Skip to content
11:11 Systems
The Resilient Cloud Platform
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • 11:11 Systems Consulting
          Consulting Services
          Global Regions
          Cloud Regions
          11:11 Systems Security
          Security

      • Column 2
        • Cloud Console
          Cloud Console
          Catalyst
          Planning and Assessment
          Compliance
          Compliance

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      • ESG Program
      •  
      • Careers
      • Technology Partners
      • Customer Stories
      • Innovation Blog
  • Products & Services
    • Products & Services

        • Cloud Overview
        • Managed Public Cloud
        • Private Cloud
        • Object Storage
        • Cloud Labs
        • Flexible Cloud Environment/Colocation
        • AWS Solutions
        • Managed OS Services
        • Managed DB Services

        Infrastructure as a Service

        Take a 30-day free trial of 11:11 Cloud.

        Cloud hosting built for your business.
        START FREE TRIAL
        REQUEST A QUOTE

        • Backup Overview
        • Veeam Backup
        • Microsoft 365 Backup
        • Managed Backup for Cohesity
        • Cyber Vault
        • Data Protection Services
        Backup as a Service

        11:11 Cloud Backup

        Protect your data wherever it lives.
        REQUEST A QUOTE
        REQUEST A DEMO

        • DRaaS Overview
        • DRaaS for Veeam
        • DRaaS for Zerto
        • DRaaS for Azure
        • DRaaS for Cohesity
        • Managed Recovery
        • Cloud Recovery
        • Cyber Recovery Platform
        • Infrastructure Recovery
        • Continuity Consulting Services
        • Disaster Recovery Consulting
        Disaster Recovery

        5TB 30Day Free Trial of DRaaS for Veeam

        Protect your business-critical workloads and reduce recovery time with the Leader in Disaster Recovery.
        START FREE TRIAL
        LEARN MORE

        • Security Overview
        • Continuous Risk Scanning
        • Managed Detection and Response
        • Managed SIEM
        • Managed EDR
        • Managed Firewall
        • Application and Zero Trust Services
        Security Services

        Take the first steps toward cyber resilience.

        Download our white paper and learn how to stay ahead of threats.
        REQUEST A QUOTE
        DOWNLOAD NOW

        • Networking Overview
        • SD-WAN
        • Managed Connectivity for AWS Direct Connect
        • Multi-Cloud Connect
        • Network Consulting Services
        Connectivity Services

        Transform your network.

        Take your infrastructure and performance to the next level.
        REQUEST A QUOTE
        WATCH VIDEO
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
    • Solutions Business Objective Submenu
      • BUSINESS OBJECTIVE
      • Cyber Resilience
      • Modernize
      • Protect
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Consulting Services
    • Cloud Console
    • Cloud Regions
    • Planning and Assessment
    • Security
    • Compliance
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • ESG Program
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Managed Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Flexible Cloud Environment/Colocation
    • AWS Solutions
    • Managed OS Services
    • Managed DB Services
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • Cyber Vault
    • Data Protection Services
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • DRaaS for Cohesity
    • Managed Recovery
    • Cloud Recovery
    • Cyber Recovery Platform
    • Infrastructure Recovery Services
    • Continuity Consulting
    • Disaster Recovery Consulting
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed Detection and Response
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • Application and Zero Trust Services
    • NETWORK
    • Network Overview
    • SD-WAN
    • Managed Connectivity for AWS Direct Connect
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • BUSINESS OBJECTIVE
    • Cyber Resilience
    • Modernize
    • Protect
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Product Documentation
    • API Documentation
  • Contact
  • Login
  • Free Trial
Tags: Cloud Services
Author: 11:11 Systems
Date: November 9, 2017

Third Party Firewalls in the 11:11 Cloud

Cloud firewallEditor’s Note: As of January 2022, iland is now 11:11 Systems, a managed infrastructure solutions provider at the forefront of cloud, connectivity, and security. As a legacy iland.com blog post, this article likely contains information that is no longer relevant. For the most up-to-date product information and resources, or if you have further questions, please refer to the 11:11 Systems Success Center or contact us directly.

Date: November 9, 2017

Author: 11:11 Systems

 

One of the main barriers to the adoption of public clouds over the past few years has been security. Fears of hacking and data theft have been heightened by cases in the media.

Many customers thought that cloud would automatically take care of security regarding attacks from the internet, and there have been great advances to allay these fears. However, for many public cloud providers not all bases are covered out of the box, and adding in security features can add significant cost and complexity to the solution.

Here at 11:11 Systems, we have provided many of the security features that an enterprise customer requires, and have been accustomed to within their own on-premises environments. This includes:

  • Comprehensive firewalling capabilities at the edge
  • Best-of-breed security within the cloud environment (anti-virus/anti-malware, intrusion detection, web reputation, file integrity monitoring, log inspection)
  • Encryption at the datastore level along with optional VM encryption

All the functionality of the VMware NSX Edge virtual appliance has been integrated into the 11:11 Cloud Console, and for most customers this provides all of the functionality they need.

