The modern workplace has evolved past the traditional office setup, with employees now working effectively from remote locations and their homes. This increased flexibility empowers businesses, but it has also blurred the boundaries of traditional networks, leading to significant security challenges. FireCloud Internet Access is a Cloud-based security solution designed to tackle these security issues while maintaining user productivity. A crucial component of a SASE (secure access service edge) solution, FireCloud Internet Access addresses the significant challenge of managing and securing remote user access to the Internet and Cloud applications for users anywhere in the world.
FireCloud is a managed cloud-based firewall-as a-service. FireCloud protects your remote users against Internet-based security threats.
Powerful Security Beyond the Network Perimeter
While traditional perimeter security solutions are vital for safeguarding any organization, the rise in remote workers and the shortcomings of existing tools in tackling the complex threat landscape necessitate a solution that strengthens security for remote users. This new approach should provide the same level of protection that users working on-site at the organization receive.
FireCloud Internet Access is a Cloud-based security solution that extends on-premises security services to remote workers anywhere around the globe. It delivers a robust set of security and management features that include the protections enjoyed by on-premises workers, including URL filtering, intrusion prevention systems (IPS), and DNS security, to ensure safe and secure web and Cloud app access.
Use FireCloud Internet Access to protect your business from malware, phishing attempts, and other online threats, all with the flexibility needed to deploy and scale your security.
Key Benefits of FireCloud Internet Access:
Enhanced Security Performance: Extend firewall security policies and protections to remote workers with lightning-fast protection and a seamless user experience.
Streamlined Management & Efficiency: Enforce consistent security policies across the organization to simplify implementation, strengthen environments, enhance efficiency, and reduce attack risks.
Comprehensive Threat Protection: Defend against emerging threats with intrusion prevention systems and malware detection. • Secure Internet Access: Control remote employee Internet access to enhance compliance and protect against web-based attacks.
Centralized Administration: Cloud-based management reduces administrative burdens, automates updates and maintenance, and streamlines security event reporting.
FireCloud is a managed cloud-based firewall-as a-service. FireCloud protects your remote users against Internet-based security threats.
With FireCloud, you can configure these security settings to protect your users:
Content Scanning
Scanning engines protect against spyware, viruses, malicious applications, spam email, and data leakage. With FireCloud, you can enable content scanning with these services:
Gateway AntiVirus — Protects your users from viruses. You can configure the action Gateway AntiVirus to drop connections when a virus is detected, an error occurs, scanned content exceeds the file size limit (10 MB), or scanned content is encrypted. No information is sent to the source of the connection.
APT Blocker — Identifies the characteristics and behavior of Advanced Persistent Threat (APT) malware in files and email attachments that enter your network, and you can configure APT Blocker to drop connections for each threat level (High, Medium, Low).
Network Blocking
You can use FireCloud to monitor and block common security threats, such as botnets, spyware, SQL injections, cross-site scripting, and buffer overflows. With FireCloud, you can configure network blocking with these services:
Botnet Detection — Adds a list of known botnet site IP addresses to the Blocked Sites List, which enables FireCloud to block these sites at the packet level.
Intrusion Prevention Service — Uses signatures to provide real-time protection against network attacks, including spyware, SQL injections, cross-site scripting, and buffer overflows. You can specify the action IPS takes when it detects a threat, as well as the scan mode to use.
Geolocation
Geolocation is a security service that enables FireCloud to detect the geographic locations of connections to and from your protected devices. In FireCloud, you can enable and configure Geolocation to block access to and from specific locations.
Content Filtering
Content filtering uses the WebBlocker and Application Control security services to block specific content categories and applications.
WebBlocker — Helps you control the websites that are available to your users. WebBlocker uses a database that groups website addresses into content categories. When a user tries to connect to a website, FireCloud looks up the address in the WebBlocker database and takes the action you specify for the content category.
Application Control — Enables you to monitor and control the use of applications. Application Control uses over 1800 signatures that can identify and block over 1000 applications. You can use Application Control to block the usage of specific applications. For some applications, you can block specific application behaviors, such as file transfer.
