On-premises next-generation firewalls in the data center can’t follow off-network users. It is easily overwhelmed by the connection demands of cloud and SSL inspection requirements. Hub-and-spoke, backhauling traffic to the centralized firewall adds MPLS cost and increases latency, ultimately degrading the user experience. Organizations are configuring local internet breakouts to provide seamless and secure access to users for cloud-hosted applications.

ACL Digital's cloud-hosted firewall is a VNF that can be run on any x86 platform or as virtual instances and can be hosted in any public and private cloud environment. It's a reusable framework that allows DPI to be used as a VNF Component (VNFC) for enhanced security, application visibility, and control. It enables the implementation of ACL Digital's Stateful Firewall, IDS/IPS, and WAN optimization function. Cloud firewall framework delivers end-to-end threat protection and complete visibility into traffic patterns. It enables TLS and SSL traffic inspection. ACL Digital's Cloud Firewall brings next-gen firewall controls and advanced security to all users in all locations—for all ports and protocols. The solution features are:

  • Standard next-gen firewall: deep packet inspection (DPI) engine for granular allow or block policies
  • Application visibility control: real-time visibility into traffic usage, threats, and applications
  • Fully integrated security services: contextual information shared across all services for more robust protection
Overview-Cloud Firewall

 

conventional-linux-appliances

Delivers up to 5x performance over conventional Linux appliances based on x86 processors

 

application-awareness

Deep context awareness based on user identity, location and application awareness

high-performance

DPDK optimized packet handling for high performance fast path processing

 

manage-access-policies

Easy to configure and manage access policies for cloud and SaaS applications