IT PARK
    Most Popular

    What is brute force cracking?

    Apr 23, 2025

    How often should the router be turned off?

    May 06, 2025

    OpenAI develops new tool that attempts to explain the behavior of language models

    May 21, 2025

    IT PARK IT PARK

    • Home
    • Encyclopedia

      How is fingerprint recognition achieved?

      May 21, 2025

      Do you know what 3D Mapping is?

      May 20, 2025

      What is the hosts file? Where is the hosts file?

      May 19, 2025

      Apple phone into the water how to do? Four first aid measures to help you

      May 18, 2025

      A one-minute walk through the difference between a switch and a router

      May 17, 2025
    • AI

      OpenAI develops new tool that attempts to explain the behavior of language models

      May 21, 2025

      Meta Quest 3 expected to support generative AI by 2024

      May 20, 2025

      Can AI work this round when you ask a doctor online to break a disease?

      May 19, 2025

      NASA is developing an artificial intelligence interface where astronauts can talk directly to AI

      May 18, 2025

      76-year-old father of deep learning Hinton left Google! Publishes AI threat theory, pessimistic prediction of catastrophic risk

      May 17, 2025
    • Big Data

      What is Data Governance? Why do organizations need to do data governance?

      May 21, 2025

      Winning Business Excellence with Data Analytics

      May 20, 2025

      Has the development of big data come to an end?

      May 19, 2025

      How Research Institutes Should Use Data Analytics Tools to Improve Research Efficiency

      May 18, 2025

      How to Program Big Data Effectively

      May 17, 2025
    • CLO

      Last-generation firewalls won't meet cloud demands

      May 21, 2025

      Healthcare Explores Cloud Computing Market: Security Concerns Raise, Multi-Party Collaboration Urgently Needed

      May 20, 2025

      Remote work and cloud computing create a variety of endpoint security issues

      May 19, 2025

      Three common misconceptions about sustainability and cloud computing

      May 18, 2025

      Ten Ways Cloud-Native Development is Changing Cybersecurity

      May 17, 2025
    • IoT

      Self-driving cars: Opening the wave of full digital disruption in the Internet of Things era

      May 21, 2025

      Smart Supply Chain Guide

      May 20, 2025

      Internet of Things and the Elderly

      May 19, 2025

      The Future of the Internet of Things and Self-Storage

      May 18, 2025

      Skills shortage remains the biggest barrier to IoT adoption in the oil and gas industry

      May 17, 2025
    • Blockchain

      Blockchain technology helps track new crown virus

      May 21, 2025

      Blockchain Foundation - What is Blockchain Technology

      May 20, 2025

      Blockchain Wallet

      May 19, 2025

      Scientists propose quantum proof-of-work consensus for blockchain

      May 18, 2025

      How blockchain technology can be applied to environmental protection to drive a green economy

      May 17, 2025
    IT PARK
    Home » CLO » Last-generation firewalls won't meet cloud demands
    CLO

    Last-generation firewalls won't meet cloud demands

    Previous Generation Firewall (LGFW), the term Next Generation Firewall (NGFW) was coined 15 years ago.
    Updated: May 21, 2025
    Last-generation firewalls won't meet cloud demands

    The term Last Generation Firewall (LGFW), Next Generation Firewall (NGFW) was coined 15 years ago. Today, with the rapid evolution of cloud technology, these LGFWs are based on architectures developed for data centers that no longer meet the security needs of cloud and multi-cloud environments.

    Here are three reasons why cloud architectures are changing the game for local government firewalls:

    1. Changing Boundaries

    The traditional concept of static boundaries no longer exists in the cloud. Cloud networks are dynamic, endless, and constantly evolving, making it difficult to defend using traditional methods.LGFW requires traffic to be redirected to a centralized point of inspection and policy enforcement, which leads to operational complexity, bottlenecks, increased latency, and costly data processing. In addition, it becomes operationally infeasible to manage a large number of dynamic ingress and egress points in the cloud using the LGFW approach.

