The growth of cloud computing capabilities and services has driven more data into places where traditional IT security cannot reach - into the datacenters of public cloud providers. Cloud-based deployments can be in the form of a private cloud, in which the CloudGen Firewall acts as a gateway device, or in a public or hybrid cloud. You can secure instances in a public or hybrid cloud by deploying a CloudGen Firewall as a virtual security device within your cloud environment. The firewall uses application and user awareness combined with advanced bandwidth management to optimize WAN performance and reliability, thereby securely handling all incoming traffic for the backend server instances.
Microsoft Azure Cloud
Microsoft Azure is a public cloud service. The CloudGen Firewall integrates into your Microsoft Azure virtual network by creating a network security gateway between Internet-facing endpoints and your virtual machines. Microsoft Azure Small and Medium instances use one virtual network interface with a dynamic IP address per virtual machine and can be deployed via web interface or a Microsoft PowerShell script. Large and Extra Large instances support two and four network interfaces, respectively, and must be deployed via PowerShell. There are two types of images available in the Marketplace: Bring-Your-Own-License (BYOL) and an hourly rate (PAYG). The CloudGen Firewall Azure can be deployed on any Azure pricing tier. The firewall license is bound to the number of CPU cores. Barracuda Networks recommends the following Azure pricing tiers:
CloudGen Firewall License | Number of vCPUs | Protected IP Addresses | Consumption Model |
---|---|---|---|
Level 2 | 1 | unlimited | BYOL, PAYG |
Level 4 | 2 | unlimited | BYOL, PAYG |
Level 6 | 4 | unlimited | BYOL, PAYG |
Level 8 | 8 | unlimited | BYOL, PAYG |
Barracuda Firewall Control Center | n/a | n/a | BYOL |
For more information, see Microsoft Azure Deployment.
Amazon Web Services (AWS)
Amazon AWS offers both virtual private and public cloud services. If you are deploying a virtual private cloud, the CloudGen Firewall AWS will act as a gateway device, just like in a traditional network. Internal IP addresses in the VPC can be static or dynamic; public IPs (Amazon Elastic IPs) are then mapped to the internal network interfaces. The AMI uses one dynamic network interface as a default configuration. Up to 9 additional Amazon network interfaces can be added, depending on the instance type, with a total of up to 100 network interfaces per VPC. These network interfaces can be connected to subnets in the virtual private cloud, with each subnet containing server instances hosted in a different availability zone of your choice.
The CloudGen Firewall also supports Amazon Enhanced Networking if deployed on Amazon instance types with support for this feature: t3.small, t3.medium, t3.xlarge, m5.large, m5.xlarge, m5.2xlarge, m5.4xlarge, c5.large, c5.xlarge, c5.2xlarge, c5.4xlarge.
There are three types of images available in the Marketplace: Bring-Your-Own-License (BYOL), an hourly rate (PAYG), and a metered rate (PAYG). The CloudGen AWS is available for the following instance types: t2.small, t2.medium, t2.large, t2.xlarge. t2.2xlarge, m4.large, m4.xlarge, m4.2xlarge, c4.large, c4.xlarge and c4.2xlarge. For BYOL licenses, select the license based on the number of vCPUs of the instance type:
CloudGen Firewall License | Number of vCPUs | Protected IP Addresses | Consumption Model |
---|---|---|---|
Level 2 | 1 | unlimited | BYOL, PAYG |
Level 4 | 2 | unlimited | BYOL, PAYG |
Level 6 | 4 | unlimited | BYOL, PAYG |
Level 8 | 8 | unlimited | BYOL, PAYG |
Barracuda Firewall Control Center | n/a | n/a | BYOL |
For more information, see Amazon AWS Deployment.
Google Cloud Platform
Google Cloud Platform is a public cloud on Google's infrastructure. The Barracuda CloudGen Firewall can be deployed as a stand-alone Google Compute Engine instance to protect your cloud resources in the Google Cloud Platform. The firewall is available as a BYOL and a PAYG image from Google Launcher.
CloudGen Firewall License | Number of vCPUs | Minimum Memory (GB) | Number of NICs | Protected IP Addresses | Consumption Model |
---|---|---|---|---|---|
Level 2 | 1 | 2 | 2 | unlimited | BYOL, PAYG |
Level 4 | 2 | 2 | 2 | unlimited | BYOL, PAYG |
Level 6 | 4 | 2 | 4 | unlimited | BYOL, PAYG |
Level 8 | 8 | 2 | 4 | unlimited | BYOL, PAYG |
Barracuda Firewall Control Center | n/a | n/a | n/a | n/a | BYOL, PAYG |
For more information, see Google Cloud Platform Deployment.