Cloud-native firewalls are the next step in network security

Network security is a foundational cybersecurity issue, and the rise of Secure Access Service Edge and security service edge are leading the shift of network security controls from on-premises to the cloud.

Network security occasionally gets a bad rap as a legacy technology. It can be overlooked compared to hotter growth areas, such as cloud and identity security. The truth is that the network security market has been undergoing a transformation for years and remains a foundational component of any cybersecurity program. The rise of SASE and SSE put a label on a well-established trend: the shift of on-premises controls to the cloud.

In addition to shifting controls to the cloud, infrastructure in the cloud needs to be protected. Until recently, security teams have had two main network security options for protecting their cloud infrastructure, each with its own set of pros and cons:

1. Use firewall tools from the cloud service provider. Often favored by cloud teams and organizations born in the cloud, cloud service provider (CSP) firewalls offer ease of use due to native integrations with the CSP's infrastructure and management console. TechTarget's Enterprise Strategy Group research, "Network Security Trends in Hybrid Cloud Environments," found that 48% of organizations using CSP firewalls do so for ease of management, while 46% do so for ease of deployment.
   
   The security capabilities of these tools might not be up to par with what organizations are accustomed to using on premises. Firewall vendors have spent years optimizing intrusion detection systems, intrusion prevention systems, sandboxes and other advanced security options available on their firewalls. CSP offerings don't always provide the same type of functionality.

2. Use virtual instances of traditional on-premises firewalls. Virtual firewalls are often deployed by large, multi-cloud organizations that need to protect hybrid infrastructure across multiple CSPs. They help security teams extend what they're used to on premises to the cloud, which provides consistency from management and policy perspectives. Virtual firewalls also provide the same security capabilities as hardware firewalls, ensuring strong protection in the cloud.

Enterprise Strategy Group research found that 51% of security teams using virtual firewalls in the cloud do so for better alignment with their organization's structure and skills -- i.e., what they're used to. Unfortunately, this VM model is not natively integrated with the cloud infrastructure, making deployment and ongoing management more difficult. Administrators typically must deploy load balancers and manually add VMs as the environment grows, which somewhat negates the elasticity the cloud is supposed to provide.