Solved

Firewall in the cloud

Posted on 2013-05-22
4
333 Views
Last Modified: 2013-06-07
My internet service provider suggested to host my firewalls for me. Are there any risks to replace on premise firewalls with a hosted one. I don't have technical stuff in my remote offices so it's great to not to have too much eqipment there. But am not very familiar with the risks associated with this and the SP is just trying to sell their services so will be great to get a second opinion esp from someone who has done this before.
Thank you!
0
Comment
Question by:Cozumel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 50 total points
ID: 39188027
Here would be my thoughts. We use a traditional on-premise firewall. My questions in considering something like this are:

1. How does the cloud product stack up to Cisco, Juniper, Checkpoint,etc?
2. Is there any physical node between the ISP and your first inside device?  If so, that's a possible security hole.
3. In your current environment, do you have anything sitting between your on-premise FW and the outside? In our environment we do; we have an IDS/IPS device. Moving the firewall to the could would cause us to rethink this.

Our ISP, a major player in this arena, has just started offering DDoS service in the cloud that we are considering.  However, they are quick to say that they do NOT have anything close to a real fully functional firewall such as a Cisco ASA.
0
 
LVL 34

Assisted Solution

by:Michael-Best
Michael-Best earned 150 total points
ID: 39188079
Cloud firewall and antivirus protection work as if installed on your PC.
They protect you in the same way but do not slow your PC as the are running on the servers connecting to your PC.

Cloud protection is as good as local protection, only drawback is you may not be protected from locally connected infections loaded from USB drives or zip(ed) rar(ed) etc. packed files.
0
 
LVL 5

Assisted Solution

by:aarie
aarie earned 100 total points
ID: 39188732
Another thing to consider is the possible impact on performance. If you have different subnets and traffic from one subnet to another needs to pass through the firewall, placing that component in the cloud may cause a serious performance issue. Traffic will need to be sent to your provider, pass through the firewall and then needs to be sent back to your network. As all firewall traffic passes the link between your company and your provider, this may become a bottleneck as well.
0
 
LVL 3

Accepted Solution

by:
Nasir-Siddique earned 200 total points
ID: 39200378
If you trust your ISP performance and support system, you can do it. It will save your cost of buying equipment and their module along with licensing. In addition the operational cost and day to day upgrade depends upon the ISP as well.
If you have a strong SLA with the ISP this outsourcing is beneficial. Cloud based UTM services are integrated with number of ISP but their performance should be tested through proper POC for the features and services.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Big data transfers via information superhighways require special attention and protection. Learn more about the IT-regulations of the country where your server is located. Analyze cloud providers and their encryption systems for safe data transit. S…
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question