However, some customers prefer to use the same firewall technology that they have been using on-premises in the form of a physical or virtual firewall appliance. Also, the appliance may provide different or additional functionality.

One of the differentiators of 11:11 is being able to offer the capability for both physical and virtual appliances. While not very cloudy in nature, physical appliances can be accommodated by co-location, and 11:11 will take care of the cross-connection into the 11:11 cloud environment.

Our standard offering is to use the VMware NSX Edge virtual appliance, but other options exist and will be discussed later.

Standard with VMWare with NSX Edge

  • Supports up to nine VXLAN-backed networks attached to the Edge
  • Uses standard RFC1918 address structures for networks
  • Route between networks and Internet using the Edge
  • Provides:
    • DNAT, SNAT, and 5-tuple Firewall
    • SSL Client VPN and IPsec Site-to-Site VPN
    • Simple Load Balancing (IP hash, round robin)

This standard architecture can be augmented by adding in third party virtual firewall appliances, as shown below. The firewall appliance runs like any other virtual machine in the cloud. Examples of third party firewalls used recently include:

  • Cisco
  • Kemp
  • Checkpoint
  • Watchguard
  • Palo Alto
  • Fortinet

Third party virtual firewall appliance with NSX Edge
Third party firewall basics:

  • Deployed within vCloud as a normal VM/vApp
  • Will support up to nine VXLAN-backed internal networks
  • vShield Edge configured mostly in a passthrough mode
  • Customer manages third party firewall to provide required services
  • Requires NATing from vShield Edge to third party firewall. This can result in double-NATing to applications, and IPsec VPNs from the third party firewall will dislike being NATed

Due to the NAT issues discussed above, 11:11 Systems normally prefers to adopt the next option, where the virtual appliance is attached directly to the internet via a block of public IP addresses in a small subnet.


For this use case:

  • VLAN-backed networks attached to the third party firewall appliance, with one external to the Internet. Can support VLAN trunking.
  • Public IP address block as required (/28 for example)
  • Use standard RFC1918 address structures for networks
  • Route between networks and Internet using third party firewall
  • Functionality determined by third party CLI or web UI
  • No integration with 11:11 console for firewall functionality
  • Appears as a VM to manage in the 11:11 console

Finally, as discussed earlier, 11:11 can offer co-location of physical networking appliances:


This last option is similar to the virtual appliance example. Here are a few of the basics features:

  • Can support many VLAN-backed attached to the third party firewall (not limited by VM constraints)
  • Use standard RFC1918 address structures for networks
  • Route between networks and internet using third party firewall
  • Functionality determined by third party CLI or Web UI
  • No integration with the 11:11 console for firewall functionality

In all cases, these third party appliances can be integrated into management tools that the customer may already be running in the 11:11 cloud, or on-premises.

While 11:11 Systems supports a large range of virtual networking appliances and is not limited to firewalls (we also support load balancers, web application firewalls, WAN optimizers, etc), we do not resell licenses for these appliances (with the exception of the Cisco ASAv), and so customers will usually bring their own licenses, and can upload virtual appliances through OVF/OVA.

Categories: IaaS, SecurityBy 11:11 SystemsNovember 9, 2017
Tags: Cloud Services
11:11 Systems

Author: 11:11 Systems

11:11 Systems (“11:11”) is a managed infrastructure solutions provider that holistically addresses the challenges of next-generation managed cloud, connectivity and security requirements. 11:11 combines the teams and technology behind market leading, analyst vetted companies like Green Cloud Defense and iland to deliver increased performance, optimization and savings.

Post navigation

PreviousPrevious post:Ensuring Data Protections in the CloudNextNext post:The Continuity Tools Explained: VM Snapshots

Related Posts

Digital Operational Resilience Act (DORA)
Helping the Financial Sector Deliver Secure and Modern Infrastructure through Regulation
July 10, 2025
vulnerability management
A Modern Approach to Managing Vulnerabilities
May 30, 2025
Cyber Resilience
Data Protection vs. Cyber Resilience: Mastering Both in the Complex World of Gambling
May 27, 2025
Elevated Cloud Backups With 11:11 Systems
May 19, 2025
Cost Optimization: DRaaS to IaaS
Cloud Smart: From DRaaS to IaaS  
May 16, 2025
effective passwords
Creating Effective Password Policies in Your Organization
May 5, 2025
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Network as a Service
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • X
  • Youtube

© 2025 11:11 Systems Inc., All Rights Reserved | Privacy Notice | Website Terms of Use |

Go to Top