Managed Network Security and Firewall as a Service (FWaaS)

FWaaS enables organizations to eliminate firewall appliances and simplify their IT infrastructure

Firewall as a service (FWaaS) is a cloud-based firewall that delivers advanced Layer-7/next-generation firewall (NGFW) capabilities, including access controls, such as URL filtering, advanced threat prevention, intrusion detection and prevention systems (IDPS) and DNS security.

The concept of the FWaaS is not about simply virtualizing appliances. FWaaS enables organizations to eliminate firewall appliances and simplify their IT infrastructure. Centralized management from a single console enables organizations to eliminate the challenges of change control, patch management, coordinating outage windows, and policy management associated with NGFW appliances while delivering consistent policies across the organization wherever users connect.

As organizations embrace a cloud-first approach, they still need to deliver enterprise firewall capabilities across the organization for all users and all locations. Unfortunately, NGFWs were architected more than a decade ago and are not designed to support cloud applications or the dynamic requirements of the cloud-first enterprise. Their virtual firewall counterparts have many of the same limitations and challenges as traditional NGFW appliances. It makes sense that as applications are moving to the cloud, your firewalls move to the cloud as well.

Cloud FWaaS allows organizations to establish secure local breakouts for all applications without security appliances to buy, deploy, or manage. Security capabilities, including full Layer 7 firewall, are delivered as a cloud service that scales elastically to handle SSL inspection, growing bandwidth and user demands, and cloud application traffic with long-lived connections. Centralized management from a single console enables organizations to deliver identical protection for any user, on any device, wherever they connect—whether they are at the corporate office, visiting a local branch, or working from home.

Proxy-based architecture

Cloud IDPS

DNS security and control

Visibility and simplified management

Proxy-based architecture

This design dynamically inspects traffic for all users, applications, devices, and locations. It natively inspects SSL/TLS traffic—at scale—to detect malware hidden in encrypted traffic. And it enables granular firewall policies spanning multiple layers based on network app, cloud app, domain name (FQDN), and URL. A proxy-based architecture is required to stop today’s advanced threats.

Cloud IDPS

A cloud-based intrusion detection and prevention system (IDPS) delivers always-on threat protection and coverage, regardless of connection type or location. It inspects all user traffic on and off-network, even hard-to-inspect SSL traffic, to restore full visibility into user, app, and internet connections.

DNS security and control

As the first line of defense, a cloud-based firewall protects users from reaching malicious domains. It optimizes DNS resolution to provide a better user experience and cloud application performance, which is especially critical for CDN-based apps. And it provides granular controls to detect and prevent DNS tunneling.

Visibility and simplified management

A cloud-based firewall delivers real-time visibility, control, and immediate policy enforcement across the platform. It logs every session in detail and uses advanced analytics to correlate events and provide insight into threats and vulnerabilities for all users, applications, and locations from a single console.”

Our Partners

AccessOne
att
cato
comcast
corvid
cyxtera
databank
drawbridge
evolve ip
liquidweb
lumen
masergy
netfortris
netwolves
opensystem
qos networks
rackspace
tierpoint
verizon
windstream