Rapid changes to a network can easily result in gaps in protection and enforcement
The need to compete and operate in today’s marketplace is driving digital acceleration and expanding the digital footprint of businesses. Today’s critical resources are often dispersed across traditional data centers, cloud networks, branch offices, SaaS platforms, home offices, and even mobile end-user and IoT devices. To ensure that everyone has access to the resources they need, businesses now run on applications—which makes reliable, secure, and fast connections from anywhere to anywhere absolutely essential.
Tying this together is the modern hybrid network. Contrary to the rumors of its death, the network is here to stay, with hybrid networks at the center of how businesses operate for the foreseeable future. The real challenge is not how to replace the network but how to get all its moving parts working together more efficiently. The biggest challenge is that most networks have evolved organically. As a result, far too many IT teams spend a significant portion of their time troubleshooting workarounds, so users have a seamless experience whether working from the office, from home, or somewhere in between.
Nowhere is this challenge more valid than when trying to maintain consistent security across a distributed and evolving network. Securing digital acceleration across a hybrid network means we must stop thinking about networking and security as separate strategies. Instead, the infrastructure and security teams must converge their visions. As applications continue their cloud journey and devices become increasingly visible to everyone, secure networking that can tie everything together is critical.
The problem is that most currently deployed security solutions have two primary challenges. The first is they are only superficially connected to the network. And second, individual point security solutions deployed across the network, especially those from different vendors, simply don’t work together. As a result, when anything changes—adaptation and scale are the hallmarks of the modern hybrid network—security gaps are created, usually because the security device either didn’t recognize the change or was unable to adapt quickly enough. And as we have learned over these past two years, as businesses transitioned to a Work-from-Anywhere model, cybercriminals can quickly exploit those gaps to breach networks, steal or ransom data, corrupt systems, and disrupt business operations.
The critical importance of convergence
Most traditional security tools are designed to protect a single, predictable network segment. However, security systems can struggle to keep up when the network is in a constant state of flux—optimizing connections, redirecting workflows, adding new edges or endpoints, or scaling to meet shifting demands. Because each solution relies on its own set of configurations, rapid changes to the network can easily result in gaps in protection and enforcement.
What’s needed is a security-centric approach, and converging security with the network places security at the center of network decisions. This enables security to not just see changes but inform them so risky behavior can be prevented. It also allows security to automatically adapt its configurations, policies, and enforcement as part of those changes. Then, when the network has to suddenly scale, relocate resources, track mobile users or devices, or fine-tune connectivity, security is there. Security and the network can also operate collaboratively to securely redirect traffic or segment the network. And this collaboration is also essential for successfully implementing zero trust access rules that the network can help enforce.
Of course, because such convergence is essential for protecting today’s hybrid networks, vendors are suddenly claiming to be able to do it. But before you invest, you need to look under the hood. Does their solution truly support the routing, switching, and access protocols you need? Can protections and policies be applied consistently and operate natively across physical, multi-cloud, WAN, and OT networks and also support and secure home and mobile workers? Can essential networking and security policies be easily created, distributed, orchestrated, and updated through a single console? Does it include essential, fully integrated connectivity tools like SD-WAN, SD-Branch, ZTNA, and 5G? And does it also work seamlessly with cloud-based services like SWG and CASB? And does it include a complete portfolio of security solutions that each, in its own right, provides true, enterprise-grade protection?
Improving protection through consolidation
Not only do most security tools not integrate with the network, they can’t even talk to each other. Most organizations have collected a variety of security technologies from different vendors. Many were chosen to fill feature gaps or address a new security challenge. Others were purchased to protect new edge environments. But regardless of the reason, solution and vendor sprawl has become a severe challenge for many organizations. When each point solution must be separately configured through its own console, ensuring consistent policy deployment and configuration is next to impossible. So is detecting threats, especially when data needs to be hand correlated to detect suspicious behaviors.
Disconnected and isolated systems also make it impossible to implement network-wide automation. And automation is crucial in a digital world where cyberthreats are measured in microseconds. Even AI-enhanced solutions are less effective within such a fragmented framework.
Enterprises, small businesses, and service providers alike all need to eliminate their isolated point solutions and focus long-term on a converged, universally deployable platform that enables operational efficiency and security automation without time-consuming workarounds. It’s the only way to maintain visibility, centralize control, and implement AI-powered services to detect and respond to threats automatically.
Security must step up its game
Convergence and consolidation are the foundations of a successful security strategy. They extend visibility and control across the hybrid network and improve performance through efficiencies and coordination—especially when the platform (like every other special-purpose device) includes custom-designed security processors designed to accelerate essential functions, like inline operations and the inspection of encrypted traffic.
However, few security vendors are interested in addressing the bigger picture. Instead, they either focus on specialized devices that add to IT overhead, disconnected portfolios that simply shift the burden of multi-console management to a single vendor, or are banking on organizations migrating their entire operations to the cloud. Each of these strategies is a dead end. Embracing digital acceleration and the hybrid networks that make it possible requires applying the exact same principles to security—implementing a unified platform that integrates networking and security that can seamlessly scale, adapt, and operate consistently across the distributed network.
John Maddison is EVP of Products and CMO at Fortinet. He has more than 20 years of experience in the telecommunications, IT Infrastructure, and security industries. Previously he held positions as general manager data center division and senior vice president core technology at Trend Micro. Before that John was senior director of product management at Lucent Technologies. He has lived and worked in Europe, Asia, and the United States. John graduated with a bachelor of telecommunications engineering degree from Plymouth University, United Kingdom. Previous Columns by John Maddison:Tags: