Distributed Cloud Firewall Overview
Your Aviatrix network incorporates security at every level.
The Aviatrix Distributed Cloud Firewall embeds network security across your entire cloud network infrastructure. The Distributed Cloud Firewall has many deployment options. You can deploy it alone to protect the Internet perimeter while using an existing transit. Alternatively, you can deploy it on Aviatrix Multicloud Transit. This gives you complete control over network traffic.
The Aviatrix Distributed Cloud Firewall provides advanced security, including:
-
Layer 4 visibility and policy enforcement
-
URL/FQDN Filtering (was Egress FQDN Filtering)
-
Reputation-based Threat Detection/Prevention (ThreatIQ)
-
Transparent MITM decryption and Advanced Threat Detection with Suricata
-
Aviatrix SmartGroups that allow the Distributed Cloud Firewall to apply policies dynamically. It does so based on tags and attributes.
The entire system is managed like a single virtual firewall.
Aviatrix encrypts all data in-transit. Aviatrix high-performance encryption (HPE) frees you from standard IPSec speed limits. You do not need to sacrifice performance for security. The goal is to create secure transit connections between cloud service providers (CSPs) and CSP regions. This is to avoid the complexity and long delays of direct connections.
With Aviatrix Transit FireNet, you can also add firewalls from partners. These partners include Check Point, F5, Fortinet, and Palo Alto Networks.