Networking and security used to be largely separate IT methodologies. They were even built separately. Traditionally, networks were constructed on standard building blocks (switches/routers etc.) and security solutions such as perimeter firewalls, intrusion prevention systems and the like, applied afterwards.
As such these two key areas of operational technology could effectively be treated as separate domains by businesses, each with their own set of tools, strategic approaches and dedicated operational teams. IT security departments typically focused on the delivery of time-honoured threat detection methods and perimeter-based security defence mechanisms as well as incident response and remediation. Networking teams were more concerned with issues around latency, reliability and bandwidth.
That’s invariably not the case today. There is now a huge overlap between the two areas. That overlap is being driven by a range of factors. First the move to more hybrid networks – physical-vs-virtual-vs-cloud – means that traditional approaches simply cannot cope with the scale, automation requirements or the rate of change.
Most modern networks combine the use of physical data centres, bare metal or virtualized servers, cloud platforms and containers – and all of them require (at least) the same level of security. By basing an approach on security function such as policy consolidation, micro-segmentation or cloud access brokerage rather than point products and ensuring all the functions integrate into a framework, providers and their customers can deliver a holistic approach to security that ensures the whole is greater than the sum of the parts irrespective of where the data or application resides.
Second, the rapidly escalating cyber-security threat has led larger enterprises, in particular, to implement a wide range of security services from anti-virus and anti-spam software to next-generation firewalls and intrusion prevention systems. But that can cause issues with network latency. In an age where traffic volumes are continuing to ramp up, especially with the exponential growth in Internet of Things (IoT) devices, that can be a serious concern. For this reason alone, it is no longer viable for many businesses to treat networking and security entirely separately.
In addition, enterprises today often need to roll out new services or applications quickly and extend existing technologies or products into new geographical or vertical markets to stay ahead of the competition. That in turn means they will need to quickly and cost-effectively reconfigure and update security networks, and security and network policies across many locations. Again, it’s more viable for them to do this if they have already integrated the two sets of devices and approaches.
Largely because of these trends, we are increasingly seeing a change in terminology from ‘network security’ to ‘secure networks’. Moreover, it is becoming increasingly common to think about the network itself as a security enforcement platform.
Switches, in particular, are increasingly being used as policy enforcement points of security in this new era of secure networking infrastructures. So, when a business decides to microsegment its network, perhaps even down to a single server rack level, that top-of- rack switch now becomes a security policy enforcement point. That enhanced control is giving businesses many more options. In the event of an incident, they could decide to shut down the port, move the traffic onto a different virtual LAN (vLAN), or apply encryption to it, for example.
Driving Down the Security Enforcement Point
To be successful over the long-term, this kind of approach needs to be open and inclusive. Few networks are homogeneous – nearly all will have a mix of different vendors’ equipment – and all that equipment needs to communicate and operate as a cohesive, standards-based unit. This is especially important since network intelligence – “wisdom” if you will – can then discover or predict threats and feed this information into a security policy creation function. By abstracting security policy creation to a centralised point and automating it, businesses can utilise network devices as dynamic security policy enforcers – right down to the point of connection.
That’s just one - albeit key – way in which organisations can benefit from blurring the boundaries between networking and security. When you look at the whole picture many others emerge. Embedding security into the network reduces operational overhead, increases visibility and helps generate meaningful intelligence for the business. By standardising security policy across the landscape, there are fewer errors and less time spent troubleshooting. It also forms a solid foundation layer for a level of automation or, indeed, moving to a full software defined security network.
From the pure IT perspective, key benefits of this approach include the ability – in an integrated world - to reduce management overheads and the associated costs and the opportunity to reduce configuration errors using common policy and automation.
Bringing together networking and security also makes it easier for the IT team to facilitate a migration to cloud services, where appropriate, and to achieve improved visibility across the network, thereby reducing the time associated with troubleshooting and resolution.
From a broader business value perspective, the benefits are even more extensive and include the opportunity to reduce risk through the delivery of consistent security across all platforms; and the chance to reduce costs through a simplification and automation of security policy. A streamlined approach to integrating security and networking can also be key in achieving compliance, helping to meet the demands of regulations such as PCI and GDPR, for example. Combining security and networking across a single platform can also be key in protecting current investments and avoiding the need for large scale upgrades.
Bright Future Ahead
We are living in an age where there are already blurred boundaries between networking and IT security and, over time, those boundaries will blur further as these two key elements of modern technology systems become inextricably entwined. This development will be overwhelmingly positive both for solutions providers and for their end customers who will reap the rewards in terms of lower costs; better operational efficiencies and of course, reduced risk.
Dave Nicholson, Technical Sales Consultant, Axial Systems
Image Credit: Hywards / Shutterstock