Cloud networking firm Aviatrix has developed a new security platform solution that combines traffic inspection and policy enforcement across multiple cloud environments. The Distributed Cloud Firewall utilises native cloud platform features and Aviatrix’s technology to offer consolidated visibility and management of cloud workloads, as well as the ability to apply the same security policies across different clouds, according to Rod Stuhlmuller, VP of solutions marketing at Aviatrix. Security providers have been working towards addressing the challenges facing the growing number of companies with multicloud infrastructures. The 2023 State of the Cloud report by Flexera found that 87% of businesses now operate on a multicloud platform, with 72% using a hybrid system of private cloud infrastructure and public cloud services. However, challenges cited by businesses include managing the architectures and security of their cloud infrastructure, with 80% and 78% struggling with these issues respectively.
One issue is the lack of consistency between cloud service providers (CSPs) in how they handle security, traffic inspection and workload deployment, causing security to suffer as companies lose visibility into their cloud infrastructure security. “What the security team needs is visibility across all of that, and it’s a nontrivial challenge to be able to provide not just that visibility, but the ability to investigate across all of that when something goes bang in the night”, says Patrick Coughlin, vice president of technical go-to-market for Splunk, a data and insights cloud platform.
Initially, many security providers created virtual instances of their firewall appliances and set these as gateways to cloud infrastructure, but they have become increasingly difficult to manage across multiple cloud platforms. Aviatrix’s solution enables companies to create an abstracted policy that can be applied across all the cloud platforms, utilising native security groups, without the need for administrators to make changes for each cloud. For businesses with proliferating workloads driven by microservice-based software architecture, the number of containers and virtual machines that need updating can skyrocket.
Other major vendors that focus on cloud workload security include Palo Alto Network, McAfee Enterprise, Trend Micro, Rapid7, and Check Point Software Technologies, according to Forrester Research. However, Aviatrix believes its distributed firewalls can enable cost savings due to the ability to run network address translation (NAT) and only charge per hour, as opposed to charging both per hour and by bandwidth. Another cost benefit arises from simplifying security in the cloud, which reduces the overhead costs of securing workloads and allows security professionals to focus on improving security maturity.
Multicloud security cuts costs, according to Andras Cser, vice president and principal analyst at Forrester Research. “Organizations do not have to invest in procuring and training for multiple cloud providers’ security solutions. They can, instead, use a single provider or cloud provider to source all cloud security capabilities from one tool — this reduces errors, improves security posture, and cuts costs”. Cser believes that simplifying the approach to security in the cloud is essential for companies trying to reduce the overhead costs of securing workloads, while enabling security professionals to focus on improving the security maturity.