Business & Technology
Organizations are rapidly adopting mobility, IoT, smart devices, and multi-cloud computing to meet new networking requirements. These changes are increasing the speed and the volume of the data and traffic that networks need to process. These network resources are also being constantly added, removed, or connected to each other, keeping the network’s attack surface constantly changing. The result is we are also creating complex networks that are difficult to track and secure.
Data and applications travel between many different users and devices, and span multiple borderless networks. This makes visibility and control more difficult. Cyber criminals are also targeting the expanded attack surface with faster and smarter cyber threats. Security needs to automatically adapt to changing network demands and configurations. Unfortunately, most legacy security systems simply can’t do this. Instead, organizations require a new generation of security designed to protect their hyperconnected, digital transformation networks.
The first generation of network security started 25 years ago. It was focused on securing network connections. Perimeter firewalls controlled who and what could connect to the network. Later, they were combined with VPN to encrypt traffic. Tools like IDS and IPS followed to help monitor and secure traffic. But even with these changes, security was still focused on protecting and inspecting data coming through established access points on a defined perimeter.
About 17 years ago, when Fortinet was founded, the first generation of security began to be replaced by a second generation. The growth of applications and encrypted traffic had made inspecting and securing traffic more difficult. Security tools had to work together to identify, inspect, and secure layer-7 traffic. Fortinet pioneered this second generation of network security by integrating security tools into the first UTM and NGFW security devices and developing dedicated security processors. Even with these changes, however, network perimeters remained clearly defined, devices were owned and controlled by the corporation, and traffic volumes and speeds were predictable.
Today, the network infrastructure is being changed by digital transformation. The majority of data no longer stays inside company networks where it can be easily protected. Multi-cloud environments, smart devices, elastic networks, and borderless networks have made first and even some second-generation security strategies obsolete. That’s because security needs to follow data and workloads as they move across interconnected networks. Siloed security devices just can’t do this. Organizations need a third generation of security tools to see and secure the entire network. This includes endpoint and IoT devices, physical and virtual systems, and complex multi-cloud ecosystems.
While the second generation of security continues to protect traditional networks, a third generation is emerging to protect digital organizations. These companies are transitioning to hyperconnected networks made up of sometimes millions of IoT devices, applications, and endpoints. These hyperconnected systems need a fabric-based approach to security that goes beyond isolated security devices and platforms to cover the whole network at the same time, even when it changes. This requires protection that is broad, integrated, and automated.
Broad: Effective security needs to cover a wide range of network environments and scenarios, including multi-cloud, email and web traffic, IoT and endpoint devices, high-performance edges, virtual data centers, and wired and wireless access points. And because business success is now often measured in microseconds, organizations cannot afford to trade performance for protection. Instead, security needs to occur at the speed of business.
Integrated: Because network elements are being interconnected, they cannot be secured using traditional point security products and platforms. Instead, a security fabric requires integrated devices, built around a set of open standards, that can collect, share, and correlate real time threat intelligence. This allows them to work as a system to identify sophisticated attacks. They can also organize resources to coordinate a response to attacks anywhere across the network at both speed and scale.
Automated: Today, cyberattacks occur at digital speeds. The time between a breach and data compromise has changed from days or hours to minutes or even seconds. Manually correlating log files and intelligence to detect a threat is too little too late. Security tools need to make autonomous decisions and automatically respond to cyber events. Automation also lets security move from signatures to behavior-based analytics. Combining modeling and automation allows networks to predict risks and shorten the time between detection and response. It also lets security adapt to changes in the infrastructure without human intervention.
This new, third generation of security requires interoperability between devices. This interoperability needs to be continually enhanced with sophisticated automation and AI. With self-learning capabilities, a Security Fabric will not only be able to see but even anticipate threats. This allows it to be self-provisioning, self-operating, self-learning, self-adjusting, and self-correcting.
Tomorrow, even fabric-based security systems will not be able to operate as independent systems. Hyperconnectivity and smart systems will require the dynamic sharing of real-time threat intelligence across networks systems and then coordinate resources to stop large-scale attacks. Anticipating and responding to threats before they can impact our network of networks, including critical infrastructure, will let us successfully defend ourselves against the next generation of cyberthreats targeting our digitized society.