Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Aviatrix Blog

Enterprise Multicloud Networking


Aviatrix Blog

Aviatrix aims to lower enterprises’ cloud costs with new Distributed Cloud Firewall

original publisher logo

This article is published by

Read the full article. (opens in a new window)

Aviatrix Systems Inc. today debuted a new cybersecurity product, the Distributed Cloud Firewall, that promises to help companies reduce not only the risk of breaches but also infrastructure costs.

Santa Clara, Calif.-based Aviatrix is backed by more than $340 million in funding. It provides a suite of software products that companies can use to manage the network traffic in their public cloud environments. According to Aviatrix, its technology is used by more than 500 organizations worldwide.

The startup’s newly introduced Distributed Cloud Firewall is designed to help companies block malicious network traffic in their cloud environments. It’s a firewall that can reject network requests from malicious domains, as well as scan packets for signs of malicious activity. The latter task involves unscrambling a company’s encrypted network traffic, scanning it for threats and then encrypting it again.

The flagship feature of the Distributed Cloud Firewall is the manner in which it ingests data traffic. According to Aviatrix, the platform can process data considerably more cost-efficiently than traditional alternatives.

The stretch of network infrastructure through which traffic travels from one application to another is called a network path. Usually, scanning traffic for malware requires changing its path. That means companies don’t send data directly to its destination, but first reroute it to a firewall appliance for scanning.

The Distributed Cloud Firewall takes a different approach, according to Aviatrix. It removes the need to redirect traffic by carrying out cybersecurity operations in the “natural path of application traffic.” As a result, data can reach its destination through a less roundabout network path than would otherwise be necessary, which reduces costs.

Aviatrix says that the cost savings facilitated by the Distributed Cloud Firewall can add up significantly. According to the startup, one large Amazon Web Services Inc. customer is saving $6 million a year thanks to the product. Aviatrix has reportedly teamed up with AWS to promote the Distributed Cloud Firewall to joint customers.

“Bolting on-prem firewalls onto a cloud network and trying to steer traffic to them is not effective for cloud, it’s just not how the cloud operates,” said Aviatrix Chief Executive Officer Steve Mullaney (pictured). “The cloud is perimeterless, agile, dynamic, and scale-out by design. Network security must follow – it must be distributed and embedded into the network to deliver a true zero-trust, agile environment.”

Administrators can interact with the Distributed Cloud Firewall through a centralized management console. Using the console, a company’s information technology team can define rules that specify which types of traffic should be blocked and under what conditions.

Historically, firewalls enforced such rules by applying them to the IP addresses of applications and other IT assets. In the cloud, that approach is suboptimal because IP addresses often move between workloads. As a result, a firewall rule that was created for one workload might accidentally be applied to a different asset when settings change.

According to Aviatrix, the Distributed Cloud Firewall enforces policies using not IP addresses but rather tags and attributes. Those are pieces of metadata that administrators attach to cloud resources in order to ease management. Tags and attributes are less prone to unexpected changes than IP addresses, which reduces the risk of configuration errors.

Photo: SiliconANGLE