My grandfather often used to recollect his father’s advice: Never buy lands beyond what your eyes can see! Obviously, beyond your direct vision of your lands, nobody knows who is utilizing them, and how. Drawing the analogy to the modern-day Network Managers, you can’t manage the network you can’t see.
Modern day networks are large and complex with disparate systems, security and monitoring tools. Often, these tools are purchased and deployed to address one immediate requirement with no deep-down thinking or long term thought process. Network managers are left with so many stove-pipe solutions and many places to look at when it comes to troubleshooting. Compliance to various security agencies and government requirements mean more and more security tools.
Put together can these tools are able to still leave them with a good night’s sleep is still a question. Network Visibility is becoming a key discussion point in all IT discussions. How much you know about your network and how well is the question!
From a legacy (is it too early to call it a legacy?) data center where rows of racks are stacked with switches, routers, VPN concentrators, firewalls, Intrusion Prevention Systems and log analysis appliances, to the newer data centers that have hundreds of virtualized components due to the advent of Software Defined Networking (SDN) and Network Functions Virtualization (NFV), getting the complete picture of what’s going where is still a puzzle.
Newer threats such as encrypted attacks, malware, ransomware and even the hardware related bugs that can be exploited by hackers only add to this complex picture of lack of visibility in your networks.
Of course, we have SIEMs, Log analysis and network monitoring tools. But they pose a challenge of media limitations (1G tools in a 10G network), domain or scope of these tools and constant need to upgrade and update them calling for a downtime, and therefore, time gaps in networks being protected.
When networks scale very fast, these security tools don’t. While data at rest is handled through encrypted storage solutions, data in motion remains vulnerable always.
Therefore, the resulting network in present shape, leaves several blind spots, inconsistent view of traffic, veiled encrypted traffic and constant contention for access to traffic.
The solution for these challenges is the Security Delivery Platform (SDP). Instead of looking at point solutions, it aims to provide visibility across the entire infrastructure. You have inline security tools (eg. Firewall) and non-inline tool (eg. SIEM) that needs access to the traffic through TAPS (Traffic Access Points). Limitation of limited TAPS need to be overcome to have better visibility.
Total visibility means not only seeing everything, but also not to miss something that’s very important too. With network traffic growing exponentially, challenges of sophisticated threat patterns and malware that comes in encrypted forms, directing right and meaningful traffic to the right security tools is the only way to have a greater control of your network.
Government agencies, financial sector companies, Healthcare, Media, ecommerce and even technology companies are turning to Secure Delivery Platform (SDP) to address the above challenges. Need to maintain total network visibility on-premises in your data centers and in Cloud means time has come to make way for SDP!
~M.K. Mohan
Also read it on: http://csoonline.in/articles/make-way-sdp
Comments