Aviatrix has expanded its Multi-Cloud Backbone portfolio by adding a firewall network service that deploys the Palo Alto Networks VM-Series next-generation firewalls.
One of the main aspects of the Aviatrix Firewall Network Service is the intelligent controller. According to Aviatrix, it delivers intelligent orchestration and control of native cloud services through the Amazon Web Services Transit Gateway. The intelligent controller interconnects virtual private clouds and on-premises networks.
When building the Firewall Network Service, Aviatrix aimed to remove the restrictions of deploying VM-Series firewalls in an AWS Transit Gateway -- namely, according to Aviatrix, that users are generally required by the native cloud networking constructs to negotiate tradeoffs in performance and visibility as they increase scale.
Aviatrix removed the need to use IPSec tunneling for route propagation and packet forwarding, which the vendor claims eliminates the visibility loss when it has to perform source network address translation at the firewall. Aviatrix said this avoids asymmetric routing when using equal-cost multipath routing to scale in a native AWS Transit Gateway implementation.
Additionally, Aviatrix claimedthe intelligent orchestration and control service reduces the entire installation and configuration time from hours or days to minutes.
To protect against malware and other attacks, the intelligent controller automates the propagation of routes across all virtual private clouds and VM-Series firewalls, and it directs specified traffic through the VM-Series firewalls for inspection.
Aviatrix also claimed it creates a frictionless journey for bringing next-generation firewalls to the cloud by load balancing packets across multiple availability zones to scale out firewall instances deployment.
Next-generation firewalls fill the gap in network security left by traditional firewalls and antivirus software that can't keep up with today's threats. According to Market Research Future, the global next-gen firewall market is expected to reach $4.69 billion by 2023 and is currently growing at 8% a year.
There are some common features all next-gen firewalls have, such as unified threat management, nondisruptive inline bump-in-the-wire configuration, network address translation, packet inspection, VPN, integrated signature-based intrusion protection systems engine and application awareness.
However, each individual vendor has its own less common feature that can make one product better for a customer than another. For instance, Cisco provides application visibility and control and has URL filtering, while Forcepoint has antimalware sandboxing.
The Firewall Network Service is available now as part of the Multi-Cloud Backbone.