Multi-tenant cloud-based firewall systems and methods

What is claimed is: 1. A non-transitory computer-readable storage medium having computer readable code stored thereon for programming a processor, in a node of a cloud-based security system, to perform steps of: receiving a plurality of packets, each of the plurality of packets being received from a respective network device, each respective device being associated with one of a plurality of tenants associated with the cloud-based security system and being external to the node, the cloud-based security system enabling communication over a Wide Area Network (WAN), selecting firewall policies for processing each respective packet of the plurality of packets based on a matching criteria, wherein the cloud-based security system supports the plurality of tenants and the firewall policies are selected based on which tenant is in the matching criteria for the respective packet and which of a plurality of firewall policies are associated with the tenant; dropping one or more of the plurality of packets responsive to the one or more packets not being location based and not being Hypertext Transfer Protocol (HTTP) or HTTP Secure (HTTPS) traffic; generating a new firewall session, at the node, for each packet matching a distinctive firewall policy by allocating resources thereto, wherein the new firewall session is generated for each packet based on if the packet is location based and not destined for the cloud node; processing each of the plurality of packets utilizing one of the firewall sessions generated by directing packets to a respective firewall session based on the matching criteria to determine whether or not to block the respective packet from transmission over the WAN, the block is performed in the node in the cloud-based security system; logging every firewall session for multiple users, multiple user devices, multiple locations, multiple applications, multiple ports, and multiple protocols; and generating one of a real-time report generated by compressed stats and an analyze report generated by full session log analysis. 2. The non-transitory computer-readable storage medium of claim 1 , wherein the firewall policies are further based on a location in the matching criteria. 3. The non-transitory computer-readable storage medium of claim 1 , wherein each respective network device is configured to route Internet-bound traffic to the cloud-based security system. 4. The non-transitory computer-readable storage medium of claim 1 , wherein the firewall policies are configured to operate over all ports and protocols associated with the WAN. 5. The non-transitory computer-readable storage medium of claim 1 , wherein each of the plurality of packets includes one of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) traffic. 6. The non-transitory computer-readable storage medium of claim 1 , wherein the steps further include performing Deep Packet Inspection (DPI) on each of the plurality of packets in a same session; and determining an application associated with the same session based on the DPI. 7. The non-transitory computer-readable storage medium of claim 1 , wherein the cloud-based security system is configured to operate the firewall policies in a cloud without firewall hardware deployed at local Internet breakouts. 8. The non-transitory computer-readable storage medium of claim 1 , wherein the firewall policies are security policies based on user identity, application awareness, and location. 9. The non-transitory computer-readable storage medium of claim 1 , wherein the steps further include receiving an update based on detection of zero-day/zero-hour threats; and updating the firewall based on the update. 10. A node in a cloud-based security system, comprising: a processor and memory storing instructions that, when executed, cause the processor to receive a plurality of packets, each of the plurality of packets being received from a respective network device, each respective device being associated with one of a plurality of tenants associated with the cloud-based security system and being external to the node, the cloud-based security system enabling communication over a Wide Area Network (WAN), select firewall policies for processing each respective packet of the plurality packets based on a matching criteria, wherein the cloud-based security system supports the plurality of tenants and the firewall policies are selected based on which tenant is in the matching criteria for the respective packet and which of a plurality of firewall policies are associated with the tenant; drop one or more of the plurality of packets responsive to the one or more packets not being location based and not being Hypertext Transfer Protocol (HTTP) or HTTP Secure (HTTPS) traffic; generate a new firewall session, at the node, for each packet matching a distinctive firewall policy by allocating resources thereto, wherein the new firewall session is generated for each packet based on if the packet is location based and not destined for the cloud node; process each of the plurality of packets utilizing one of the firewall sessions generated by directing packets to a respective firewall session based on the matching criteria to determine whether or not to block the respective packet from transmission over the WAN, the block is performed in the node in the cloud-based security system; logging every firewall session for multiple users, multiple user devices, multiple locations, multiple applications, multiple ports, and multiple protocols; and generating one of a real-time report generated by compressed stats and an analyze report generated by full session log analysis. 11. The node of claim 10 , wherein the firewall policies are further based on a location in the matching criteria. 12. The node of claim 10 , wherein each respective network device is configured to route Internet-bound traffic to the cloud-based security system. 13. The node of claim 10 , wherein the firewall policies are configured to operate over all ports and protocols associated with the WAN. 14. The node of claim 10 , wherein each of the plurality of packets includes one of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) traffic. 15. The node of claim 10 , wherein the instructions that, when executed, further cause the processor to perform Deep Packet Inspection (DPI) on each of the plurality of packets in a same session; and determine an application associated with the same session based on the DPI. 16. The node of claim 10 , wherein the cloud-based security system is configured to operate the firewall policies in a cloud without firewall hardware deployed at local Internet breakouts. 17. The node of claim 10 , wherein the firewall policies are security policies based on user identity, application awareness, and location. 18. The node of claim 10 , wherein the steps further include receiving an update based on detection of zero-day/zero-hour threats; and updating the firewall based on the update. 19. A method implemented in a node of a cloud-based security system, the method comprising: receiving a plurality of packets, each of the plurality of packets being received from a respective network device, each respective device being associated with one of a plurality of tenants associated with the cloud-based security system and being external to the node, the cloud-based security system enabling communication over a Wide Area Network (WAN), selecting firewall policies for processing each respective packet of the plurality of packets based on