Barracuda Networks Extends WAF Reach to Google Cloud Platform

Barracuda Networks has made its web application firewall (WAF) available on the Google Cloud Platform (GCP).

Tim Jefferson, vice president of public cloud for Barracuda Networks, said the availability of CloudGen WAF on GCP means organizations can now deploy a common approach to manage a WAF across all three of the major cloud services.

Each cloud service provider has built a unique set of cloud infrastructure that requires software vendors to built separate hooks into each platform. Now that GCP is gaining more traction among developers, Jefferson said there’s more demand for a WAF that is optimized for GCP.

As multi-cloud computing becomes the new normal, developers are looking to for a means to broadly apply DevSecOps processes that leverage REST application programming interfaces (APIs), he said. Within those scenarios, the WAF is emerging as a control point through which cybersecurity policies are defined by cybersecurity professionals, but implemented by developers. That approach should help alleviate the pressure on hard-pressed cybersecurity teams that are finding it difficult to hire and retain staff at a time when application deployment has never been more distributed, he added.

Ultimately, the WAF increasingly will be the means through which most policy enforcement relating to the egress and ingress of data will be automated via REST APIs, Jefferson said, adding those APIs are critical because developers will not embrace cybersecurity tools that require them to master a graphical user interface (GUI).

The next big issue that needs to be addressed in the cloud, he noted, is billing, as developers want to be able to consume cybersecurity resources in the same way they consume compute and storage. That requires cybersecurity vendors to be able to integrate their offerings with the billing services provided by the cloud service provider.

In general, Jefferson said it’s simply not practical to lift and shift existing cybersecurity frameworks into the cloud because so many on-premises environments are built around a specific virtual machine through which the firewall is trying to secure both the host and the application. In the cloud, the hosts are secured by the service provider, while the IT organization is held responsible for securing the applications that run on those hosts. The biggest issue is that many cybersecurity teams often are unaware of where applications are deployed in the first place—line-of-business units today enjoy unprecedented levels of flexibility that make it easy for many of them to bypass cybersecurity controls, either out of ignorance or occasional willful disobedience.

It may take a while for cybersecurity teams to get their arms around the implications of cloud-native applications. Not only are the core underlying technologies different, but also there’s an emerging separation of cybersecurity duties and responsibilities that require significant cultural changes to be made across the IT organization.

The good news is that as products and processes continue to evolve, applications should become more secure—which hopefully will reduce the current level of cybersecurity stress for all concerned.

Featured eBook
CISO/Security Vendor Relationship Primer

CISO/Security Vendor Relationship Primer

Advice from security practitioners and vendors on how to work better together to improve security for themselves. This ebook is a compilation of the first nine articles originally published on Forbes that became the launch of the CISO/Security Vendor Relationship Series. While those articles still live on Forbes, I produced this ebook, so readers who ... Read More
Security Boulevard
Michael Vizard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 54 posts and counting.See all posts by mike-vizard