Thanks to the rise of DevOps, a fundamental shift is now underway in terms of the amount of influence developers exercise across the enterprise. Rather than simply dumping code on IT operations teams, developers increasingly are being held accountable for applications end to end. As such, developers now often exercise a lot more influence over which software-defined infrastructure and security platforms will be employed as part of what is referred to as the “shift to the left.” These platforms all have in common a well-defined set of application programming interfaces (APIs) that makes them accessible to developers.
Against that backdrop, Barracuda Networks announced its Barracuda NextGen Firewall can be configured via the IT automation framework developed by Puppet Labs. Previously, only the company’s Web Application Firewall was integrated with the Puppet framework.
In addition, the Barracuda NextGen Firewall is now available as a metered billing service in the Amazon Web Services (AWS) Marketplace. That marks the company’s second metered billing service on AWS, after making a similar move with the Barracuda Web Application Firewall last year.
Tim Jefferson, vice president of public cloud, says an increased focus on application security is driving an expansion of DevOps processes to now include DevSecOps driven by APIs rather than traditional user interfaces, which are not well-received.
Jefferson says those REST APIs are critical for any security company that wants to stay relevant as organizations start to manage multiple development pipelines that are tied into a common continuous integration/continuous development (CI/CD) pipeline. In that context, Jefferson says it’s no longer sufficient for IT security companies to make their offerings available as a virtual appliance. Security tools such as firewalls need to be just another cloud-native application that can be orchestrated as part of a CI/CD process, he says.
What’s more, DevOps teams have made it clear they want to be able to consume anything deployed on a public cloud in the same manner they consume compute and storage resources. That requirement is driving companies such as Barracuda Networks to add a metered billing option because many organizations in the age of the cloud don’t want to pay for a firewall unless it’s actually in use, says Jefferson.
It’s too early to say precisely how DevOps and DevSecOps are transforming the way IT products and services are acquired and invoked. In the case of Barracuda Networks, for example, the company is taking the rise of DevOps as opportunity to expand its portfolio of products first to include data protection by acquiring Intronis and then, more recently, compliance and archiving tools by acquiring Sonian.
Naturally, not every IT organization is equally far down the DevOps and DevSecOps path. But the various walls that have isolated various segments of IT are finally starting to come down at an increasingly rapid pace across the enterprise.