Solution providers are skeptical that Amazon Web Services' new high-availability firewall service would appeal to large organizations with robust security requirements spanning various public cloud platforms.
"It looks like a basic firewall with intrusion prevention," one solution provider, who did not want to be named, told CRN. "It's better than the bare minimum they've previously provided, but anyone serious, such as large companies, will still be looking for a top-tier solution like Palo Alto, Check Point, or Fortinet."
The vendor said that the AWS Network Firewall managed security service would make it easier for customers to allow network defense across all their AWS workloads with just a few clicks and without the need to maintain the underlying infrastructure.No extra costs or upfront responsibilities are needed to use AWS Network Firewall. Users pay only hours of deployment and gigabytes of processing.
However, the solution provider referred to earlier said that AWS Network Firewall will not be good enough for most companies due to lack of multi-vendor safety and will only provide security inspection and intrusion prevention coverage at a "bare minimum" standard. AWS did not respond to several requests for comments from CRN.
"They sell a straight firewall as the industry shifts to the next-generation firewall. They're behind," said the solution provider. "We are calling for a stateful inspection in 2020. It's a little late for the game."
A second solution provider told CRN that corporate customers with 5,000 or more seats were very used to cloud protection using their employees. They already have a dozen or more household names like Palo Alto Networks, Fortinet, SonicWall, or Barracuda in their security stack. They have been able to see what investments are being made by leading cybersecurity vendors.
"Neither AWS nor Microsoft has the reputation of offering rock-solid security [services]," said the second provider of solutions. "If they did, more people would still use them for protection. It's going to be a while before they challenge the Palo Alto of the planet."
Microsoft declined to comment.
Enterprise clients, such as large banks or credit card providers, choose to monitor security on their own and already run around the clock Security Operations Centers (SOCs) and hire more security personnel than most technology firms. These customers want to take responsibility for their security while using AWS or Azure and trust access control and malware protection.
The business will need to provide case studies, comprehensive customer testimonials, and an overview of the underlying firewall infrastructure to push the wide enterprise acceptance of the AWS network firewall. Enterprises often depend heavily on Gartner for security analysis, so almost all of these organizations will want to see Gartner's assessment of the AWS Network Firewall until purchasing.
"I don't think AWS is going to try to reinvent a cloud firewall," said the second solution provider.
However, it's a different story for commercial customers with 2,500 or fewer seats, many of whom consider the network firewall around their public cloud workloads as just another checkbox for enforcement purposes, the solution provider said. For these smaller organizations, the ease of accessing both the public cloud platform and the protection of the said platform from a single provider might win the day.
Before pulling the trigger, the solution provider said that commercial customers would expect AWS to prove that they can offer virtual network security that is on par with or better than Palo Alto Networks or Cisco. Given the years of investments made by network security players around firewalls, switches, and SD-WAN, the solution provider warned that winning prospects could be difficult.
"Who is more interested in securing the cloud than AWS? "The second solution provider said that. "It could be a very nice commercial scenario."
Reference : https://www.crn.com/news/security/partners-aws-network-firewall-unlikely-to-capture-enterprises