Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
FortinetNews
Home›News›Fortinet›Accelerating Your Cloud Security Strategy Without Compromising Protection

Accelerating Your Cloud Security Strategy Without Compromising Protection

By admin
04/09/2019
1523
0
Share:

Attacking web applications is the most common tactic used in data breaches, accounting for 52% of compromises. This trend has been true for the past several years in a row. And due to organization’s growing reliance on web applications, this is unlikely to change in the foreseeable future. The reality is that every new application deployed in the cloud expands the potential attack surface and the number of possible entry points into the network.

As organizations increasingly rely on web applications to compete in the digital marketplace, this potential exposure through compromised web applications continues to grow. Part of the difficulty in addressing this challenge, however, is that many organizations lack centralized visibility into their cloud environments, which only compounds legitimate concerns about being blindsided by a breach.

Organizations are looking to overcome this challenge so they can continue to leverage the benefits of dynamic scalability, flexibility, cost advantages and agile development strategies that the cloud uniquely offers. And organizations are seeking these benefits without compromising visibility or their critical security profile.

The other side of the security challenge is one of expectations. Enterprises that choose to host their applications in the cloud often erroneously assume that they don’t need to worry about security. What they need to understand is that while the cloud provider secures the underlying infrastructure, the customer is responsible for securing their applications and data.

Moving from DevOps to DevSecOps

To do this, organizations need to start by expanding their DevOps teams to focus on DevSecOps. In a complex cloud environment, security cannot be effectively implemented and managed at arm’s length by the central IT team. Instead, the cloud requires an immediate security response to the constant evolution of development tools and strategies. DevOps teams do not have the bandwidth or the inclination to select security tools, properly configure them, or provide the sort of ongoing maintenance and optimization that such tools require. Adding advanced cloud native security tools to the DevSecOps toolkit means that security can be more effectively and deeply integrated into an organization’s architecture and application development efforts without adding undue burdens related to the selection, deployment, configuration, and management of security.

Cloud Security’s Unique Requirements

Security specialists who understand the unique requirements of the cloud also understand that repurposing existing on-premises security tools does not address the challenges of the cloud’s threat environment. Instead, security solutions need to be explicitly designed for internet-facing applications and deeply integrated into the cloud infrastructure using cloud APIs to ensure their ability to leverage cloud controls and functions.

Those cloud security specialists also need tools designed to effectively protect web applications against all the risks in the OWASP Top 10 list, as well as against unknown and zero-day exploits. In addition, unprotected APIs also constitute serious security risks. They require specific security rules to protect all APIs against malicious actors, including those that support mobile applications and B2B communications. And this is just the start. Cloud security risks span the full range of threats associated with other environments, including botnets and malware which also need to be guarded against.

In addition, just as with on-premises environments, cloud security also needs to address compliance requirements, be able to leverage automation to accelerate detection and response cycles, and implement machine learning to minimize workloads caused by false positives by continually raising the bar for security.

The Power of the Web Application Firewall

The web application firewall (WAF) is one of the most essential cloud security tools available, addressing all of the challenges highlighted above. WAFs protect against external and internal attacks, monitor and control access to web applications, secure APIs, block botnets and malware, and collect information for compliance and analytics purposes. And for maximum architectural flexibility and consistent protection, organizations need to look for WAF solutions from top-tier vendors that come in physical, virtual, and cloud-native form factors so they can be easily deployed into any environment or process.

Standardizing on a WAF solution from a single vendor, such as Fortinet’s FortiWeb solution, provides maximum flexibility in terms of deployment. Not only does this approach simplify management, orchestration and policy enforcement, but it also means that every implementation, regardless of form factor or deployment location, can cross-correlate threat intelligence and coordinate threat responses for a more effective overall security posture.

WAF as a Service

In addition to standard form factors, FortiWeb is also available as a cloud-based service, which reduces overhead related to updating, management, and configuration. Web applications, for example, can include a call to the FortiWeb Cloud WAF-as-a-Service to provide proper inspection and security for certain functions without having to continually manage configurations or updates as web application development requirements evolve.

In addition to including the same up-to-date threat research and content as every other FortiWeb WAF deployment, FortiWeb Cloud WAF-as-a-Service is fast and easy to deploy and manage and provides flexible, on-demand pricing, which because of its unique deployment model, can include price advantages for using solutions deployed within a local cloud region

Learn more about how Fortinet’s dynamic cloud solutions provide the necessary visibility and control across cloud infrastructures, enabling secure applications and connectivity from data center to cloud.

Previous Article

Sophos XG Firewall: Configure mail notification in ...

Next Article

Speed And Connectivity: The Fundamental Elements In ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • NewsSonicWALL

    10 Reasons to Upgrade to the Newest SonicWall TZ Firewall

    30/10/2019
    By admin
  • SonicWall Logo
    NewsSonicWALL

    SONICWALL’S SIMPLICITY, VALUE SOLVE ESCALATING COSTS, SECURITY NEEDS FOR NEWLY EXTENDED DISTRIBUTED ENTERPRISES, GOVERNMENTS & MSSPS

    11/08/2020
    By admin
  • NewsTrendMicro

    Trend Micro First to Deliver XDR Across Email, Network, Endpoint, Server and Cloud Workloads

    06/08/2019
    By admin
  • Fortinet Leader Gartner MQ
    News

    Fortinet Recognized by Gartner as a Leader in UTM MQ

    25/09/2018
    By admin
  • NewsSophos

    Sophos is named a Leader in IDC’s mobile threat management report

    18/09/2020
    By admin
  • Sophos n-g fwall app control
    News

    Sophos – The problem with next-gen firewall app control

    05/01/2018
    By admin

  • NewsTrendMicro

    Trend Micro Research Finds Misconfiguration as Number One Risk to Cloud Environments

  • Sophos Logo
    FirmwareSoftware UpdatesSophos

    Sophos: SFOS 17.5 MR11 Released

  • Sophos Logo
    NewsSophos

    Advisory: Log4j zero-day vulnerability AKA Log4Shell (CVE-2021-44228)

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home