This is an interesting question that depends on many factors, such as the size, budget, and needs of your business. Cloud security solutions offer more scalability, flexibility, and cost-effectiveness, but they also come with some risks, such as data breaches, vendor lock-in, and compliance issues. On-premise security solutions offer more control, customization, and reliability, but they also require more maintenance, resources, and upfront investment. There is no definitive answer to which one is better, as both have their pros and cons. You may want to check out this article that compares cloud vs on-premise in more detail and provides some tips on how to choose the best option for your business (https://www.cleveroad.com/blog/cloud-vs-on-premise/). I think it’s helpful because it covers the main aspects of both solutions and gives some practical examples and recommendations. I hope you find it useful too!
Search for a product comparison in Cloud and Data Center Security
My comments are based on my own experiences over time.
Divyang added some significant comment and I wholeheartedly agree with everything he listed, not much one can add.
Cloud security solutions are, from what I have seen, much easier to deploy and your actual TCOE might be lower than on prem especially when you look at your full localized cost (Space, HVAC, Hardware, OS’s, IT Support, etc) The other big benefit is time to deploy and the feature sets on offer. The other big benefit is that your licensing is subscription based, this makes it easier to move if the service does not meet your expectation.
The one thing that must remain front of mind is that irrespective of where your solutions come from YOU must still configure and manage that solution. There are some providers that offer a bolt on management service or a derivative of it.
Senior Cyber Security Consultant at Infosec Ventures
Reseller
2020-06-09T05:32:53Z
Jun 9, 2020
There are several factors to consider and those are as below.
1. Workload location
a. How many workloads are in cloud and how many servers are on-premise
2. No. of Branches & Internet connectivity at each branch location
3. No. of roaming users (For endpoint security)
4. No. of users accessing cloud apps or cloud workloads
5. How much you've already invested in on-premise data center & how much they're occupied.
Above list may go on & on based on the which security solution you need (e.g. workload security or endpoint security or perimeter security)
Advantage of Cloud delivered security solutions:
1. Easy to administrate
2. No need to worry about security patches & product upgrades
a. No need to worry about underline hardware
3. Integration with AWS inspector / Azure security inspector is available out of the box.
4. Security for roaming users can be provided very easily.
a. No need to expose security management server
5. Provides infinite scalability
a. No need to worry about future incremental number (e.g. increase in workloads or increase in users)
Disadvantages of Cloud delivered security solutions:
1. Can't use for Air-gaped environment
2. There may be chances of delayed logs/analysis for on-premise infrastructure depending upon internet connectivity
3. Still need some sort of on-premise module to be installed, e.g. if you go for Azure sentinel (Cloud delivered SOC), you need to install on-premise Log collector and Log Forwarder.
4. If you're under any compliance/regulatory which required data sovereignty has to be followed, Need to check with Security solution vendor where their data centers are.
5. Much more costlier than the on-premise security solution
Advantages of On-premise security solution:
1. Perfectly suited for Air-gaped environment
2. Faster log collection for on-premise infrastructure
3. Much more cheaper than cloud delivered security solution
Disadvantages of On-premise security solution:
1. Difficult to administrate
2. Need to apply security patches and product upgrades which require huge downtime
3. Always need to consider future number
a. Sizing is very difficult (usually most of the time underline compute is under/over used but not at the optimum level)
This category within cybersecurity focuses on the protection of data, applications, and infrastructures in both cloud environments and physical data centers.
This is an interesting question that depends on many factors, such as the size, budget, and needs of your business. Cloud security solutions offer more scalability, flexibility, and cost-effectiveness, but they also come with some risks, such as data breaches, vendor lock-in, and compliance issues. On-premise security solutions offer more control, customization, and reliability, but they also require more maintenance, resources, and upfront investment. There is no definitive answer to which one is better, as both have their pros and cons. You may want to check out this article that compares cloud vs on-premise in more detail and provides some tips on how to choose the best option for your business (https://www.cleveroad.com/blog/cloud-vs-on-premise/). I think it’s helpful because it covers the main aspects of both solutions and gives some practical examples and recommendations. I hope you find it useful too!
My comments are based on my own experiences over time.
Divyang added some significant comment and I wholeheartedly agree with everything he listed, not much one can add.
Cloud security solutions are, from what I have seen, much easier to deploy and your actual TCOE might be lower than on prem especially when you look at your full localized cost (Space, HVAC, Hardware, OS’s, IT Support, etc) The other big benefit is time to deploy and the feature sets on offer. The other big benefit is that your licensing is subscription based, this makes it easier to move if the service does not meet your expectation.
The one thing that must remain front of mind is that irrespective of where your solutions come from YOU must still configure and manage that solution. There are some providers that offer a bolt on management service or a derivative of it.
There are several factors to consider and those are as below.
1. Workload location
a. How many workloads are in cloud and how many servers are on-premise
2. No. of Branches & Internet connectivity at each branch location
3. No. of roaming users (For endpoint security)
4. No. of users accessing cloud apps or cloud workloads
5. How much you've already invested in on-premise data center & how much they're occupied.
Above list may go on & on based on the which security solution you need (e.g. workload security or endpoint security or perimeter security)
Advantage of Cloud delivered security solutions:
1. Easy to administrate
2. No need to worry about security patches & product upgrades
a. No need to worry about underline hardware
3. Integration with AWS inspector / Azure security inspector is available out of the box.
4. Security for roaming users can be provided very easily.
a. No need to expose security management server
5. Provides infinite scalability
a. No need to worry about future incremental number (e.g. increase in workloads or increase in users)
Disadvantages of Cloud delivered security solutions:
1. Can't use for Air-gaped environment
2. There may be chances of delayed logs/analysis for on-premise infrastructure depending upon internet connectivity
3. Still need some sort of on-premise module to be installed, e.g. if you go for Azure sentinel (Cloud delivered SOC), you need to install on-premise Log collector and Log Forwarder.
4. If you're under any compliance/regulatory which required data sovereignty has to be followed, Need to check with Security solution vendor where their data centers are.
5. Much more costlier than the on-premise security solution
Advantages of On-premise security solution:
1. Perfectly suited for Air-gaped environment
2. Faster log collection for on-premise infrastructure
3. Much more cheaper than cloud delivered security solution
Disadvantages of On-premise security solution:
1. Difficult to administrate
2. Need to apply security patches and product upgrades which require huge downtime
3. Always need to consider future number
a. Sizing is very difficult (usually most of the time underline compute is under/over used but not at the optimum level)