As the leading provider of virtual firewalls by market share, we believe our approach to network security is best suited for helping customers minimize risk without slowing down the speed of business. It’s not an either/or proposition. Understanding what your choices truly are can help safeguard innovation as networks and infrastructure grow in complexity.
You have a lot of choices for implementing cloud network security. Traditional firewall vendors offer virtual firewalls, and public cloud vendors offer cloud-native firewalls. So how do you choose what’s best for you? In truth, the “choice” is a false one. Let’s see why.
Understand the Importance of Virtual Firewalls
The purpose of virtual (or software) firewalls is to protect applications and data that reside in both on-premises data centers (or private clouds) and public clouds. By using virtual firewalls, organizations want to minimize the risk of a breach. And they want to do it in a way that doesn’t slow down the business. They want a solution that moves at cloud speed, whether it’s procuring, installing, scaling, monitoring, or troubleshooting the solution.
Conventional Security Tradeoff Thinking Ensures Less-Than-Ideal Options
Today many organizations take a hybrid cloud approach to infrastructure, with a mix of on-prem, private cloud and public cloud environments. That means if an organization relies solely on cloud vendor-provided firewalls, it will be unable to minimize the risk of a breach, because it won’t have the security capabilities required to defend against today’s attacks. The firewalls cloud vendors supply do not provide critical and essential capabilities, such as:
- Detecting and blocking DNS attacks
- Blocking never-seen-before threats
- Preventing command and control communications
On the other hand, if an organization relies exclusively on a legacy firewall vendor’s virtualized offering, it may be able to reduce risk, but will be forced to slow down the business. As an example, many organizations want to automate the deployment and scaling of security in the same way as they work with cloud infrastructure, but typical virtual firewalls do not allow this flexibility. Nor are these virtual firewalls available in cloud-native form factors like Kubernetes-integrated containers.
With the proliferation of threats and heightened competition across industries, being forced to choose between these options is not much of a choice at all.
Take Advantage of Complete Capabilities
The Palo Alto Networks family of software firewalls – the VM-Series virtual firewall and CN-Series container firewall – provides the only cloud network security offering in the market that does not force organizations to make tradeoffs between minimizing risk and maintaining the speed of business.
This means you can get cloud network security that provides both risk reduction and speed. Palo Alto Networks Next-Generation Firewalls are:
- Best-in-class to provide you with instant protection: Thanks to inline machine learning (ML), you gain instant protection against most file and web-based unknown threats – as well as zero-delay signatures for near-real time protection against newly seen threats. We are the only vendor in the market today to offer these benefits, and our Next-Generation Firewalls receive 4.3 million unique security updates per day.
- Cloud-integrated to protect your apps wherever they live: Deep integrations with all major clouds and hypervisors means you can consume our software firewalls from cloud marketplaces, just like any other cloud-native tool. What’s more, we offer both virtualized and Kubernetes-integrated container form factors for your cloud environments.
- Automated for flexibility so you can use your preferred automation and orchestrations tools: Deploy software firewalls as code and make the most of tools such as AWS CloudFormation templates, Azure ARM templates, Kubernetes, Terraform, Ansible, and more. You can use the same tools to automatically scale your network security up or down. Additionally, you can automate policy changes when the cloud environment changes by using workload tags.
- Easy to manage to give you centralized visibility into all network-based threats: Our Panorama management tool gives you comprehensive visibility into all network-based threats, no matter where your applications live. Plus, you can manage unified network security policy for all clouds. Perform cloud-native operations with dedicated plugins for AWS, GCP, Azure, VMware NSX and Cisco ACI.
Figure 1: Our best-in-class approach to cloud network security meets the demands of today – and tomorrow.
Make the Choices That Provide Real Options
Today, more than 10,000 customers rely on our software firewalls, and the number keeps growing as we continue to be the market share leader.
If you’re ready to stop making unnecessary tradeoffs between risk reduction and speed, consider our proven ability to help you:
- Protect applications and developer environments in public clouds with protection against advanced threats.
- Mitigate lateral movement attacks in private clouds and virtualized data centers by enforcing trust zones and segmentation to protect east-west traffic.
- Embrace software-defined branches without sacrificing security by virtualizing network security and advanced threat protection.
The choice is yours. Sign up for your personalized demo and find out how to stop making unnecessary tradeoffs.