Cloudbrink has introduced firewall-as-a-service (FWaaS) to its zero-trust access solution, becoming the first vendor to offer granular security controls right to the user edge. The addition aims to enhance remote-user security and network performance.
The FWaaS enables admins to set detailed controls based on end-users static and dynamic properties. The company also announced plans to introduce reporting capabilities and an IPsec connectivity option. The enhanced service is scheduled for release in December 2023.
- Cloudbrink has introduced firewall-as-a-service (FWaaS) to its zero-trust access solution, providing granular security controls to the user edge for comprehensive endpoint device protection.
- Cloudbrink claims that traditional and next-generation firewalls are inadequate in protecting end users and their devices and that offloading remote-user security functions improves the stability of existing firewalls and network performance.
- Cloudbrink’s FWaaS enables administrators to set granular controls based on static and dynamic properties of end-users and their devices, and future releases will include reporting capabilities and opportunities to tune application performance.
Cloudbrink Revolutionises Security with Firewall-as-a-Service
In an industry-first move, tech firm Cloudbrink has introduced firewall-as-a-service (FWaaS) to its zero-trust access solution. This is set to bring about a new level of security, extending to the user edge, and ensuring comprehensive protection for endpoint devices.
A Step Beyond Traditional Firewalls
Cloudbrink argues that both traditional and next-generation firewalls fall short when it comes to securing end users and their devices. The addition of FWaaS to its service offering is touted as a solution to this problem. By offloading remote-user security functions, Cloudbrink hopes to improve the stability of existing firewalls and enhance the network performance experienced by remote users.
Cloudbrink’s CEO, Prakash Mana, emphasised the need for this evolution in firewall technology:
“Firewalls were designed to protect the data centre, then the network, and now the cloud. But you have to deliver protection where data is consumed and curated, which is with your users – and increasingly users are everywhere.”
Granular Control and Future Features
Cloudbrink’s FWaaS solution allows administrators to set granular controls based on the static and dynamic properties of end-users and their devices. This includes determining what resources or applications can be accessed by specific individuals. Furthermore, introducing dynamic properties will soon enable checks for device compliance, like when a virus scan was last conducted.
Looking ahead, Cloudbrink plans to release reporting capabilities. This will help security and networking teams identify anomalies based on user behaviour and enhance application performance.
Implementing Zero-Trust Access and Moving Target Defence
Beyond FWaaS, Cloudbrink’s service already integrates zero-trust access and moving target defence principles. It utilises rotational mTLS (mutual Transport Layer Security) 1.3 to refresh user certificates automatically, offering a narrow window for potential attackers even if a device is compromised.
IPSec Capability and Future Availability
In addition to its FWaaS functionality, Cloudbrink plans to offer customers the ability to access data centre applications using IPSec as an alternative to the Cloudbrink Connector. This IPsec capability will support connections through existing network firewalls, SD-WAN gateways, routers and other IPSec devices.
Final Thoughts
Cloudbrink’s introduction of FWaaS to its zero-trust access solution marks a significant step forward in the cybersecurity landscape. By offering granular security controls to the user edge, the company is addressing a gap left by traditional firewall solutions.
The future features planned, such as dynamic properties and reporting capabilities, will only enhance the flexibility and comprehensiveness of this service. While it remains to be seen how the market will respond to this innovation, it’s clear that Cloudbrink is pushing the boundaries of what’s possible in endpoint device protection.
FAQ
Q: What is Cloudbrink’s firewall-as-a-service (FWaaS)?
A: Cloudbrink’s FWaaS is a solution that provides granular security controls to the user edge for comprehensive protection of endpoint devices.
Q: Why does Cloudbrink claim that traditional and next-generation firewalls fail to protect end users and their devices?
A: According to Cloudbrink, traditional and next-generation firewalls were not designed to protect a large work-from-anywhere workforce. They focus on protecting the data centre, network, and cloud, but fail to deliver protection where data is consumed and curated – with the users.
Q: How does offloading remote-user security functions improve network performance?
A: Offloading remote-user security functions to Cloudbrink’s FWaaS improves the stability of existing firewalls and enhances the network performance experienced by remote users.
Q: What are the advantages of using Cloudbrink’s FWaaS alongside existing firewalls?
A: Cloudbrink’s FWaaS takes care of remote users, allowing existing firewalls to focus on their intended jobs, such as Layer 3 protection against DDoS attacks. This approach provides better management and control for IT teams without compromising end-user productivity.
Q: What granular controls can admins set with Cloudbrink’s FWaaS?
A: Admins can set granular controls based on static and dynamic properties of end-users and their devices. Static properties include resource and application access rules for individuals, while dynamic properties cover device compliance, such as the last virus scan run.
Q: What additional capabilities are scheduled for future releases of Cloudbrink’s FWaaS?
A: Future releases of Cloudbrink’s FWaaS will include reporting capabilities to spot anomalies based on user behavior and opportunities to tune application performance.
Q: How does Cloudbrink’s FWaaS enhance security for distributed systems?
A: Firewalling for endpoints is crucial for security in distributed systems, especially with the growth of the hybrid workforce. Cloudbrink’s FWaaS provides better management and control for IT teams without compromising end-user productivity.
Q: What security principles does Cloudbrink’s service already implement?
A: Cloudbrink’s service already implements zero-trust access and moving target defence principles. It uses rotational mTLS 1.3 to automatically refresh user certificates at short intervals, providing a narrow window for attackers even if a device is compromised.
Q: How does Cloudbrink’s service support access to data centre applications?
A: Cloudbrink’s service allows customers to access data centre applications using IPsec as an alternative to the Cloudbrink Connector. This capability supports connections through existing network firewalls, SD-WAN gateways, routers, and other IPsec devices.