Cloudbrink, a leading security firm, has heralded a significant leap forward on its mission to fortify cyber defences with the introduction of firewall-as-a-service (FWaaS). This makes it the premier vendor to extend granular security controls all the way to the user edge, ensuring comprehensive protection of endpoint devices. The company has taken this initiative in response to the recognition that traditional and next-generation firewalls can fall short when it comes to safeguarding the devices of end-users.
The California-based firm suggests that offloading remote-user security functions improves the stability of existing firewalls along with the network performance experienced by remote users. As employees increasingly work from a variety of locations, the necessity for such a provision is clear. Prakash Mana, CEO of Cloudbrink, highlighted this point, saying: "Firewalls were designed to protect the data centre, then the network, and now the cloud. But you have to deliver protection where data is consumed and curated, which is with your users - and increasingly users are everywhere."
Cloudbrink's FWaaS offers administrators the power to establish granular controls based on the static and dynamic properties of end-users and their devices. The implementation of static rules governs which resources applications can be accessed individually. In contrast, upcoming dynamic properties will supervise device compliance – for instance, determining when the last virus scan was run. Furthermore, Cloudbrink is preparing to launch its new reporting capabilities, aiding security and networking teams to identify anomalies based on user behaviour and increase application performance.
The Cloudbrink service employs zero-trust access and moving target defence principles and employs the rotational mTLS (mutual Transport Layer Security) 1.3 to frequently update user certificates. This method of variable expiry means that, though a device might be compromised, any attacker would only have a very limited window in which to launch an attack. "Firewalling for endpoints is an absolute requirement for security in distributed systems, which has become even more urgent with the growth of the hybrid workforce," added Mana. "Our solution provides better management and control for IT teams without compromising the productivity of end-users."
Alongside the FWaaS offering, Cloudbrink recently declared plans to support customers in accessing data centre applications using IPsec as an alternative to the Cloudbrink Connector. Commenting on this, Mana stated: "The Cloudbrink Connector uses TLS 1.3, which is the gold standard for security, but we've listened to customers who want a migration path and aren't ready to make changes at the data centre just yet." As of December 2023, FWaaS functionality and IPsec connectivity are included with the Cloudbrink service.