Cloud NGFW for AWS enables organizations to shift security responsibility to Palo Alto, allowing them to speed cloud innovation while remaining secure, the vendor says. Credit: Metamorworks / Getty Images Palo Alto Networks has launched a new, fully managed “next-generation” firewall (NGFW) service in partnership with Amazon Web Services designed to remove the complexities of securing AWS cloud deployments. The network firewall vendor says its Cloud NGFW for AWS enables organizations to speed up cloud innovation while remaining secure.Cloud NGFW for AWS shifts security responsibilityIn a press release announcing the new service, Palo Alto Networks says it has recognized that its customers need to dedicate time and resources to building applications and running their businesses instead of managing cloud network security infrastructure. Cloud NGFW for AWS therefore shifts operational responsibility for deployment, maintenance, availability, and scale to the security vendor. “A key reason that companies have embraced the cloud is that they want to concentrate on their core competencies and leave other tasks like infrastructure and underlying services to experts like AWS,” says Anand Oswal, senior vice-president, network security at Palo Alto Networks. “As cyberattacks continue to grow in frequency and sophistication, organizations are looking for network security that is as easy to deploy as other native AWS services.”Service offers “best-in-class” cloud security and simplicityPalo Alto Networks’ new platform integrates with AWS Firewall Manager and is designed to bring together “best-in-class” cloud protection and simplicity, the vendor says. As such, it offers a range of cloud-centric security features, including: Advanced URL filtering that uses deep learning to help stop zero-day threats in real time while allowing applications to securely connect to legitimate web-based services.Threat prevention to thwart known vulnerability exploits, malware, and command-and-control communication.App-ID to reduce the risk of attack by controlling traffic based on patented Layer 7 traffic classification.Cloud NGFW for AWS also has several ‘simple-to-use’ features that allow for straightforward implementation, the vendor says. These include the fact that, as the platform is a fully managed cloud service, organizations do not need to deploy, update, or manage any of the infrastructure. Furthermore, the service leverages the power of AWS Gateway Load Balancer, providing high availability, elastic scaling on-demand to meet unpredictable throughput needs. It also allows for simple and consistent firewall policy management across multiple AWS accounts and virtual private clouds, whilst support for API, CloudFormation and Terraform templates enables automation of end-to-end workflows, Palo Alto Networks says. “The way it should have been all along”“With the release of this service, Palo Alto is offering firewall in the cloud the way it should have been all along—as a ‘native-like’ service,” Forrester senior analyst David Holmes tells CSO. “For years, firewall vendors have tried to convince customers to put virtualized images of their firewall software in the cloud to offer L7 security, but it wasn’t compelling for several reasons, including cost and the fact that customers don’t want to manage software. It was only recently that the cloud hyperscalers have released infrastructure that can support a third party to integrate their offerings as a service.” Whilst organizations will be glad to see this is finally coming to fruition and Palo Alto Networks and its customers can celebrate this new model, there is still some work to do as Palo Alto Networks needs to integrate the service with the tagging systems that the clouds use for everything, Holmes adds.Speaking to CSO, Palo Alto’s Oswal says that the cloud is becoming a part of almost every business—whether it’s a nice to have or an integral part of the day to day—and it must be protected with best-in-class solutions. “AWS customers want network security, but they also want to deploy and run it as easily as other native AWS services. The native experience and the proliferation of AWS native services, which now includes Cloud NGFW, have given these organizations the tools they needed to embrace the cloud.” Related content news UK’s revamped surveillance rules become law despite industry opposition A new law expanding the Investigatory Powers Act, the UK’s already-controversial surveillance and data access rules, became law last week. By John Leyden Apr 29, 2024 4 mins Government Mobile Security Security feature Finding the perfect match: What CISOs should ask before saying ‘yes’ to a job Sometimes it's not really clear why a company wants to hire a CISO or the role lacks authority. There are some key questions that CISOs can ask to avoid taking a job with too many red flags. By Aimee Chanthadavong Apr 29, 2024 8 mins CSO and CISO Careers opinion Navigating personal liability: post data-breach recommendations for CISOs CISOs can avoid being liable for data breaches by following legal advice, communicating effectively with internal and external stakeholders, and demonstrating commitment to avoid future incidents. By Daniel B. Garrie and Richard A Kramer Apr 29, 2024 8 mins CSO and CISO Data Breach Legal news 2024 CSO30 ASEAN Awards: Call for nominations By Xiou Ann Lim Apr 29, 2024 2 mins Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe