Critical Security Aspects In Cloud Applications

Scanning And Detection Are Critical

The digital transformation is driving companies to move important applications to public clouds and containers. Therefore, they have to use the same multi-layer security approach. Palo Alto Networks explains why in this environment virtual and container NGFWs (New Generation Firewalls) are essential for security in the cloud.

Cloud Applications Target More Than One Environment

Most companies today use data centers and several public clouds, in the form of the multi-cloud. They also run workloads, some of which may be containerized or serverless today. However, most companies still have a variety of bare metal servers, virtual machines, and even mainframes.

Where the workloads are running, what matters is the enterprise applications that run on hybrid infrastructures. These applications tend to be closely related. Most applications are connected to core services such as Active Directory, administration, monitoring, and logging of the infrastructure. Many of these applications are also connected to critical databases that run on legacy systems such as Solaris or mainframes. Because it is the network that connects these applications, network security must span the entire infrastructure. For this reason, network protection for native cloud applications needs to be tackled holistically.

Complete network protection requires next-generation firewalls and identity-based micro-segmentation. Since the cloud journey is a constant journey, it is important to get a complete overview of all connections made via the network. This includes connections from the Internet to workloads, workloads towards the Internet, and workloads to workloads.

Whole-Body And Luggage Scanners

This level aims to ensure that people heading for departing aircraft do not carry anything dangerous with them. Security guards do this with scanners that examine people, luggage, and countless small items. The airport authorities use this procedure in strategic locations. Some airports have only one security and scan station at the entrance, while larger airports usually have one or more at the border of each terminal.

This is where the next generation firewalls come into play in the world of IT because they are aimed at these security scans. Just as security is deployed at strategically selected perimeters at the airport, NGFWs must be deployed at carefully selected perimeters or trust limits.

Boarding Pass Scanner

This level of inspection aims to reduce the area of attack by minimizing the movement of people to places they should not go. Boarding pass scanners are used at every gate – usually as close as possible to the boarding entrance of the respective aircraft. Just as boarding pass scanners are used at every gate of an airport, micro-segmentation has to be enforced for every workload. Agent-based solutions are best suited to enforce micro-segmentation policies directly at the workload level.

Incoming Protection

To make applications available to users on the Internet, the workloads must accept connections from the Internet. Most modern applications are provided via HTTPS. Incoming connections are generally protected by cloud-based web application firewalls (WAFs). However, most workloads must accept incoming connections, not just the Internet. These include orchestration and monitoring tools such as Terraform and Puppet, connections to MySQL ports by database administrators, and the SSH / RDP ports by server administrators.

Also Read: New Improvements To The Glass Storage Media


TrendsTechBlog it's a Technologies Related that gives the Technology News, Business, Gadgest, Digital, Mobiles, Social Media, AI. Latest Trends and Up coming News.

Recent Posts

Online Payments Save Time And Effort

Before the global Covid-19 crisis, many transactions, such as the payment of invoices, required the… Read More

May 25, 2022

Which Emails Suffer The Most Cyberattacks

Emails have become the main gateway for cyber attacks on companies. In this post, we… Read More

May 23, 2022

The Robots Of The Future, What Can We Expect From These Super Evolved Machines

Home automation, like digital, is gaining momentum around the world, and it now affects several… Read More

May 20, 2022

Network Management With DDI Simple And Secure

The basic digital services DNS, DHCP and IP address management (DDI) are the basis for… Read More

May 18, 2022

How To Finance The Purchase Of Computer Equipment For Your Web Writing Business

Since the beginning of computing, our world has undergone many upheavals. It isn't easy today… Read More

May 16, 2022

Why automation is key for SMBs

There are only 24 hours in a day, sometimes running a business feels like you're… Read More

May 12, 2022