Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
February 15, 2021
6 Min Read
Digital innovation, work-from-home, the Internet of Things, and other macro-trends have forced nearly every organization to redesign their networks to provide better business outcomes and user experiences. The so-called network perimeter, which was once a narrow point of access at the edge of the network, now extends across the entire IT infrastructure -- from home offices, branch offices, and enterprise data centers to multiple public clouds well beyond the traditional trusted zone. This fracturing and extension of the perimeter has introduced new requirements across all of the edges that make up the new network -- the LAN, WAN and cloud.
The rapid and global business response to COVID-19 served to underscore the need for business continuity plans that include flexible, anywhere, anytime, secure remote access to any information, using any application on any device, and from any location -- and at scale. But this wasn’t some radical departure from the direction business was already headed. It simply accelerated our transition to a more fluid, digital world.
Applications, device functionality, and user experience will continue to accelerate business for the foreseeable future. And underlying that availability, collaboration, and functionality is the need for ubiquitous performance. It’s no surprise, then, that a single end-user device today has more processing power, generates more data, and requires faster access to more digital resources than had existed in the entire world just a handful of decades ago.
Today’s companies use these and similar devices to build complex, hybrid networks, and multi-cloud environments to gather, store, and process unprecedented volumes of data. They are also constantly building and upgrading applications to simplify and accelerate that process. The challenge is that cybercriminals also want access to those resources. Cybercrime is a multi-billion-dollar industry. Which means that in addition to faster devices and more distributed access to resources, businesses also need security tools capable of supporting hyperscalable and hyperconnected infrastructures to securely deliver better business outcomes and enhanced experiences.
Unfortunately, many security solutions and strategies have failed to keep pace with these new technologies and business requirements. Legacy security solutions have notoriously lagged behind other areas of network development in terms of power and performance. Part of that challenge is due to the fact that security tools often need to do so much more than a traditional network server, router, or switch. Network devices generally only need to move data from point A to point B. Security tools need to validate the origin and destination of that traffic, authenticate both the user and device, perform deep inspection of each packet looking for malware, and provide persistent monitoring of traffic looking for anomalous behaviors. This process becomes even more complex as data, workflows, and transactions span different compute environments. In addition to handing over packets and traffic protocols, security also has to seamlessly pass along consistent policies and enforcement, as well as dynamically share threat intelligence across the entire security infrastructure.
And most security tools try to do this using common, off-the-shelf processors that were never designed for such specialized performance and functionality. So now, as demands for performance accelerates, driven by things like 5G-enabled devices and applications, many security solutions will continue to lag further and further behind. We are already seeing the impact.
There is no need to accept a sacrifice of security to attain performance. First, security solutions need to be built with performance in mind. Custom ASICs are used by every major technology developer to enhance the performance of smartphones, cloud-based servers, and other network devices. Only a handful of vendors have spent the time and resources required to ensure their security devices can operate at the speed modern businesses demand.
Second, because today’s networks are highly fluid, security cannot operate as a separate solution isolated from the business demands that constantly shift and shape the network. Networks see users and applications as identities that span the distributed network, both on and off premises. They are designed to ensure consistent access and performance of any transaction end to end. Most security, however, is still focused on securing a specific place in the network, or at best, monitoring a single network segment.
That requires security and networking to function as a single, integrated system. That way, whenever the networking infrastructure evolves or expands, security is able to automatically adapt and scale as an integrated part of that environment, protecting the extended identity of a user or device to ensure consistent protection while enabling accelerated performance across all network edges. The security-driven networking strategy converges security and networking into a single system that ensures that whenever the networking infrastructure responds to changing business or connectivity requirements, security automatically adapts as an integrated part of that environment.
Of course, physical integration is only part of the challenge. Performance and interconnectivity between these two areas is also essential. Network and security policies need to be able to meet constantly evolving requirements at digital speeds, especially as we transition to 5G and beyond. According to Fortinet’s Ken Xie, “to keep pace with the ongoing digital transformation of our interconnected environments, security and the network will have to converge. This is the only way that threat detection and prevention can continue to span the evolving network and respond at network speeds.”
We are at the cusp of a new generation of accelerated digital innovation. Billions of new, high-performance devices will create new edge networks and platforms, many of them ad hoc and temporary. We will see new immersive applications, such as VR and AR-based communications, rich streaming media, and interactive tools that create collaborative experiences that will soon become business-critical. These solutions will then tie multiple services together in new ways, enabling intelligent systems such as smart transportation, smart building and cities, and smart infrastructures. Protecting these environments will require the convergence of networking and security to ensure the integrity of data and devices across their extended and expanding environments, and to do so at the accelerating speeds evolving systems will demand.
Because these new integrated platforms and evolving edge environments will be built using a constantly shifting number of interconnected devices and applications, security and networking will need to operate as a single entity. And as the speed and sophistication of cyberthreats are able to target a rapidly expanding and evolving attack surface, security will also need to refocus on prevention, which is far more difficult and processor intensive. High-performance transactions in new edge environments will also require immediate decision-making, As a result, security will not only need to also be integrated consistently across all IoT and networking devices, but it will also need to include advanced AI to meet expanding performance and decision-making demands.
None of this can happen using the traditional security solutions most organizations have in place today. Next-generation challenges require next-generation security solutions built around integration, convergence, adaptability, and performance. 5G is just the tip of the spear. Businesses that want to thrive in today’s evolving digital world will need to retool and more deeply integrate advanced security solutions into their overall technology evolution strategy.
Find out how Fortinet’s Security Fabric platform delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.
Jonathan Nguyen-Duy is a Vice President in Fortinet’s global Field CISO team. He is a well-known cybersecurity author and industry speaker with unique global public sector and commercial experience with a deep understanding of threats, technology, compliance and business issues. Jonathan holds a BA in International Economics and an MBA in IT Marketing and International Business from the George Washington University.
You May Also Like