assume a scenario
enterprise network has proxy servers for internet browsing and perimeter firewalls are deployed for customer applications hosted in internet
As most of the IT companies are moving towards cloud services, firewall security has become a problem. every cloud has their own set of IP ranges and dynamic in nature. Customer don't get static Public IPs.
if We permit access to all IP ranges of cloud service providers, internal attackers of organizations knowing this loop hole can disable proxy and direct access to gaming , streaming customers hosted in cloud or use any other URL part of cloud hosting can download data which can be non-complaint to Organization.
would like to check with any of cloud specialist for critical query:- do Cloud hosting like AWS or Azure provide services for all category including pornography ,any anti-social or which can an damage to enterprise networks
thanks in adavance
As far as I know, AWS and Azure do not provide such services themselves. You would need to have a third party virtual firewall with NGFW capatibilities such as FTDv.
You can deploy cloud firewall and route the traffic through firewall to outside.
You have nextgen firewalls that can do the layer 7 filtering or application layer filtering. In AWS & AZURE you have to connect all subnets to firewall interfaces so that you will have control of your traffic. This is just an high level info.