Solved

Firewall in the cloud

Posted on 2013-05-22
4
321 Views
Last Modified: 2013-06-07
My internet service provider suggested to host my firewalls for me. Are there any risks to replace on premise firewalls with a hosted one. I don't have technical stuff in my remote offices so it's great to not to have too much eqipment there. But am not very familiar with the risks associated with this and the SP is just trying to sell their services so will be great to get a second opinion esp from someone who has done this before.
Thank you!
0
Comment
Question by:Cozumel
4 Comments
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 50 total points
ID: 39188027
Here would be my thoughts. We use a traditional on-premise firewall. My questions in considering something like this are:

1. How does the cloud product stack up to Cisco, Juniper, Checkpoint,etc?
2. Is there any physical node between the ISP and your first inside device?  If so, that's a possible security hole.
3. In your current environment, do you have anything sitting between your on-premise FW and the outside? In our environment we do; we have an IDS/IPS device. Moving the firewall to the could would cause us to rethink this.

Our ISP, a major player in this arena, has just started offering DDoS service in the cloud that we are considering.  However, they are quick to say that they do NOT have anything close to a real fully functional firewall such as a Cisco ASA.
0
 
LVL 34

Assisted Solution

by:Michael-Best
Michael-Best earned 150 total points
ID: 39188079
Cloud firewall and antivirus protection work as if installed on your PC.
They protect you in the same way but do not slow your PC as the are running on the servers connecting to your PC.

Cloud protection is as good as local protection, only drawback is you may not be protected from locally connected infections loaded from USB drives or zip(ed) rar(ed) etc. packed files.
0
 
LVL 5

Assisted Solution

by:aarie
aarie earned 100 total points
ID: 39188732
Another thing to consider is the possible impact on performance. If you have different subnets and traffic from one subnet to another needs to pass through the firewall, placing that component in the cloud may cause a serious performance issue. Traffic will need to be sent to your provider, pass through the firewall and then needs to be sent back to your network. As all firewall traffic passes the link between your company and your provider, this may become a bottleneck as well.
0
 
LVL 3

Accepted Solution

by:
Nasir-Siddique earned 200 total points
ID: 39200378
If you trust your ISP performance and support system, you can do it. It will save your cost of buying equipment and their module along with licensing. In addition the operational cost and day to day upgrade depends upon the ISP as well.
If you have a strong SLA with the ISP this outsourcing is beneficial. Cloud based UTM services are integrated with number of ISP but their performance should be tested through proper POC for the features and services.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Is your company's data protection keeping pace with virtualization? Here are 7 dynamic ways to adapt to rapid breakthroughs in technology.
This Micro Tutorial will explain how to export DynamoDB tables in Amazon Web Services.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now