An archetype for mitigating the security threats in multi-cloud environment by implementing tree-based next-generation firewalls

Cloud computing on-demand dynamicity in nature of end-user that leads towards a hybrid cloud model deployment is called a multi-cloud. Multi-cloud is a multi-tenant and multi-vendor heterogeneous cloud platform in terms of services and security under a defined SLA (service level agreement). The diverse deployment of the multi-cloud model leads to rise in security risks. In this paper, we define a multi-cloud model with hybridization of vendor and security to increase the end-user experience. The proposed model has a heterogeneous cloud paradigm with a combination of firewall tracts to overcome rising security issues. The proposed work consists of three steps, firstly, all incoming traffic from the consumer end into five major groups called ambient. Secondly, design a next-generation firewall (NGFW) topology with a mixture of tree-based and demilitarized zone (DMZ) implications. Test implementation of designed topology performed by using a simple DMZ technique in case of vendor-specific model and NGFW on hybrid vendor based multi-cloud model. Furthermore, it also defines some advantages of NGFW to overcome these concerns. The proposed work is helpful for the new consumer to define their dynamic secure cloud services under a single SLA before adopting a multi-cloud platform. Finally, results are compared in terms of throughput and CPU utilization in both cases.