Hybrid mesh firewalls have become increasingly important in the current business landscape, as more organizations adopt hybrid workforces and cloud networks. These firewalls offer a solution to the challenge of securing on-premise environments, multiple cloud environments, and remote users. With the introduction of multiple firewall deployment types, including FWaaS (Firewall as a Service) and cloud firewalls, vendors are enabling organizations to extend network firewall controls to various enforcement points and manage them through a single dashboard.
It is important to note that hybrid mesh firewalls do not mean organizations have to buy all their firewalls from a single vendor. In fact, many enterprises opt for different vendors based on their specific use cases. For example, they may choose FortiGate for remote sites due to its integrated SD-WAN and firewall functions. For the data center, Palo Alto Network NGFW and Check Point Secure Gateways are popular choices. In cloud environments, organizations often rely on Check Point CloudGuard Network Security, while Zscaler Private Access is used to protect remote users. This multi-vendor strategy allows enterprises to avoid vendor lock-ins and ensure they have the best solution for each use case. Additionally, buying from the same vendor does not guarantee simplicity and centralized management.
One of the key capabilities of hybrid mesh firewalls is unified management. This refers to the ability to manage all the different firewall deployment types through a single dashboard. Unified management may vary depending on the deployment type:
1. Conventional On-Premises Firewalls:
Unified management for on-premise firewalls is generally well understood. Organizations should have a single dashboard to manage their data center and remote site firewalls.
2. Cloud Firewalls:
For cloud-based firewalls, they can either be under an organization’s administrative domains or managed by providers. If they are under an organization’s administrative domains, they should be treated like on-premise firewalls and managed from a single dashboard. If they are managed by providers as FWaaS, organizations need to consider specific requirements.
3. FWaaS:
Unified management for FWaaS refers to the management of third-party or cloud service provider firewalls. While organizations may not directly manage these firewalls, they still want to ensure that the provider’s firewalls are working effectively. Visibility to FWaaS availability is crucial in this case to avoid any disruptions.
4. Securing Remote Users:
Firewalls that secure user traffic on mobile devices or personal computers from anywhere are another form of FWaaS. Organizations deploy agents on devices to direct traffic to cloud-based firewalls for inspection. These firewalls control which software as a service (SaaS) and on-premise applications are available to users. Unified management for this type of firewall deployment involves coordination between infrastructure and endpoint teams to ensure connectivity and visibility.
In summary, unified management for hybrid mesh firewalls in a multi-vendor environment means having a single dashboard to manage all firewall deployment types. For conventional on-premise firewalls and cloud-based firewalls under administrative domains, this is relatively straightforward. However, for FWaaS and remote access firewalls, additional considerations such as visibility, connectivity, and coordination between different teams are required.
Ulrica de Fort-Menares, the Vice President of Product and Strategy at Indeni, emphasizes the importance of unified management in hybrid mesh firewall deployments. With her extensive experience in networking and security technologies, she understands the complexity of these deployments and the need for high-performance teams to manage them effectively.
About the Author:
Ulrica de Fort-Menares is the Vice President of Product and Strategy at Indeni with over 30 years of experience in developing software in networking and security technologies. She is passionate about simplifying complex technology and building exceptional teams. To learn more about Ulrica and Indeni, you can visit their company website at http://www.indeni.com/.