skip to Main Content

Welcome AWS to the Cloud-Native Network Security Club

Welcome AWS to the Cloud-Native Network Security Club

Last week, AWS announced the AWS Network Firewall – a managed network security service available to protect customer workloads in their VPCs.

We think this is great, and proof that:

  1. Network Security is critical in the cloud as more organizations move their most important apps and services to the cloud.
  2. AWS and Valtix have a shared vision about how AWS network security must be delivered.
  3. The ONLY way to deliver network security is as a service, the era of provisioning, gluing together, and managing individual netsec appliances is over. Single click set-up and autoscale is now the bar.

Obviously, at Valtix, we’ve held these points at our core. We think it’s a solid foundation to build on (more on that in a minute), but our customers have told us that the growth in their apps is in the public cloud, and they expect enterprise-grade security implemented as cloud-native services. In other words, they expect cloud network security to be a first-class cloud citizen.

Now, one of the places we build on top of that foundation is how the security function evolves. Traditionally, evolution in network security meant technology consolidation. We tend to view it more across process lines – hence our focus on discover, deploy, and defend ( We still integrate network security functions as customers expect (e.g., typical NGFW capabilities, built-in decryption/enforcement/re-encryption as standard for enterprise netsec), but our focus on how security pros do their jobs led us to a more customer-centric integration effort over a tech-centric one. Discover what needs to be secured, deploy security controls with a single click, defend those assets is how we see netsec folks doing their jobs – and has been the guiding principle for us.

The other development we built on top of cloud-native was doing the right things in the right places – so when customers told us they didn’t want a heavy integration effort but didn’t want their production traffic going over the Internet for security and compliance enforcement, we figured out how to accommodate. We built a SaaS-delivered control plane (easy adoption), and a PaaS-delivered data plane (customer production traffic and keys don’t leave the customer account to get security).

How can customers benefit from these recent developments from AWS and Valtix? First, as we mentioned, advancing the state of network security in the cloud benefits everybody. Second, AWS continues to introduce services (e.g., GWLB, TGW) that make it easier for 3rd parties like Valtix and customers to implement better, faster, and cheaper network security infrastructure (

But the bottom line, and the best news is that the market continues to move in the right direction, the table stakes for cloud netsec are rising – by quite a bit with AWS move into netsec, and our approach to this set of problems for the enterprise continues to be validated.

Thanks for reading.

Latest Posts

Back To Top