EP122 Firewalls in the Cloud: How to Implement Trust Boundaries for Access Control

Guest:

• Michele Chubirka, Senior Cloud Security Advocate, Google Cloud

Topics:

• So, if somebody wakes you up at 3AM (“Anton’s 3AM test”) and asks “Do we need firewalls in the cloud?” what would you say?

• Firewalls (=virtual appliances in the cloud or routing cloud traffic through physical firewalls) vs firewalling (=controlling network access) in the cloud, do they match the cloud-native realities?

• How do you implement trust boundaries for access control with cloud-native options?

• Can you imagine a modern cloud native security architecture that includes a firewall?

• Can you imagine a modern cloud native security architecture that excludes any firewalling? 

• Firewall, NIDS, NIPS, NGFW …. How do these other concepts map to the cloud? How do you build a "traditional-like" network visibility layer in the cloud (and do we need to)?

Resources:

• Video version of this episode: LinkedIn or YouTube

• “Security Architect View: Cloud Migration Successes, Failures and Lessons” (ep105)

• “Love it or Hate it, Network Security is Coming to the Cloud” with Martin Roesch (ep113)

• Gartner Bimodal IT definition

• Ross Anderson “Security Engineering” book

• The New Stack blog

• Trireme tool

• CNCF site security landscape

• Google Cloud Firewall