A data center firewall is a software or hardware device that monitors traffic entering and exiting an organization’s network — or, as network perimeters fragment, a portion of that network, down to the workload level — to filter out external threats.
Data center security has traditionally been based on a perimeter firewall, designed to protect internal assets from malicious external actors hiding in north-south traffic. With the rise of distributed networks and modern applications, however, the network perimeter has become more and more porous, necessitating sophisticated distributed firewalls that can deliver fine-grained monitoring and protection of internal — or east-west — traffic.
Despite the rise of cloud-based resources and a distributed workforce, the data center remains critical to many, if not most, enterprises. Containing mission-critical applications and other essential business equities, the data center has evolved and often dispersed geographically but remains just as vulnerable. In the face of ever-growing threats, IT departments understand that securing the data center from malicious threats and unauthorized access remains essential to the continuity of the business.
A robust firewall solution will combine the strengths of gateway and distributed firewalls to deliver north-south and east-west protection for the data center that:
- Provides the foundation for a comprehensive access control and threat control
- Enables consistent performance and delivery of apps and data
- Ensures products and services get to the customers and employees who need them
- Helps eliminate downtime and reputational damage from successful attacks
- Enables a modern, distributed workforce
A data center firewall, whether perimeter-based or distributed, is a gatekeeper, continuously monitoring traffic flows in and out of a designated network area, blocking suspicious activity, and alerting security teams to threat events.
Firewalls may use a variety of techniques, depending on their design, to control traffic flow. Traditional architectures will often provide static packet filtering, proxy services, and stateful inspection.
Modern gateway firewalls often add intrusion detection (IDS/IPS), application context, and advanced threat analysis that helps evaluate the content of traffic passing through.
Finally, distributed firewalls are designed to filter east-west traffic and deliver protection down to the workload level.