Cloudflare Adds Serverless Firewall Service
Cloudflare today revealed it has added a firewall to the services it provides on its content delivery network (CDN) that is based on a serverless computing framework.
At the same time, the company is launching an Oahu program through which it will provide professional services, discounts and other incentives—such as a chance to win a free trip to Oahu, Hawaii—to encourage organizations to migrate away from legacy on-premises firewalls.
Cloudflare CEO Matthew Prince said the serverless framework Cloudlflare created will enable the company to provide a service that can easily scale up and down as the volume of attacks against the firewall ebbs and flows. In contrast, an on-premises firewall is constrained by the amount of physical infrastructure previously allocated.
As organizations look to employ a zero-trust approach to security, Prince said many of them are discovering it’s more cost-effective to rely on a services provider that already has the required infrastructure installed. Many of those same organizations also lack the technical expertise needed to maintain a zero-trust IT environment, he added.
Cloudflare has been providing a service based on a web application firewall (WAF) for years. This latest extension adds a network firewall capability to its portfolio of services for the first time.
The degree to which organizations are choosing to adopt some form of managed security service isn’t clear. However, as cyberattacks continue to grow in volume and sophistication, the number of organizations that will need to augment their cybersecurity staff will only increase. Many organizations will also decide they may no longer want to dedicate security teams to manage infrastructure when they could be, for example, hunting for malware.
A provider of a CDN service, in effect, offloads the management of that infrastructure via a network that shifts the point of attack to a network where organizations deploy their external-facing web and mobile applications.
There are, of course, a large number of CDN providers that offer security services. However, Cloudflare is claiming its serverless computing framework will enable it to provide those services on demand in a much more cost-effective manner.
In the longer term, it could reduce the total cost of security if organizations shifted to serverless computing frameworks that enable IT infrastructure to be dynamically invoked on demand versus requiring organizations to allocate a specific amount of virtual machines to run a firewall. It’s now only a matter of time before other security platforms are deployed on top of a serverless computing framework, as well.
In the meantime, heading into 2022, organizations are looking to reduce the total cost of security while simultaneously implementing a zero-trust IT environment. Given the chronic shortage of cybersecurity expertise, organizations inevitably will need to rely more on automation and artificial intelligence (AI) to secure their IT environments.
The challenge, of course, is that organizations lack the time, skills and funding required to automate security processes on their own at a time when the overall attack surface keeps expanding.
