Sunday, 19 May 2024
22.7 C
Durban

Extending security to the cloud

Home Business Management Disaster Management Extending security to the cloud

BUSINESS leaders now have a choice whether they want to continue using their trusted firewall or move to a next-generation firewall delivered by appliances or as cloud services to protect the outer perimeter security in branch offices.

That’s according to Kurt Goodall, Technical Director of Troye, who said Citrix offers various choices, from the long-established multi-site to the advanced multi-layered approach, both of which can protect users and data at the branches, data centre, and clouds from multi-vector cyber threats.

“Citrix SD-WAN Integrated Firewall complements your trusted firewall investment and strengthens overall security infrastructure. Citrix provides an integrated perimeter firewall that masks users and infrastructure from cyber surveillance,” he said.

This integrated firewall has global policy control, supports zone-based policies so that businesses can implement granular micro-segmentation of traffic and enforce uniform policy consistently. Citrix SD-WAN can also intelligently track the fast-changing open ports from SaaS and IaaS apps as trusted traffic and directly breakout the traffic to the internet, enhancing application performance.

It marks all other traffic, such as web browsing, as untrusted and forwards it to the full security stack, typically located at the HQ or a private data centre. Citrix SD-WAN also takes extra precautions by encrypting all branch-to-branch egress traffic, even when it is transported over a private MPLS line.

Goodall said Citrix SD-WAN automates connectivity to cloud security. “With most enterprises embarking on some form of cloud transformation, Citrix recommends extending perimeter security to the cloud, where apps and workloads reside.”

Citrix has partnered with industry leaders like Palo Alto Networks, Zscaler, and Symantec to deliver joint solutions that enable ita SD-WAN to be a transparent gateway for Secure Web Gateway (SWG) service. Cloud-based SWG is a popular option for branch offices due to its simple and yet effective multi-layer protection.

Citrix SD-WAN management platform is the key component in this joint solution, providing on-boarding automation and a direct subscription link to Palo Alto Global Protect (aka Prisma) and Zscaler Secure Internet Gateway services. Through API automation, Citrix SD-WAN also secures the connectivity (via IPsec) from the branch to the Palo Alto, Zscaler and Symantec clouds.

The benefits of automation become more significant as more branch sites are involved, directly translating into time savings and reduction in configuration errors. Citrix provides this automated on-boarding capability free of charge.

In addition, said Goodall, cloud-based security enables a new service-consumption model. “It provides an option to shift to opex spending, which can be easily aligned with business growth. There is no need to deploy security appliances at every branch. It also removes the need to build an in-house resource to manage the security infrastructure.”

Most Popular

Paper, pulp and forest group delivers better than expected quarterly results

COMMENTING on the group’s results, Sappi CEO Steve Binnie said: “Within the context of subdued underlying market conditions due to the challenging macroeconomic environment...

Workers can be empowered with modern incentive solutions

IN the ever-evolving landscape of workplace safety and employee engagement, the significance of incentivisation cannot be overstated. This is clearly apparent in multiple sectors,...

Last-mile fuel delivery enhanced with state-of-the-art technology

LEADING supplier in bulk tanker fuel transportation and supply chain solutions, Unitrans, is optimising supply chains by leveraging cutting-edge technology to enhance last-mile fuel...

Seifsa and Numsa conclude 3-year agreement in record time

AFTER three formal engagements, Seifsa and Numsa have concluded the terms of a historic three-year wage agreement for the period 1 July 2024 to...