Firewall in the cloud

My internet service provider suggested to host my firewalls for me. Are there any risks to replace on premise firewalls with a hosted one. I don't have technical stuff in my remote offices so it's great to not to have too much eqipment there. But am not very familiar with the risks associated with this and the SP is just trying to sell their services so will be great to get a second opinion esp from someone who has done this before.
Thank you!
CozumelAsked:
Who is Participating?
 
Nasir-SiddiqueConnect With a Mentor Commented:
If you trust your ISP performance and support system, you can do it. It will save your cost of buying equipment and their module along with licensing. In addition the operational cost and day to day upgrade depends upon the ISP as well.
If you have a strong SLA with the ISP this outsourcing is beneficial. Cloud based UTM services are integrated with number of ISP but their performance should be tested through proper POC for the features and services.
0
 
jhyieslaConnect With a Mentor Commented:
Here would be my thoughts. We use a traditional on-premise firewall. My questions in considering something like this are:

1. How does the cloud product stack up to Cisco, Juniper, Checkpoint,etc?
2. Is there any physical node between the ISP and your first inside device?  If so, that's a possible security hole.
3. In your current environment, do you have anything sitting between your on-premise FW and the outside? In our environment we do; we have an IDS/IPS device. Moving the firewall to the could would cause us to rethink this.

Our ISP, a major player in this arena, has just started offering DDoS service in the cloud that we are considering.  However, they are quick to say that they do NOT have anything close to a real fully functional firewall such as a Cisco ASA.
0
 
Michael-BestConnect With a Mentor Commented:
Cloud firewall and antivirus protection work as if installed on your PC.
They protect you in the same way but do not slow your PC as the are running on the servers connecting to your PC.

Cloud protection is as good as local protection, only drawback is you may not be protected from locally connected infections loaded from USB drives or zip(ed) rar(ed) etc. packed files.
0
 
aarieConnect With a Mentor Commented:
Another thing to consider is the possible impact on performance. If you have different subnets and traffic from one subnet to another needs to pass through the firewall, placing that component in the cloud may cause a serious performance issue. Traffic will need to be sent to your provider, pass through the firewall and then needs to be sent back to your network. As all firewall traffic passes the link between your company and your provider, this may become a bottleneck as well.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.