EP122 Firewalls in the Cloud: How to Implement Trust Boundaries for Access Control

Guest: Michele Chubirka, Senior Cloud Security Advocate, Google Cloud Topics: So, if somebody wakes you up at 3AM (“Anton’s 3AM test”) and asks “Do we need firewalls in the cloud?” what would you say? Firewalls (=virtual appliances in the cloud or routing cloud traffic through physical firewalls) vs firewalling (=controlling network access) in the cloud, do they match the cloud-native realities? How do you implement trust boundaries for access control with cloud-native options? Can you imagine a modern cloud native security architecture that includes a firewall? Can you imagine a modern cloud native security architecture that excludes any firewalling?  Firewall, NIDS, NIPS, NGFW …. How do these other concepts map to the cloud? How do you build a "traditional-like" network visibility layer in the cloud (and do we need to)? Resources: Video version of this episode: LinkedIn or YouTube “Security Architect View: Cloud Migration Successes, Failures and Lessons” (ep105) “Love it or Hate it, Network Security is Coming to the Cloud” with Martin Roesch (ep113) Gartner Bimodal IT definition Ross Anderson “Security Engineering” book The New Stack blog Trireme tool CNCF site security landscape Google Cloud Firewall