    2. Dynamic Cloud Applications

    Cloud applications are highly dynamic, use microservice architectures and containerization, and often rely on direct Internet connections and service grid networks. These applications need to scale elastically and rely on native cloud PaaS services and API gateways, which breaks the LGFW and proxy-based security approaches in the cloud. In addition, from a policy creation perspective, security teams can no longer define policies based on IP addresses, which are constantly changing in these dynamic application environments.

    3. Infrastructure Agility Requirements

    Cloud infrastructure teams need to keep up with the agility demands of modern applications. They must adopt rapid release cycles, DevSecOps automation, and leverage the CI/CD pipelines that application teams have used for years. However, the centralized appliance operating model that originated in the data center era of local government firewalls cannot meet the agility expectations of cloud software-defined agility. Migrating LGFWs to the cloud leads to operational challenges, tool sprawl and unsustainable cost increases.

    Organizations now need cloud cybersecurity solutions designed specifically for the cloud. Distributed cloud firewalls have emerged as a promising alternative to capitalize on the distributed nature of the cloud.

    Distributed Cloud Firewall Definition

    This is the approach to firewall policy creation familiar to security professionals, but architected to take advantage of the distributed nature of the cloud. Instead of distributing firewalls across locations, this approach distributes inspection and policy enforcement into the natural application communication paths in the cloud network while maintaining centralized policy creation.

    Here are five characteristics that security professionals should look for when exploring a distributed cloud firewall approach:

    1. Distributed enforcement in local cloud traffic

    The product should embed inspection and policy enforcement into the local cloud infrastructure and natural application communication paths, eliminating the need for traffic redirection, load balancer sandwiches and other network gymnastics. This ensures scalability, eliminates bottlenecks, and enables the entire cloud network to act as a single scalable firewall.

    2. Centralized Policy Creation Across Multi-Cloud Environments
    Cloud-aware policy creation uses dynamic cloud-native application workload identities (e.g., labels and attributes) rather than static IP addresses to abstract enforcement details. Security teams can define policies through a single programmable interface while supporting inspection and policy enforcement across multiple cloud environments.

    3. Cloud Operations Model

    The product should provide complete visibility and control, support elastic auto-scaling to match application requirements, and enable programmability using industry-standard infrastructure-as-code automation tools such as Terraform. It should integrate seamlessly into the DevSecOps CI/CD pipeline.

    4. Native Cloud Networking and Security Orchestration

    The product should utilize native cloud APIs for network and security orchestration, abstracting the complexity of the underlying infrastructure. This ensures consistency between cloud service providers and prevents conflicts between network and security configurations.

    5. Advanced Security Service Integration

    A distributed cloud firewall should provide more than just basic firewall functionality. It should support micro-segmentation, network isolation, automated threat detection and mitigation, anomaly detection, vulnerability scanning, cloud workload risk scoring, L7 decryption and inspection, full traffic visibility and audit reporting. It must maintain role-based access controls to separate network and security responsibilities, all integrated into the local cloud infrastructure and operations.

    Implementing a distributed cloud firewall can deliver significant business value to organizations compared to existing LGFW implementations. Benefits include lower total cost of ownership, increased cloud infrastructure agility, improved performance, shorter mean time to detect and resolve issues, simplified enterprise and regulatory compliance, and reduced overall business risk. By adopting a cloud-native security approach, organizations can better protect their cloud environments and adapt to the dynamic nature of the cloud.

    cloud computing Security Firewall
    Previous Article How do Bluetooth headsets achieve noise cancellation?
    Next Article What is the hosts file? Where is the hosts file?

    Related Articles

    CLO

    The shift of ERP to cloud computing requires ERP channels to adapt

    Apr 16, 2025
    CLO

    SaaS sprawl: meaning, hazard, status quo and mitigation plan

    May 10, 2025
    CLO

    Let's talk about the best practices of cloud governance

    Apr 30, 2025
    Most Popular

    What is brute force cracking?

    Apr 23, 2025

    How often should the router be turned off?

    May 06, 2025

    OpenAI develops new tool that attempts to explain the behavior of language models

    May 21, 2025
    Copyright © 2025 itheroe.com. All rights reserved. User Agreement | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.