Here is a step-by-step explanation of how firewalls work in cloud computing based on fortinet and cloud concepts:
Packet Inspection
Packet inspection refers to analyzing data packets or chunks transmitted over the network to ensure they adhere strictly to predefined security rules. In this, a packet is analyzed concerning source/destination IP addresses, ports, and protocols.
Define Rules:
Security rules define which types of traffic should pass or be blocked. These rules may be based on IP addresses, application types, and traffic behavior.
Traffic Filtering:
Traffic is filtered as soon as the firewall receives incoming or outgoing traffic and compares packets to the rules. If a packet matches an allowable rule, it is allowed; otherwise, it is blocked.
Stateful Inspection:
In a cloud environment, firewalls often use "stateful inspection," in which they track the state of active connections and allow only traffic that is part of an established session.
Packet Filtering:
Firewalls inspect packet header information to identify the type of traffic. They can then allow or deny traffic. This includes filtering based on IP addresses, port numbers, and protocols.
Types of Firewalls in a Cloud:
-
Virtual Firewalls: They are installed on virtual machines or in the cloud via AWS, Azure, or Google Cloud.
-
Security Groups: They are the virtual firewalls at the instance level in clouds that regulate the incoming and outgoing traffic for a virtual machine or an instance.
-
Managed Firewalls: The cloud providers also offer fully managed network firewalls to protect the entire cloud network from unauthorized access.
Monitoring and Logging:
Firewalls continue scanning network traffic and producing logs. These logs record patterns of unusual or unauthorized traffic, which security teams can investigate.
Policy Enforcer
Based on the administrator's preset security policies, firewalls enforce policies that govern traffic that crosses the cloud network and protect it against cyber threats, such as unauthorized access or attacks.
Final Step
Depending on the policies specified, the firewall may allow traffic to reach the cloud resources or block them. If a packet is blocked, the firewall can report the block to the system administrator or log it for further analysis.
