In conversations with customers about cloud infrastructure, I routinely hear two challenges when it comes to scaling their cloud deployments. These challenges include:
- Achieving secure connectivity across clouds, virtual private clouds (VPCs), regions, and on-premises networks
- Ensuring security is baked into the network architecture from the start.
As customers grow their cloud environment, the increasing number of VPCs and regions leads to a complex mesh of connections to ensure their applications and users can access the applications they need, regardless of on-premises or in the cloud. These interwoven spiderwebs of connections make it difficult for IT teams to properly establish secure connectivity throughout the infrastructure which increases management complexity and hinders scale. Because of the challenges organizations face in multi-VPC and multi-region deployments, customers are increasingly transitioning to cloud wide area networks (WAN) services, driven by the desire to centralize and streamline how they manage their network topology and security.
AWS Cloud WAN simplifies how customers build, manage, and monitor their WANs by automating the connectivity between branch offices, data centers, VPCs through automation and a rich dashboard. Customers can use network policies to automate network management and security tasks from a single place eliminating the need to create the complex mesh of traditional VPC peering. Recently, Amazon Web Services (AWS) enhanced AWS Cloud WAN to simplify inserting security services or VPC into these connections. This feature enables customers to integrate their Cisco security services into their network with AWS Cloud WAN, significantly simplifying how they add security into their network.
With the release of AWS’ service insertion feature as part of Cloud WAN, I am pleased to announce Cisco Secure Firewall Threat Defense Virtual and Cisco Multicloud Defense support for AWS Cloud WAN. With this support, customers can seamlessly integrate Cisco cloud firewalls into their Cloud WAN managed network topology, eliminating the need for complicated routing configurations to ensure the security of their environment. Instead, they can route traffic to their Cisco cloud firewall using the AWS Management Console or API.
Cisco’s cloud firewalls
Cisco provides two best-in-class solutions to help customers secure their cloud environments:
- Cisco Secure Firewall Threat Defense Virtual (formerly FTDv) is the virtualized option of the Secure Firewall Threat Defense solution, enabling you to extend your network security capabilities from on-premises into the cloud, gaining a complete view of your network environment.
- Cisco Multicloud Defense is a cloud-native security-as-a-service offering that automatically scales to secure your cloud applications wherever they’re deployed. Multicloud Defense offers the same infrastructure automation that you expect from a cloud service, making your security as easy to deploy as your application is.
Benefits of Cisco cloud firewalls with Cloud WAN
Utilizing Cisco cloud firewalls in conjunction with AWS Cloud WAN to enhance the protection of global network traffic offers customers significant operational benefits, including:
- Unified Infrastructure for Security and Global Networking: AWS Cloud WAN offers a unified infrastructure designed for extensive AWS deployments worldwide. The integration of Cisco’s cloud firewalls with AWS Cloud WAN equips organizations with superior security measures for protecting traffic within regions, between regions, and from on-premises networks to cloud environments.
- Simplified Multi-Regional Security Deployment: Many enterprises utilizing AWS Cloud WAN establish multi-regional networks to facilitate regional growth or implement disaster recovery strategies. The new service insertion feature streamlines the deployment across multiple regions, enabling straightforward traffic routing for both intra- and inter-regional flows through the security infrastructure, thereby eliminating the complexity associated with intricate multi-regional network arrangements.
- Seamless integration: Customers often need inter-VPC, VPC-to-internet, or on-premises-to-VPC traffic inspected. With Cisco’s cloud firewalls supporting AWS Cloud WAN Services Insertion, customers can easily steer network traffic for inspection without creating and managing complex routing configurations.
- Ease of management: Customers are constantly looking to simplify operational complexities. Cisco’s cloud firewall does all the heavy lifting in deployment and management, allowing customers to focus on their business priorities.
Cisco Cloud Firewall with AWS Cloud WAN
Because AWS Cloud WAN operates globally, the best practice is to deploy your Cisco cloud firewalls within the same AWS Regions as your application. This ensures that there aren’t any single region dependencies, latency, or bandwidth challenges when securing your network connectivity.
Wrap up
We’re excited for customers to take advantage of this new capability from Cisco and AWS, enabling them to simplify how they secure their increasingly complex cloud deployments. To learn more about how Cisco can help protect your cloud environments, sign up for our Cloud Visibility and Risk Report or start your free Multicloud Defense trial to see how you can gain deeper visibility across your environment today.
Additional Resources
-
AWS Post: AWS Cloud WAN introduces Service Insertion to simplify security inspection at global scale
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
CONNECT WITH US