Cloud Security and Governance – Mind the Security Gap
Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
With the advent of a Cloud Computing, an increasingly mobile workforce and choice of device and consumerisation of applications, the perimeter of a network now looks very different.
Nowadays the edge is very difficult to define for most businesses and edge protection has changed forever with the proliferation (and consumption) of cloud technologies. It’s no longer a traditional boundary. This however doesn’t mean that the traditional Firewall is dead.
Securing the traditional perimeter or edge of the traditional network is still a core security requirement. The deployment of Next Generation Firewalls (NGFW) on these egress points is still considered an essential component of a defence in depth strategy. The Firewall these days has developed with the times and these are now aggregation points for Cloud and SD-WAN services in addition to the threat prevention and detection components included
There are a number of differentiating factors when evaluating NGFW including:
Having multiple firewall vendors in a business can add to the complexity of the overall infrastructure and erode any savings initially delivered by the hardware mix. In most respects Secure-ISS recommend that businesses focus on one or two vendors for ease of management, monitoring and orchestration.
Having said that we would also caution business in relation to the current platform pitch. Many vendors now look to sell an entire security operations platform. From a marketing and operational sense this is a great goal, however the reality at the present time is that not all components within the platform are best of breed and have been bolted onto the platform.
Sales pitches aside, how many features are applicable to your businesses workloads and use cases. When considering a Firewall vendor be sure to document your use cases and overlay the requirements with the remainder of your security architecture and solution set. In our experience businesses are not using all of the Next Generation features and should ensure that they are not purchasing subscriptions or features that have little or no value to the business or that are not understood by the team deploying, managing and monitoring the solution.
A trending approach to firewalls for branch, small offices and remote/ mobile workers is a “Firewall as a Service” approach. This service provides a similar consumption based model (with little or no physical hardware) with the goal to provide simple and more flexible architecture, leveraging centralized policy management, multiple enterprise firewall features and traffic tunnelling to partially or fully move security inspections to a cloud infrastructure.
When evaluating these services, organisations should note where the services are delivered from as some vendors still don’t deliver services out of Australia or the greater Asia Pacific region.
Including Firewall management within a Managed Security Services framework provides a number of advantages to businesses of all sizes. These include access to skilled resources (addressing the current Cyber skills shortage), ensuring that your infrastructure is protected, that the solutions are working effectively across the business, monitored, maintained and incidents responded to on a timely basis. Secure-ISS provide a range of managed services for your edge and permitter protection requirements.
To discuss your Edge protection requirements or overall security strategy, reach out to one of our team today.
Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
Penetration Testing Penetration testing is essentially recreating malicious attacks in order to exploit and identify gaps…
Vulnerability Management – Assessment and Patching An effective Vulnerability Assessment (VA) approach Organisations are most likely…
Managed Detection and Response (MDR) What is a Managed Detection and Response service? Managed Detection and…
Endpoint Detection and Response Solutions – EDR / XDR / MDR Endpoint Protection Platforms (EPP) are…
SOAR – Security Operations, Analytics and Reporting Orchestration and Automation of incident response are key elements…
Threat Intelligence What is Threat Intelligence? Threat intelligence is information about the activity taking place inside…
CASB – Cloud Access Security Broker Cloud Access Security Brokers (CASB) provide visibility and control of…
Least Privilege Access Control A “Least Privileged” access control regime provides users with only the minimum…
Incident Response Process Incident Response Planning Not to be too negative, but a serious security incident…
Application Whitelisting What is Application Whitelisting? Application whitelisting is the practice of defining approved software within…
Web and Content Filtering Content Filtering involves the use of certain hardware and software components, that…
Network Intrusion Prevention System (IPS) IPS is a solution which is designed to prevent malicious activity…
Identity Access Management – Securing every Industry One of the most effective ways for a business…
Privileged Account Management (PAM) What does Privileged Access mean? Privileged access can be defined as administrative…
Monitor Security Services Keep your eyes on the pulse. You can collect and monitor information, identify…
Email Gateway Security ESGs – Even in a Cloud first world an Email Security Gateway is…
Vulnerability Management So what is Vulnerability Management? We’d suggest it is an ongoing process to ensure…
Edge Protection A business’s network edge or perimeter was once upon a time easily defined. Everything…
Endpoint Protection Platforms Anti-Malware and Anti-Virus – Critical to any security program Protection from malware, including…
Backup Strategy and Solutions Backing up your business data is a critical foundation of any business…