Have you noticed how the two key areas of operational technology – networking and security – are evolving and, in doing so, beginning to overlap? We are even seeing a change in terminology from ‘network security’ to ‘secure networks’. Moreover, it is becoming increasingly common to think about the network itself as a security enforcement platform.
Not so long ago, networking and security were largely separate entities. Traditionally, networks were constructed on standard building blocks such as switches and routers and security solutions such as perimeter firewalls or intrusion prevention systems applied afterwards. Each had its own set of tools, strategic approaches and dedicated operational teams. IT security departments typically focused on the delivery of time-honored threat detection methods and perimeter-based security defense mechanisms, as well as incident response and remediation. Networking teams spent time on issues around latency, reliability and bandwidth.
However, the move to hybrid networks means traditional approaches cannot cope with the scale, automation requirements or the rate of change.
Trends driving change
So what are the reasons for this evolution? First the fast-growing cybersecurity threat has caused many businesses to implement a wide range of security services from anti-virus and anti-spam software to next-generation firewalls and intrusion prevention systems.
These can cause problems with network latency – and with traffic volumes increasing with the growth in data due to the Internet of Things (IoT) devices, this can be a serious concern. For this reason alone, it is no longer viable for many businesses to treat networking and security entirely separately.
In addition, most modern networks now combine the use of physical data centers with the visualized, cloud platforms and containers, all of them needing at least the same level of security. By basing an approach on security function such as policy consolidation, micro-segmentation or cloud access brokerage rather than point products and ensuring all the functions integrate into a framework, providers and their customers can deliver a holistic approach to security that ensures the whole is greater than the sum of the parts, irrespective of where the data or application resides.
Another trend driving this blurring of function is the need for the constant fast refresh of services or applications and the ongoing push to enter new geographical or vertical markets to stay ahead of the competition. This means quickly and cost-effectively reconfiguring and updating security networks and related policies across many locations. Again this becomes more viable if the business has already integrated the two sets of devices and approaches.
Openness and inclusivity
Switches, in particular, are increasingly being used as policy enforcement points of security in this new era of secure networking infrastructures. So, when a business decides to microsegment its network, perhaps even down to a single server rack level, that top-of- rack switch now becomes a security policy enforcement point. That enhanced control is giving businesses many more options. In the event of an incident, they could decide to shut down the port, move the traffic onto a different virtual LAN (vLAN), or apply encryption to it, for example.
To be successful over the long-term, this kind of approach needs to be open and inclusive. Few networks are homogeneous – nearly all will have a mix of different vendors’ equipment – and all that equipment needs to communicate and operate as a cohesive, standards-based unit. This is especially important since network intelligence can then discover or predict threats and feed this information into a security policy creation function.
By abstracting security policy creation to a centralized point and automating it, businesses can utilize network devices as dynamic security policy enforcers – right down to the point of connection.
When you look at the whole picture many other benefits emerge. Embedding security into the network reduces operational overhead, increases visibility and helps generate meaningful intelligence for the business. By standardizing security policy across the landscape, there are fewer errors and less time spent troubleshooting.
Bringing together networking and security also makes it easier for the IT team to facilitate a migration to cloud services, where appropriate, and to achieve improved visibility across the network, so reducing troubleshooting and resolution times.
This approach can be important in achieving compliance, helping to meet the demands of regulations such as PCI and GDPR, for example. It can also protect current investments, avoiding the need for large scale upgrades.
It’s clear from these multiple benefits that this blurring of boundaries could be overwhelmingly positive both for solutions provider and for their end customers who will reap the rewards in terms of lower costs; better operational efficiencies and of course, reduced risk.