No security professional wants to cut corners on their firewall licensing and investment. Which means that, if you’re using hardware firewalls, you have to buy big so you can cover the future. No one has a crystal ball to accurately predict the upcoming security needs of your organization, so you’re forced to invest in unused capacity now, assuming you’ll need it one day.
Hardware firewalls are already a large capital investment, but it’s hard on your budget to know you’re also paying for unused firewall licensing and capacity. Plus, you are making a multi-year investment, meaning that if your traffic levels increase sooner than predicted, you’re forced to buy yet another firewall. This is unsustainable but is there an alternative?
The Flexibility of Virtual Firewalls for your Private Network
Thankfully, the industry has been evolving and you now have the option of buying virtual firewalls instead of hardware for your private network. This has introduced more flexibility and lower upfront investment. However, in most cases, you’re still forced to procure software firewalls as discrete components and they come in fixed sizes – equivalent to the hardware ones. The bundles of security services that come with these virtual firewalls are also rigid. While virtual may be more flexible for deployment, you’re still in the bind from a cost perspective by having to buy firewalls of a fixed size based on your predictions.
A Pay-as-you-Grow Firewall Licensing Model
For true flexibility, what’s needed is a pricing model that allows you to pay for what you need. That’s why we chose a pay-as-you-grow subscription for our platform and why we were happy to see several of our partners, like Palo Alto Networks and Fortinet, embrace consumption-based licensing. Palo Alto Networks, for example, recently announced they are moving customers from fixed firewall procurement to a credit-based consumption model. Customers will buy credits that can be used over time, but they still need to determine how many cores and memory to allocate.
Consumption-based licensing is clearly the way forward and is another powerful argument for virtualization; you truly pay for what you consume. However, when you as the security professional need to choose and allocate the number of cores and memory, while optimizing for your precise needs over time, will you end up using more precious DevOps time and resources than you saved under the new model?
Three Benefits to a Turnkey Virtualization Platform
With this recent announcement by Palo Alto Networks, we are now able to realize our vision of a true pay-as-you-grow model and take it one step further as our turnkey platform takes care of the servers and orchestration of your virtual firewalls and offers these benefits:
- Automation: When you deploy our platform, it determines how many cores and memory you need, rather than you having to figure it out. You don’t have to allocate or remove additional cores to appropriately size your firewalls, and you don’t have to worry about those needs changing day to day. All of that is automated in our turnkey platform, giving you faster deployment and reducing DevOps time.
- Value for money: With consumption-based pricing you pay for your firewall based on your actual needs, not your projected ones. That means no waste and no ramping up ahead of time to prepare for unknown traffic levels and capacity changes. It works the other way too; if your firewall needs decrease, so will your costs.
- Flexibility: there are no security service bundles with our model. You can tailor your security needs and you only pay for the security services you need, when you need them. Virtualization also means you can resize your firewall as traffic levels changes, as well as adding or deleting security services on demand. Plus, you can deploy the latest security innovations as soon as they’re available, rather than having to wait for the next time you upgrade your firewall.
Having sufficient firewall capacity to cope with ever increasing traffic levels is a challenge for security professionals. However, you’re no longer locked into outlaying thousands of dollars for a fixed-size hardware firewall based on your predictions. When you choose turnkey virtualization and consumption-based pricing, you gain the flexibility of ramping up your security needs when you need them, and only paying for the capacity you need. It’s a win-win solution.
See how the joint Corsa Security platform with Palo Alto Networks can help you automate firewall virtualization, scale threat prevention while taking advantage of this new pricing model.