Dynamic Trust Enforcement with Distributed Cloud Firewall

Aviatrix Distributed Cloud Firewall (DCF) is a policy-driven security solution embedded in the cloud fabric itself. It dynamically enforces trust across the entirety of your organization’s cloud workloads, ensuring comprehensive protection and compliance.

Key Features of Distributed Cloud Firewall

DCF provides advanced security capabilities, including:

  • Dynamic trust enforcement across cloud workloads

  • Policy-driven inspection and security

  • Layer 4 visibility and policy enforcement

  • URL/FQDN Filtering with WebGroups (not supported for DCF on Edge)

  • ExternalGroups for reputation-based threat detection/prevention and geographical IP blocking/filtering (replaces ThreatIQ and Geoblocking functionality)

  • Transparent MITM decryption and Advanced Threat Detection with Suricata

  • Aviatrix SmartGroups for dynamic policy application based on tags and attributes

  • Transit FireNet integration with partner firewalls (Check Point, F5, Fortinet, Palo Alto Networks)

Embedded Security in the Cloud Fabric

DCF is seamlessly integrated into the cloud fabric, enabling organizations to enforce zero trust principles dynamically. By inspecting and securing workloads, DCF ensures that security policies are applied consistently across all cloud environments.

High-Performance Encryption and Transit Security

Aviatrix encrypts all data in-transit using high-performance encryption (HPE), eliminating standard IPSec speed limits. This ensures secure transit connections between cloud service providers (CSPs) and CSP regions without sacrificing performance.

The Aviatrix Distributed Cloud Firewall provides centralized security policy management and enforcement across multi-cloud environments, enabling consistent workload protection and trust verification throughout the cloud network infrastructure..