Destination Cloud: Start Secure, Stay Secure With the Latest VM-Series Enhancements

Matt Keil


The cloud is here to stay. According to Deloitte’s 2018 global CIO survey, 90 percent of CIOs and C-suite executives say their organizations are using cloud-based services. The cost and efficiency gains are undeniable.

But it’s not enough to cross your fingers and hope a security breach doesn’t hit your organization. Due diligence is key. To set the stage, let’s review some facts:

  • In the Veritas 2017 Truth in Cloud Report, 83 percent of respondents believed (incorrectly) that their organization’s cloud service provider takes care of protecting their data in the cloud.
  • As highlighted in the 2018 Cloud Security Report, 84 percent of organizations say traditional security measures don’t work in cloud environments.
  • According to Gartner, through 2022, at least 95 percent of cloud security failures will be the customer’s fault.

Secure cloud adoption requires that business-level security policies, processes and best practices are accounted for throughout the cloud development and deployment lifecycle. Moreover, to fulfill your part of the Shared Responsibility Model, you’ll need to have the right security tools in place. Most organizations find they need a combination of native cloud service provider capabilities and third-party products to meet all their security and governance requirements. A critical capability of the combined security approach is to keep pace with the speed and scale of both cloud and on-premises environments.

Last week we announced PAN-OS 9.0, the latest release of software that powers our next-generation firewalls, including the VM-Series virtualized next generation firewalls. In conjunction with PAN-OS 9.0, we announced new VM-Series capabilities that include a broad set of cloud-focused features and enhancements – rooted in machine learning, automation and easy-to-implement best practices – all with a singular goal of allowing our customers to securely expand their cloud initiatives.

Seamlessly Secure Diverse Hybrid & Multi-Cloud Deployments

The VM-Series virtualized next generation firewalls now deliver consistent, scalable security across the broadest range of virtualized data centers and public cloud environments. For customers, this provides the flexibility required to run and secure workloads across hybrid and multi-cloud environments to meet ever-evolving business needs.

 

86% of organizations employ a multi-cloud strategy

40% of organizations plan to use a hybrid cloud* this year

 

In the public cloud, VM-Series firewalls now support Oracle Cloud and Alibaba Cloud, rounding out longstanding support for AWS, Microsoft Azure and Google Cloud Platform. For virtualized data center/SDN and hybrid environments, support now spans Cisco Enterprise Network Compute System (ENCS) and Nutanix. Plus, Cisco ACI unmanaged mode is now supported using a Panorama Plugin.

Scale Up. Scale Out. Performance, Capacity and Availability Improvements

With cloud-native services and infrastructure enhancements, the VM-Series can be deployed in both auto scaling and transitive architectures, allowing customers to protect dynamic and large-scale deployments in an automated manner. On both AWS and Azure, VM-Series firewall throughput performance has increased by as much as 2.5X by taking advantage of interface acceleration technologies and new instance sizes. These improvements reduce administrative effort and allow for more efficient and cost-effective use of security resources. For organizations that require a data center-oriented approach to availability, the VM-Series on Azure can now be deployed in an active-passive, two-instance high availability configuration.

 

Accelerated Adoption of Cloud-Centric Security Innovation

PAN-OS 9.0 introduces the VM-Series Plugin Architecture to accelerate the addition of new cloud and virtualized data center security features. Support for Azure HA is delivered through the VM-Series Plugin with this release. Other possible use cases might include new hypervisors, licensing and provisioning/deprovisioning.

 

Destination: Cloud – Secure Your Journey at Every Stage

Some organizations are all in, running the bulk of production workloads in the cloud, and even utilizing emerging cloud technologies, like containers and serverless. Other organizations are still in earlier stages, leveraging cloud for small proof of concept projects or as a mechanism for capacity releases.   Irrespective of where you fall on the cloud maturity spectrum, you must ensure your data is secure. With the VM-Series, organizations can maintain consistent, scalable security across the broadest range of public clouds and virtualized data centers, as well as protect dynamic, large-scale deployments in an automated manner.

To learn more, check out What’s New.

 

*The exact definition of the hybrid cloud has been somewhat fluid over the years, but it has generally come to mean a mix of private and public cloud platforms with orchestration between the two.

 

 

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.