What is Firewall as a Service (FWaaS)?
The abbreviation of Firewall as a Service is FWaaS. It is a service provided in the context of cloud computing comparable to other cloud computing service models Software as a Service (SaaS), Platform as a Service (PaaS) or Infrastructure as a Service (IaaS). An alternative term is cloud firewall.
The cloud provider makes firewall functions available to its customers virtually as a service from the cloud. The firewall is accessible via the Internet and checks the customer’s data traffic according to the configured firewall rules. The scope of functions differs depending on the service provider and product and extends to layer 7 control of data traffic of a Next Generation Firewall (NGFW) with Deep Packet Inspection (DPI).
FWaaS represents an alternative or supplement to traditional on-premises firewalls. The traffic to be inspected must be routed through the cloud firewall. The firewall service can be configured via a management interface provided by the provider. Billing is usually based on a usage-based subscription pricing model. The prices depend, for example, on the rental period, the booked range of functions or the bandwidth consumed.
All tasks relating to the provision and management of the firewall, such as software updates, patch management, ensuring availability, network connection, monitoring or fault clearance, are handled by the cloud provider. Firewall as a Service is beneficial for companies that use cloud computing services, operate distributed locations and provide employees with location-independent access to applications.
Reasons to use FWaaS
Firewalls are a fundamental element of an organization’s IT infrastructure. Traditional firewalls are operated on-premises as an appliance at the central access point to the internal network. This architecture is very well suited for services and applications provided centrally in the company’s own data center. The increased use of cloud computing services and mobile working reduces the efficiency of a central on-premises firewall solution.
All traffic that needs to be inspected and controlled must be routed through the central firewall. Even traffic from mobile users using cloud services on the Internet must be redirected via the firewall. This creates additional data traffic and increases latency. However, direct access to Internet resources without firewall control prevents the enforcement of corporate security policies. Firewall as a Service solves these problems.
Firewall functions are available centrally over the Internet and can inspect all Internet traffic.
Advantages of Firewall as a Service
FWaaS offers numerous advantages compared to a traditional firewall appliance. Advantages include:
- The service provider provides all services related to the provision, management and availability of the firewall
- No investment in hardware necessary – billing in a usage-based rental model
- Optimally suited for mobile working and the use of distributed applications and cloud services
- Central management of the firewall via an administration interface
- Consistent enforcement of a company’s security policies
- No need to redirect the internet traffic to be controlled to an on-premises firewall – reduction of data traffic and latency
- Simplification of the security infrastructure
- Easy scalability of firewall services