By default, FireCloud has all security services enabled with the default configurations, and a default access rule is in place to handle which security services apply to user traffic. This means that you can deploy and use FireCloud immediately after you set up an identity provider.
You configure FireCloud in the WatchGuard Cloud platform, and end-users connect to the service with the WatchGuard Connection Manager. When end-users are connected to FireCloud, they are protected and can safely use their computer and browse the Internet.
WatchGuard Product Demo: FwaaS, FireCloud
Learn how the WatchGuard FireCloud delivers the same security services as the Firebox in a SASE architecture for modern, hybrid environments. Key highlights include:
How to easily deploy and configure FireCloud Internet Access
A demo of the security services and reporting that are included
The advantages of the built-in certificate for HTTP content inspection
WatchGuard Product Demo: FwaaS, FireCloud
Learn how the WatchGuard FireCloud delivers the same security services as the Firebox in a SASE architecture for modern, hybrid environments. Key highlights include:
How to easily deploy and configure FireCloud Internet Access
A demo of the security services and reporting that are included
The advantages of the built-in certificate for HTTP content inspection
Seamless Global Security For Your Workforce
Empower remote workers and safeguard Cloud-hosted applications with FireCloud Internet Access. Seamlessly managed through WatchGuard Cloud, it integrates firewall-as-a-service (FWaaS) and secure web gateway (SWG) capabilities, delivering robust enterprisegrade security features. With WatchGuard Cloud, administrators can effortlessly configure global security services and policies, instantly propagated to our worldwide points of presence (PoPs). Users enjoy frictionless access by simply entering their credentials into the FireCloud client on any device, ensuring steadfast security coverage from wherever they connect.
Stateful Firewall
Inspects network traffic, blocks malicious activity, protects sensitive data, and offers advanced features like intrusion prevention, malware detection, and URL filtering to defend against a wide range of threats.
Gateway AntiVirus
Scans incoming and outgoing traffic for viruses, malware, and other threats, providing comprehensive protection against cyberattacks to safeguard sensitive data and ensure business continuity.
Intrusion Prevention Service (IPS)
Provides real-time protection against network attacks like spyware, SQL injections, and cross-site scripting by identifying and blocking malicious traffic to safeguard your network from potential breaches.
APT Blocker
Leverages AI and machine learning to identify and block sophisticated cyber threats, such as advanced persistent threats (APTs), zero-day exploits, and ransomware.
Application Control
Enhances network security by preventing unauthorized software execution and potential breaches through granular control over which applications can run on devices.
DNSWatch
Offers advanced threat intelligence, real-time blocking, and DNS filtering to safeguard networks and users through a Cloud-based DNS security service.
WebBlocker
Safeguards your network by blocking malicious websites and inappropriate content, empowering organizations to maintain a secure and productive online environment.
WatchGuard Cloud
Delivers streamlined visibility, control, real-time threat monitoring, and log and report data retention from a single interface, simplifying network security management, saving time, and empowering informed decision-making via a centralized management platform.
Deployment
Expand Firebox Security to Remote Workers
Components and Key Terms:
Before you begin, we recommend that you familiarize yourself with these key terms related to FireCloud:
WatchGuard Connection Manager
The connection manager is an agent that you install on end-user computers. End-users use the connection manager to connect to FireCloud.
WatchGuard Agent
The WatchGuard Agent handles communication between managed computers on the same network and the WatchGuard server. The agent is installed on each endpoint or computer, and is used to deploy WatchGuard software, such as the WatchGuard connection manager and Endpoint Security software. It has low CPU, memory, and bandwidth usage and uses less than 2 MB of data each day.
When you download the connection manager installer from the FireCloud UI, you are downloading the WatchGuard Agent.
Point of Presence
A point of presence (PoP) is a physical location that enables users to connect to the Internet. When you connect to FireCloud, data from your device routes through the nearest WatchGuard PoP.
Identity Provider
An identity provider is an external system that you use to manage and authenticate your FireCloud users and groups. You can use any identity provider that supports SAML, such as AuthPoint, Microsoft Entra ID (Azure Active Directory), or Okta.
