A popular misquote attributed to Mark Twain states, "The reports of my death have been greatly exaggerated." Although he never said exactly that, Twain was widely rumored to have died in 1897 when, in fact, he was very much alive. This is relevant to the convergence of networks and security today.
In the technology realm, we're experiencing the same thing when it comes to networks. There are some cloud vendors that are proclaiming the traditional network to be all but dead. In effect, they're saying, “don’t worry about the network; just move everything to the cloud.” But like Mark Twain, the reports of the demise of networks are greatly exaggerated. In fact, networking (albeit hybrid) remains crucial. And ensuring consistent security across the network is more critical than ever, particularly in terms of extending the enterprise-grade protections enjoyed in the traditional core network to all of the new edges being deployed.
Whether for business purposes, compliance issues, centralized control, cost savings, availability, or security, the reality is that there are many reasons why most organizations still don't have cloud-only deployments and instead have hybrid networks. Of course, few have only a traditional data center network, either. The fact is, today's networks are evolving and converging, to include the transition to virtualization and the cloud, the rapid adoption and integration of IoT, and the reliance on applications as a central pillar of modern business. And as big data, hyperscale architectures, SD-WAN, 5G, edge networking, and smart systems such as integrated buildings and infrastructures become mainstream, networks will be forced to change even further.
But the network as we know it is still far from dead. However, today's highly distributed networks are more complex than ever. Critical resources and applications are now spread across datacenters, distributed branch and home offices, and multi-cloud environments. Users may need access to resources that are on premises, in a virtual cloud, or public cloud. What is dead, or, at least, no longer viable, is the legacy approach to security that we have been relying on to secure our evolving networks.
Traditionally, security solutions could be easily deployed after a network was designed and deployed because all that was needed was to secure fixed perimeters and monitor the predictable traffic and workflows moving between static network servers and known, external devices. But new demands have put increasing pressure on this model. Today, all components of the network, regardless of how widely distributed, need to function as a single integrated system. And at the same time, most of those elements also need to be seen as a discrete edge to the network. As a result, interoperability between dynamic network elements is essential. But so is protecting transactions, applications, and workflows moving from anywhere to anywhere. So what needs to happen at the network level is that connectivity and network functionality needs to be seamlessly coupled with security. That way, when data moves from one place to another, across and between devices that are constantly in motion, it needs to be integrated with the inspection, encryption, and policy enforcement that is just as agile.
Because networks now have many edges, it's impossible to create the sort of single defensible boundary most legacy security tools were designed to defend. Instead, applications and workflows now may span multiple environments in a single transaction, which means security needs to be applied consistently on the LAN, WAN, cloud, and remote user edges. And the dynamic connections between these environments also need to be both reliable and secure. No matter what device is being used, any user of any edge must be able to securely connect to any other edge or collection of edges at any time from any location.
The challenge is, when you look at the cybersecurity marketplace, most networking vendors still only provide that bolt on security. And far too many still haven’t quite figured out modern networking. As a result, wiring closets (both physical and virtual) are now filled with an array of single-point solutions that address only a specific area without considering the overall threat landscape.
A better way to think about networking is as a holistic converged solution, where networking and cybersecurity work together as a unified system. Instead of focusing on networking or security separately, organizations need to develop a security-driven networking strategy that tightly integrates the organization’s network infrastructure and security architecture. This allows the network to scale and change and adapt without ever compromising security. To effectively defend today’s highly dynamic environments, organizations need consistent enforcement that can span and adapt to flexible network perimeters. To do this, security needs to be woven deeply into the network itself.
Rather than relying on a series of discrete security components, a modern security strategy needs to start with a unified security platform that encompasses the entire network development and deployment life cycle. This approach helps ensure that security functions as the central consideration for all business-driven infrastructure decisions. With security at the core, networks can evolve, expand, and adapt without concerns that an expanded attack surface or security gap could compromise the organization. This type of security-driven networking enables organizations to address five critical elements:
The network may not be dead, but it is certainly evolving at an unprecedented rate with the convergence of networks and security. And security-driven networking is an essential strategy to secure today’s dynamic digital infrastructures. With an integrated security platform in place, organizations can embrace digital innovation and expand their digital footprint without exposing critical resources and new attack surfaces to new risks. Instead, the platform offers the flexibility needed to expand and adapt policy and enforcement in tune with the network, while enabling better visibility and control than traditional approaches relying on point solutions can ever provide.
Find out how the Fortinet Security Fabric delivers broad, integrated, and automated protection across an organization’s entire digital attack surface from IoT to the edge, network core and to multi-clouds.