For modern organizations, speed and agility is the key to success – built on enhanced IT efficiency and performance driven by the cloud. Anything less could see your business outpaced by the competition. As always, security must be a priority when migrating to the cloud, but network teams are being let down by existing tools. Overwhelmed by this challenge, our TippingPoint customers came to us asking for an equivalent product for their AWS environments. So we went away and built one.
Cloud Network Protection is the first transparent, in-line network security offering for AWS customers: simple to deploy and manage, cloud-ready and leveraging our industry leading expertise in network threat protection.
Let down by legacy
According to the cloud’s shared responsibility model, network security teams are increasingly being tasked with extending security into the cloud. But current offerings in the market simply aren’t capable of supporting their requirements. They’re complex, expensive and introduce extra friction.
Our TippingPoint customers came to us with a range of gripes. They felt existing network security solutions are simply not engineered with cloud environments in mind. In fact, some need to be rearchitected to function at all in the cloud. Often, these incompatibilities lead to business disruption: by causing app and network downtime while network security is deployed and/or slowing down the speed of DevOps on an ongoing basis. In many cases, customers complained of having to use multiple tools to manage security for different networks in the hybrid cloud – adding extra cost and complexity and creating potential security gaps through misconfigured solutions.
These challenges impair their ability to meet key compliance requirements like HIPAA and GDPR. Responding to internal and external audit requests also became more difficult. At the same time as these strategic challenges, network security teams wanted to meet day-to-day requirements such as blocking requests to specific domains.
A new approach
Taking all this on board, we set about designing a network-based solution to handle the scale and performance demands of the cloud, without introducing extra friction to operations. We did this by tapping the power of the AWS Transit Gateway, a service that enables customers to connect all their Virtual Private Clouds (VPCs) and on-premises networks via a single, centralized gateway.
The resulting Cloud Network Protection solution is deployed transparently into the network fabric, providing visibility and control where network security teams need it most whilst avoiding application disruption and the need to rearchitect. By extending our TippingPoint capabilities into the cloud, we offer organizations multiple benefits including:
Consistent network security: Allowing teams to use existing TippingPoint security profiles in the cloud and on-premises.
Centralized SMS management: Complete visibility and control using the familiar Security Management System (SMS).
Simplified deployment: Minimizes friction by sliding seamlessly into the cloud network fabric.
Industry leading security: Including network-based virtual patching, and zero-day protection backed by the Zero Day Initiative bug bounty program. All whilst avoiding business disruption.
Nearly three-quarters (73%) of organizations had at least one application in the cloud as of last year – with a further 17% planning to do so within the next 12 months, according to IDG. As they migrate these business-critical apps, network security teams are demanding effective, cloud-ready tools that offer maximum protection without impacting performance. Fortunately, now they have one.