With the ongoing challenge to increase inspection capacity and threat protection in the face of constantly changing network and security configurations, security teams need a new approach to protecting their private network traffic. On-premise virtual firewalls can provide the required flexibility, agility and scalability, since they have evolved to feature parity with their physical appliance counterparts. However, to make this shift manageable for the security team, it needs to include automation, which allows you to operate at cloud speed and scalability. And, once we have automation baked into the network security infrastructure, we can imagine a world where auto-scaling virtual firewalls exists. So, let’s understand what is required for auto-scaling to become a reality.
Intelligent Orchestration: The Foundation
When it comes to automated firewall virtualization, everyone would agree that orchestration is key. Orchestration is the automation of a process or workflow involving many steps across several discrete systems. With on-premise virtual firewalls, it’s true that orchestration revolutionizes the management of the entire environment.
However, intelligence takes it to the next level. Intelligent orchestration makes the most of automation to add speed and scale to the management of your system. It enables you to visualize and control your virtual network firewalls across all on-premise environments. It provides the flexibility to make security changes more quickly, offers increased simplicity and visibility, and brings predictability in managing the virtual infrastructure in your network. It makes your team more agile when responding to fluctuating requirements. In other words, intelligence is the baseline requirement for auto-scaling.
Three Requirements for Auto-scaling Virtual Firewalls
Combining virtualization with automation and intelligent orchestration delivers the cloud experience that network and security teams have come to expect for their infrastructure. But, to take this even further with auto-scaling there are additional requirements that must be met by the system.
Deep understanding of resource utilization and capacity needs
For a system to make the right decisions, it needs accurate and up to date data. You need a constantly updated snapshot of resource utilization and the capacity needs. With this continual input, the system can optimize server resource allocation and firewall VM performance on an on-going basis. It will also maintain and leverage a historical record of performance so you develop deep insights, making future auto-scaling even more efficient. This feature ensures the performance of your virtual firewalls is based on the reality of actual server resources and license availability. It also means you’ll always have the right server resources tuned to your performance requirements.
Aggregated view across deployment and central management
With intelligent orchestration, resource availability is viewed as a whole. A single pane of glass shows the health of all the systems, as well as their utilization, across the deployment. This means you can centrally manage your entire infrastructure, providing savings in terms of human resources and time. It also creates a simpler management experience, as does the intuitive, cloud-like user experience. No more need to rely on highly specialized and trained team members to manage the infrastructure.
Since the platform is also fully integrated with your firewall APIs and policy managers, you can quickly spin up new on-premise virtual firewalls. This dynamic control allows you to automate tasks across multiple tenants and meet the needs of the different environments in the network.
Credit-based licensing and pay-as-you-grow pricing
Auto-scaling is the ultimate in efficiency; you only use the capacity you need at any given moment. To make the most of this financially, the system needs to incorporate credit-based licensing and pay-as-you-grow pricing. This maximizes the use of your firewall license credits as you adjust up and down for capacity surges. Since intelligent orchestration automates the full lifecycle of on‑premise virtual firewalls, it is incredibly simple to make security changes. This highly flexible approach means changes can be implemented in minutes instead of days. On top of this, with everything integrated you get reduced network operations expenses and gain excellent savings with significantly lower TCO, thanks to pay-as-you-grow virtual firewall consumption.
The Future of Auto-scaling Virtual Firewalls is Now
Automated firewall virtualization is making it possible for security teams to migrate to a more flexible, scalable, agile network security platform. One of the biggest benefits of a virtualized, automated system is auto-scaling and for that to be a reality we need intelligent orchestration. On this foundation we can meet the three requirements for auto-scaling. Firstly, accurate and up-to-date insights into resource utilization and capacity needs so that server resource allocation and performance is optimized. Secondly, an aggregated view of resource availability to provide dynamic control across multiple platforms and simplified, centralized management. Lastly, we need to incorporate credit-based licensing and pay-as-you-grow pricing to provide the best TCO. When these three requirements are met, security teams can benefit from the time, resource and financial savings that auto-scaling brings.