
Barracuda Cloud Generation Firewalls are designed to provide network and application security for cloud-only and hybrid-cloud environments. They provide cloud-specific features including metered billing, API support for DevSecOps teams, fully meshed connectivity and scalability to help organizations align security with their cloud deployments. Highlights include:

  • Well-architected for the public cloud –Integrate directly with public cloud fabric, provide API integrations for DevOps tools and automation workflows, and centrally manage across hybrid environments. This gives customers the benefits of the cloud without compromising their security posture.

  • Support for cloud-specific use cases – Support unique requirements of the cloud including horizontal scalability, distributed policy sets, fully meshed connectivity and north-south traffic management. Meeting these requirements allows customers to leverage the benefits of cloud automation around deployment, autoscaling, high-availability, networking, and monitoring. 

  • Match Customer's Cloud Consumption Models – Licensing that allows customers to deploy security in alignment with their current public cloud consumption model.