Product updates

NordLayer feature release: Cloud Firewall


Feature release FWaaS cover web 1400x800

NordLayer released one of the biggest product updates this year, a cloud-based Firewall as a Service (FWaaS) solution. The new capability is one of the fundamental components of Secure Access Service Edge (SASE) and Security Service Edge (SSE) frameworks. 

The Cloud Firewallenables organizations to create new workflows with granular access control and to make existing business processes more secure. A unique new feature works at the Gateway level to improve the robust NordLayer security offering, especially when combined with a dedicated server or servers.

Feature characteristics: what to expect

  • Available for Premium plan subscribers
  • Effortless setup and compatibility with cloud infrastructure
  • Compatible with virtual private gateways configured on the NordLayer Control Panel

Problem to solve: Cloud Firewall (FWaaS) reduces the need for onsite appliances and instead administers security from the cloud to every endpoint. 

How it works?

Cloud Firewall integrates into your company's infrastructure with a few clicks. Network security as a cloud service provides companies with easy deployment, maintenance, and scalability. Our cloud-based firewall reduces the need for onsite appliances and instead administers security from the cloud to every endpoint.

Businesses can customize Cloud Firewall to specific security requirements based on their needs. The service reinforces resource access protection across remote, hybrid, and on-site environments.

Cloud Firewall rules apply to the organization unit defined by the Admin (member, group of members, team, or few teams at once) during the connection to the organization’s Virtual Private Gateway. Hence, based on the rule priority, every user can operate only within their network perimeter that is allowed and defined by their organization owner.

Cloud Firewall offers simple scalability, seamless and cost-effective deployment, and intuitive use instead of requiring hardware to get the benefits of a traditional firewall.

Solving a key challenge

Hardware firewall provides protection strictly within the company perimeter, like the headquarters or branch office where the appliance is physically installed. Cloud firewall extends security scope to hybrid company environments, whether it’s a physical location or a cloud.

NordLayer Cloud Firewall allows organization owners to create rules for their preferred virtual private gateway. Select Allow or Deny internet access to destinations defined within a set of rules. This configuration applies to members connected to the company's virtual private gateway.

Using Cloud Firewall rules, organization owner defines who can access organization’s cloud resources over the internet based on the following criteria:

  • Traffic source: any member or team accessing the virtual private gateway
  • Destination: traffic routed through allowlisted IPs or subnets
  • Services: traffic is routed via specific protocols or ports

By integrating this service, IT admins can reduce the need for hardware appliances and centralize security inspection to a single cloud-based Control Panel. Detached from a single location and physicality, Cloud Firewall is easier to operate, configure, maintain and implement changes on the spot. 

Security by design

The Firewall as a Service is a unique NordLayer portfolio component heavily backing up the product development direction. SSE and Zero Trust practices can be delivered with even better network security practices to NordLayer users utilizing FWaaS.

NordLayer’s Cloud Firewall solution can only be configured and used together with a Virtual Private Gateway and a dedicated server. The Cloud Firewall works in tandem with our other security solutions, such as ThreatBlock, DNS filtering by category, and Deep Packet Inspection (Lite), offering robust multi-layered network protection.


Head of Product


Share this post

Related Articles

What is Smart Remote Access
NordLayer Linux app release

Stay in the know

Subscribe to our blog updates for in-depth perspectives on cybersecurity.