It is estimated that by 2025, three-quarters of large organizations will be actively pursuing a vendor consolidation strategy, up from approximately 25% of them today. While a traditional network over-burdened by vendors is a challenge in its own right, those issues become compounded as organizations aggressively pursue a digital transformation strategy that involves adopting new technologies or expanding their networks. This is why we will especially see convergence across the new multi-edge -- such as consolidating services and devices that span the WAN edge, LAN edge, datacenter edge, cloud edge, and remote worker edge.
The advantages of such consolidation efforts are clear, ranging from reducing the overall footprint of vendors inside the network to reducing the overhead associated with deploying, managing, optimizing, and maintaining those solutions. But analysts at Gartner recently conducted a survey finding that more than 85% of organizations that pursue a vendor consolidation strategy find it challenging to reduce the total number of vendors.
The challenge of consolidating security
Part of the reason is that so many solutions are specialized. Security vendors, for example, may only provide one or two solutions for an environment that needs a full stack of security. It is not uncommon, therefore, for an organization to have solutions from 20 or 30 vendors in place. And that problem only grows larger because many of these solutions are not available or do not run natively in many of the public cloud platforms organizations rely on or may not be able to be cost-effectively deployed in traditional branch or new home branch offices. And even if they do, they do not communicate effectively with each other, let alone other solutions, but organizations not only need to be able to provide security on all those edges, but across and between them as well.
But an even more critical aspect of consolidation is looming. As networks become more agile and dynamic, they increasingly operate in a state of constant flux in order to ensure that business-critical applications and end-user experience are perpetually optimized. Security solutions deployed as an overlay technology are forced to then monitor the network and modify policies and protocols when network configurations and connections change. This can either radically slow down the network’s ability to maintain user experience or result in serious security gaps that can be exploited by cybercriminals.
Converging security and networking
A security-driven networking model addresses this challenge by integrating critical networking and advanced routing functionality into a full-service security platform. This ensures that security and the network -- especially at critical junctures in the distributed network -- function as a single solution. This can be expanded to include critical network + security functions such as zero trust access and intent-based network segmentation, and address challenges related to securing remote workers where infrastructure footprints are limited, or OT environments where IT/OT convergence represents new risks for critical business operations.
Converging infrastructure and security allows an organization to put security anywhere on any edge -- the WAN and Remote Worker Edge (using things like SD-WAN and SASE), the cloud edge (using proxies), or the datacenter or LAN edge (through secured WiFi and ethernet controllers). This allows security to function as a fully integrated element of the network, and the integration of deployment, management, configuration, and orchestration ensure that all elements work together seamlessly across the entire network as a single framework.
The convergence enabled by a security-driven networking strategy will be especially critical as new smart edge solutions are adopted. A smart edge is a collection of endpoint devices connected using cloud-native, highly scalable, and secure virtual platform that enables Software-as-a-Service (SaaS) applications to be deployed in or as close to the network edge as possible. It relies on things like 5G to ensure high performance and reliable connectivity. With a smart edge network in place, enterprises and communications service providers can enable cloud-like services closer to the user, whether on the customer-premise or at the network edge. But it absolutely depends on having a fully converged security and networking solution.
SD-WAN and SASE are other important convergence examples. According to a recent survey of organizations looking to adopt SASE, solutions will need to go far beyond just being a cloud solution. SASE will need to encompass multi-cloud, virtual machines, and the LAN edge if it is to meet the needs of today’s organizations. And it will need to include a full stack of fully integrated security that can function consistently in any cloud, on premises, across the WAN, and in branch and home offices and interoperate seamlessly between them to adapt to connection changes, ensure the integrity of applications and data, see and correlate threat intelligence, and respond to threats anywhere across the network.
Don’t forget performance
In addition to network integration, agility, and interoperability, however, security solutions functioning as part of a security-driven network will also need to be blazingly fast. While the primary job of the network is to move data as efficiently as possible between point A and point B, security has to perform a complex set of inspections that are many degrees more complex, and much more processor intensive. Cloud solutions not only need to be able to scale up and out, they also need to be specially optimized to run as efficiently as possible in each cloud platform. And hardware devices need to rely on something more than the common off-the-shelf CPUs they nearly all currently use.
Business runs on applications, and applications need speed. This appetite for performance has impacted all parts of the tech industry -- industry leaders have developed specialized ASICs to accelerate mobile devices, video, cloud platforms, network infrastructure components, and more. The fact is, with few exceptions, the security industry is one of the last to make that move, and if it doesn’t step up it will impact everyone’s ability to maintain the pace of innovation that our digital economy demands.
Effective convergence also enables automation
The other advantage created by a security-driven networking strategy is that such convergence enables advanced automation. Traditionally separated solutions can now work together as a system to detect and respond to events -- whether a network outage, an unreliable connection, or a cyberattack -- to ensure that all elements are operating together to safely and quickly initiate response and remediation measures.
As networks continue to expand, organizations are turning to convergence to get complicated and expensive operations under control. The integration of networking and security ensures that organization can reduce overhead and simplify operations without sacrificing visibility, network performance, or essential protections. Those companies that successfully make that transition will find they are able to compete much more effectively in today’s market, and in a position to weather whatever changes or storms may be ahead.
Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.
John Maddison has more than 30 years of executive management experience in the Cybersecurity and Telecommunications Industries. He joined Fortinet in 2012 to lead Cloud/SaaS Security development teams and is now the Chief Marketing Officer and EVP Products. He previously held executive leadership positions at Trend Micro focused on Advanced Threat Research and Cloud Delivered Security Services. He started his career with Lucent Technologies Mobile Division, Hewlett Packard Software and Cable & Wireless Global Networking. John holds a B.S. degree in Telecommunications Engineering from Plymouth University, United Kingdom.