WatchGuard Cloud Directory
The WatchGuard Cloud Directory is an authentication domain in Directories and Domain Services where you can add users and groups that are hosted in WatchGuard Cloud. You can then use the users and groups from the WatchGuard Cloud Directgory with products such as FireCloud.
You can use the WatchGuard Cloud Directory instead of an identity provider to authenticate your FireCloud users and groups.
FireCloud Licenses:
To use FireCloud, you must activate a FireCloud license in your WatchGuard account or contact a Service Provider. The FireCloud license determines the number of users that can use the FireCloud service.
When you activate your FireCloud license key, the user licenses are added to your account in WatchGuard Cloud. If you are a Service Provider, the user licenses are added to your WatchGuard Cloud inventory. You can allocate FireCloud user licenses to accounts you manage in WatchGuard Cloud.
FireCloud is a security service that is licensed for each user.
There are four types of licenses:
Term Licenses A term license has a set number of users and a set duration, or term. For example, you might purchase a license for 100 users that expires after three years. The license expires the day after the expiration date at 00 UTC.
Subscription Licenses A subscription license enables you and your managed accounts to add users with no allocation limits. You can set a limit on the accounts you manage. With a subscription license, WatchGuard bills you monthly based on the number of users you have allocated.
Trial Licenses Trial licenses of FireCloud are available to Service Provider and Subscriber accounts in WatchGuard Cloud. Trial licenses expire after 30 days but you can renew them one time for another 30 days.
NFR Licenses (Service Providers only) A Not for Resale license includes a set number of users and typically has a three-year term. NFR licenses are available to Service Providers only.
You can activate and manage FireCloud term licenses on the WatchGuard portal in the Support Center. From Support Center, on the FireCloud page, you can review the activated FireCloud licenses for your account. If you click the name of a license, you can review the details and history of that license.
WatchGuard Cloud Subscriber accounts can have only one FireCloud license. When a Subscriber account activates a new license key in the Support Center, it is used to modify the current active FireCloud license. You can use a new license to add users or extend the license expiration.
WatchGuard Cloud Service Providers can have any number of licenses. When a Service Provider activates a new license key, they can use it to modify an active license or add a new, separate license. The users on the license are added to the Service Provider's inventory in WatchGuard Cloud, but the expiration date of the license is tracked separately.
Term License Activation
When you purchase FireCloud users, you are given a license key to activate on the WatchGuard website.
When you activate your FireCloud license key, the users for that license are added to your FireCloud account. If you have a Service Provider account, the users are instead added to your inventory in WatchGuard Cloud. From your inventory, you can allocate users to managed accounts or to your own account.
After you have an active FireCloud license, you have several options when you activate additional FireCloud license keys. Within the activation process, you can:
Add users to a license
Extend a license
Add a new license (Service Providers only)
When you add users or extend a license, the new license is merged with your active FireCloud license and the two licenses are co-termed. When licenses are co-termed, a new expiration date is calculated based on your updated user count and the term length of the license you activated.
License Renewals and Upgrades
To renew a license or modify an existing license, you purchase a new license and activate it. When you activate the new license, you select whether to add users or extend your current license. When you add users to your active license or extend it, the new license merges with your active license and the two licenses are co-termed.
Co-terming consolidates or merges your term licenses to synchronize renewal dates. When you co-term licenses, a new expiration date is calculated based on the updated users count and the term length of the license you activated. If you add users, the number of users you purchased is added to your current inventory. For example, if you have 50 users and purchase a term license for 100 users, your final count after you activate your new license is 150 users.
If you have an active subscription license, when you renew a term license, your subscription usage count reduces automatically so that only the users in excess of your termed license are billed as subscription users.
When you extend your license, if you purchased the same number of users that you currently have, your license is extended for another period (one or three years). If you purchased more users than are in your current inventory, your inventory immediately updates to match the number of users you purchased the license for.
To renew with fewer users, purchase a license for the desired number of users and choose Extend License when you activate your license key.