NordLayer - Network Security

Cloud Firewall

With the cloud firewall service, organizations can be more selective over who (which members or teams) and how (which gateways and services) has access to their internal resources and cloud tools. It adds an additional layer of control and security to organizations relying on a hybrid cloud network (using NordLayer virtual private gateways) to operate.

Man using Cloud Firewall feature for remote work


What is Cloud Firewall

Cloud firewall is another name for Firewall-as-a-Service (FWaaS). Similar to a traditional firewall, a cloud firewall is designed to prevent or lessen unauthorized access to private networks by removing potentially harmful network traffic. Similar to how traditional firewalls create a barrier around an organization's internal network, cloud-based firewalls create one around cloud platforms, infrastructure, and applications (cloud firewalls can enable organizations to securely access on-premise infrastructure while working remotely).

NordLayer’s Cloud Firewall scheme
NordLyer’s Cloud Firewall scheme
NordLyer’s Cloud Firewall scheme


Cloud Firewall benefits

People discussing cloud firewall scalability

Scalability, Availability, Extensibility

Because a cloud firewall does not contain any hardware, it can easily adapt to the changing needs of the business it’s protecting and scale together.

Women learning how simplified operations are with cloud firewall

Simplified operations

A cloud-based firewall service can easily integrate into existing hybrid cloud environments and makes it very simple to create and apply firewall rules. There are only a handful of rules applied to the gateway rather than having to manage the entire company network.

Colleagues checking Cloud Firewall automatic updates

Automatic Updates

Because FWaaS extends the full range of firewall capabilities to the cloud, there is no hardware to look after. Management is centralized over one cloud-based Control Panel.


Why do companies need Cloud based Firewall?

As more and more businesses embrace cloud infrastructure providers and move their applications to the cloud, it makes sense to move firewalls to the cloud as well. Cloud-based firewalls are the only solution that can adapt to this changing environment and provide optimal security.

Full protection for work-from-anywhere users

Using cloud firewall rules organization owners can define who gets access to internal cloud resources. With FWaaS businesses can enable remote workers to access only what is necessary and deny everything else.

NordLayer allows for granular control. Organization owners can create firewall rules that work on a virtual private gateway level and grant or deny access to a specific internal or external internet resource. These rules can apply to single members or entire teams and can be configured to allow or deny access based on the traffic source (user), the destination (the place that the user wants to access on the internet) and the service (which port or protocol is being used).

DNS filtering blocks malicious websites and filters out sites that contain harmful and/or inappropriate content. Managers can choose what types of content shouldn’t be accessible by employees on company-managed networks and the DNS filters will do the rest. This improves the security of company data and secures your team members from malicious activity & phishing websites.


Cloud Firewalls (FWaaS) vs Traditional Firewalls

Back in 2020, Gartner® projected that by 2025, 30% of new distributed branch office firewall deployments would switch to FWaaS, up from less than 5% in 2020. Based on this, we can expect FWaaS to become more popular than traditional network firewalls in the future. The schemes below will provide a better understanding of the differences between these two solutions.

Cloud Firewalls (FWaaS)

  • Very easy to set up, as there are no physical components
  • Effortless scalability
  • Vendor handles all maintenance
  • Dynamic, risk-based security policies follow your users everywhere without a complicated matrix of policy and network configurations
Cloud Firewall (FWaaS) scheme

Traditional Firewalls

  • May require technical expertise to set up
  • Requires additional hardware and deployment in order to scale
  • IT department responsible for maintenance
  • Inconsistent firewall policies that do not follow users
Traditional Firewall scheme


How to enable Cloud Firewall with NordLayer?

  1. Register

  2. Choose advanced plan with Dedicated server

  3. Create gateways

  4. Navigate to Firewall settings and manage firewall rules (coming soon)

New feature in progress

NordLayer's upcoming Cloud Firewall will be part of unified cloud Security Service Edge

Secure Service Edge (SSE) is a framework that contains multiple features to secure and protect a business network. Network security solutions like FWaaS, CASB, SWG, and ZTNA are combined into a single, cloud-native service via the SSE framework. Secure business data, resources, and all users in your network by adopting the SSE framework.

NordLayer Cloud Firewall is part of unified cloud Security Service Edge

Be the first to experience the added security of our upcoming Firewall as a Service feature


Frequently asked questions

No. Firewall-as-a-Service (FWaaS) and cloud firewall describe the same service and can be used interchangeably.

Multiple cloud deployments can be protected at once (as long as NordLayer supports each cloud).

You have almost limitless options when it comes to configuring cloud firewalls and what they protect. You may design a firewall to solely cover one particular virtual server group or even just one server. In addition to virtual servers, the firewall may also be micro-segmented with rules for certain applications or user roles.