• Skip to primary navigation
  • Skip to main content
  • Skip to footer

+1-613-287-0393

info@corsa.com

Support

  • LinkedIn
  • Twitter
  • YouTube
Corsa Security

Corsa Security

Scaling network security

  • Solutions
    • Automate Your Managed Virtual Firewall Service
    • Modernize Enterprise Network Firewalls
    • Scaling Virtual Firewall Clusters
    • Complete Communications Monitoring
    • Increase Threat Protection
  • Products
    • Corsa Security Orchestrator
    • Corsa Security Platform for Automating Firewall Virtualization
    • Corsa Security Platform for Scaling Threat Protection
  • Verticals
    • Large Enterprise
    • Service Providers
    • Government
    • State, Local and Education (SLED)
  • Partners
    • Fortinet
    • Palo Alto Networks
    • Find a Reseller or Distributor
    • IT Consultants and Professional Services
    • Industry Collaboration
    • Become a Partner
  • Resources
    • Videos, Whitepapers and Other Content
    • Explainers
  • Company
    • About Corsa Security
      • Corsa Security Recycling Solutions
    • Management Team
    • Board of Directors and Steering Committee
    • News and Blog
    • Careers
    • Support
Contact Us

How to Simplify Network Security Virtualization

April 7, 2020 by Yuri Kolomiyets

Virtualization has received widespread adoption in enterprises when it comes to running applications. However, there is still one hold out: network security and, in particular, firewalls for North-South traffic flows. Why are we struggling with this area of network security virtualization when we have seen it happen everywhere else in IT infrastructure?

The reason is simple. Network security virtualization is difficult, especially if deployed at your Internet gateway, which has some unique requirements. The mere thought of virtualization is enough to send shivers down the spine of a network or security architect; too many forced virtualization projects gone wrong that led to costly backtracking and sub-optimal results. Adding the complexity of network security is something most just want to avoid.

What it takes to achieve network security virtualization

For network security virtualization to succeed, it needs to guarantee scale while remaining simple to use. You must be able to leverage those virtual NGFW instances and create higher capacity inspection so you can augment, or outright replace, any size firewall. In other words, it needs to easily let you spin up whatever inspection capacity you require and it needs a dashboard so you can orchestrate and manage all those VMs, within the context of your network.

That’s a lot to achieve. To begin to build it, you need to determine the right commodity server for the NGFW VMs to run on. Then you need to install hypervisor software on the server. Next is to bootstrap, upgrade the software, and configure the NGFW VM. Finally, you want to be able to scale one NGFW virtual instance to many instances to create virtual NGFW arrays of any inspection capacity running on a single server. Sound intimidating? That’s because it is. In fact, if you broke it down, there’d be over 10 steps to check off:

  1. Specification and purchase of server hardware optimized for network security
  2. Configuration and optimization of hypervisor software for network security
  3. Orchestration and automation to bootstrap and initially configure the NGFW VMs
  4. Integration of licensing from the security vendors into the orchestration and automation
  5. Provisioning of configuration and policy settings to the VMs in a zero-touch way
  6. Single-pane-of-glass VM orchestration and monitoring
  7. Stateful connection tracking for intelligent traffic steering to and from VMs
  8. Scale out of unlimited inspection capacity with built‑in load-balancing capability
  9. Health check mechanisms to monitor VM and system performance
  10. Automated software upgrades.
  11. Maintenance of the infrastructure so upgrades are taken care of

So you can see, integration is far from trivial and rapidly gains more complexity as you scale your platform.

Turnkey virtualization is the answer

However, there’s a solution. For virtualization to be truly useful you ideally want all the benefits we’ve come to appreciate from the cloud. Can you imagine using Google Cloud if you had to specify which server you were going to use and what kind of SR-IOV optimization you wanted? Or if you had to upgrade the hardware at some point? No way, it defeats the purpose.

There are a number of crucial elements to a turnkey solution to ensure virtualization of your firewalls is simple, freeing up your time to focus on security policy instead of infrastructure. It needs to be:

  • Push-button easy so it can be used in minutes and you never have to deal with the infrastructure.
  • Really straightforward to add and remove inspection capacity so it clearly brings you operational and economic efficiencies.
  • Tightly integrated with your existing firewall vendor and policy manager to scale your traffic inspection without requiring any big firewall and network changes from your end.

We’ve learned from witnessing the journey to virtualization in the IT world, that the way to make virtualization consumable is to deliver it as a turnkey platform. Just like with other cloud approaches that have been so successful – think Nutanix and HCI – turnkey network security virtualization dissociates you from hardware ownership and offers a quick and easy path to the outcome you want.

A turnkey approach to virtualizing your firewalls takes care of everything so you don’t have to. It’s a way of scaling traffic inspection so you get 100% SSL/TLS visibility, and the best part is it feels like you’re using Google, Azure or AWS clouds. You move from a resource intensive method of managing your firewall to an ‘easy button’. A monthly subscription fee covers your compute capacity for traffic inspection and when you need additional inspection it’s just a matter of ordering it with a single click.

Moving to a turnkey platform dramatically reduces project risk and speeds time to deployment. Enterprises reap the benefits of the cloud model for network security, just like they have with all other applications. It’s possible with HCI and it’s possible with network security too.

You can learn more about how to stop your firewall from burning by solving the virtualization puzzle here.

Category iconBlog Tag iconTurnkey Network Security Virtualization,  Virtualization,  Yuri Kolomiyets

Subscribe to our newsletter

Get the latest posts delivered right to your inbox

Automate network security virtualization

Talk to us about how to deploy, scale and optimize virtual on-premise firewalls with speed, simplicity and savings.

Footer

Corsa Security

We are the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating credit-based licensing from our firewall partners.

info@corsa.com

Sitemap

  • Home
  • Solutions
  • Products
  • Verticals
  • Partners
  • Resources
  • Company

Quick links

  • Support
  • News and Blog
  • About Corsa Security
  • Corsa Security Platform for Automating Firewall Virtualization
  • Corsa Security Platform for Scaling Threat Protection
  • Corsa Security Orchestrator

Headquarters

300 March Road, Suite 400
Ottawa, ON K2K 2E2
Canada

+1-613-287-0393

San Francisco

201 Spear Street, Suite 1100
San Francisco, CA 94105 
U.S.A.

+1-415-887-2131

Boston

177 Huntington Ave., 17th Floor
Boston, MA 02115 
U.S.A.

+1-617-430-7017

  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2023 Corsa Technology Inc. All rights reserved. Privacy. Return to top