Security Experts:

Hybrid Networks Are a Business Reality - and Most Security Can't Keep Up

As Organizations Become More Hybrid and Distributed, Their Security Needs to Be Able to Span Across All Environments 

Since organizations have distributed data and workloads across both cloud environments and on-premises data centers, IT teams are having to deploy, manage and secure increasingly complex and hybrid networks. And contrary to what some claim, the on-premises portion of network environments is not going away anytime soon. While nearly every organization has moved workloads into the cloud, the majority of organizations operate hybrid environments, continuing to run physical server and mainframe hardware, and maintain sensitive data and user information as well as data lakes on-premises. Hybrid environments allow organizations to keep important data on-prem in order to maintain full control over sensitive assets, while also taking full advantage of the scalability and agility the cloud can provide. As organizations become more hybrid and distributed, their security needs to be able to span across all environments.  

Securing the Anywhere Enterprise

There isn’t a one-size-fits all compute model. And for these highly distributed, and highly dynamic hybrid environments, organizations also need a security strategy that is capable of spanning on-prem, multi-cloud, branch, home office, smart edge, and similar environments. In order to achieve this, organizations need solutions that can provide comprehensive, flexible and adaptable security and consistent policy enforcement across all environments, something Gartner refers to as “anywhere operations.” 

As applications, resources, devices, and workers move around (users may not be traveling right now, but that will come back eventually) networks need to be able to adapt in real time. Workflows now often span physical data centers as well as multiple cloud environments, applications follow users regardless of where they are connecting from or what device they are using, and data and other resources need to be securely accessed by any user on any device in any location.

Five Essential Security Functions

To properly protect and defend these hybrid environments, organizations should look for security solutions that provide the following critical functions. 

1. Broad: First, security solutions need to support a distributed security model where the exact same security solutions can be deployed in any environment. As networks diversify and expand, this requirement is becoming more important than ever. Deploying isolated solutions in disparate segments of the network reduces visibility and limits the ability of the IT team to detect threats and prevent them from spreading to other part of the network or block threat actors from quietly infiltrating one part of the network from another. This requires selecting a security platform designed to operate natively in as many environments as possible, that can be deployed in whatever form factor is required, and that can provide comprehensive visibility across all points of deployment.

2. Integrated: Next, all of the various security solutions deployed across the network need to be able to see and work together as a single system to detect threats and respond to them in a coordinated fashion, regardless of where the occur. This requires having a central management system in place that can distribute policy and validate configurations in any environment, collect and correlate threat intelligence across the security fabric to see threats and other events, and orchestrate an effective response the covers the entire distributed network.  For cloud, this also means being able to work natively within the cloud platform.  

3. Fast: Third, these security functions need to operate not just at the speed of business, but at the speed of threats as well. This requires solutions designed to operate at maximum performance. As a result, every element of the security fabric requires highly optimized virtualized solutions and hardware augmented with purpose-built security processors to accelerate processor-intensive security function. 

4. Automated: In addition, responses need to be automated. Today’s threats can breach a network and obscure their presence faster than any analyst can respond. Anomalous and malicious behaviors need an automated response. And the addition of Machine Learning and AI, both at the remote edge and in the central SOC, means that complex threats can not only be seen but even anticipated, allowing a network to make dynamic adjustments in real time. If an organization has deployed siloed solutions from a variety of vendors, they can’t build automation. And they can’t be flexible. 

5. Security-driven Networking: Finally, in today’s networks, where advanced routing and connectivity functions can change the direction of business-critical applications, workflows, and other transaction to ensure optimal user experience, security added as an overlay simply can’t keep up. What’s needed is a solution built around Security-driven Networking to weave security and networking into a single, integrated system. This enables security and advanced routing functions to operate as a single system to establish and enforce zero-trust access, dynamic network segmentation, and unified enforcement anywhere, on any device, in any location. And it enables security to adapt dynamically as network functions shift to meet business requirements without introducing security gaps or introducing performance lags.

Success Requires Networking and Security to Function as a Single Solution

The majority of today’s security solutions are simply not fast enough, not smart or responsive enough, don’t operate in enough places, and can’t adapt as quickly as today’s business requires. Multi-vendor environments with disparate security solutions that don’t integrate when deployed make it impossible for organizations to securely use the flexible network environments they need to compete effectively. 

Instead, these organizations need a security platform designed to span, adapt to, and protect these dynamic environments. If they can’t, businesses will not be able to keep up. And that is critical in today’s digital business environment, where the difference between success and failure can be measured in microseconds. 

view counter
John Maddison is EVP of Products and CMO at Fortinet. He has more than 20 years of experience in the telecommunications, IT Infrastructure, and security industries. Previously he held positions as general manager data center division and senior vice president core technology at Trend Micro. Before that John was senior director of product management at Lucent Technologies. He has lived and worked in Europe, Asia, and the United States. John graduated with a bachelor of telecommunications engineering degree from Plymouth University, United Kingdom.