The emerging security architecture

The networking and security markets are clearly converging. Security is a top of mind issue for the vast majority of companies, governments, and institutions and with good reason. They have all been witnessing increased number of security attacks and which are more complex and increasingly sophisticated in nature.

Market drivers including increased number of remote workers, migration of enterprise applications away from enterprise data centers, proliferation of internet of things (IoT) devices, mobility, and now 5G and Wi-Fi 6 are coming to the mix are all driving networking and security to convergence. Now network and security are not two separate discussions but these are now once single converged discussion. There is huge convergence of net ops and sec ops.

Applications are moving out of the data centre and into the cloud, more employees are working from remote locations than ever before, and data is being accessed from a wide range of company and personally owned devices. All these factors make it difficult for network and security administrators to know what applications and data are being accessed by whom as well as their usage. And what isn’t seen cannot be managed or secured.

There’s an ever-growing need for greater bandwidth. Business leaders also want to drive down cost. And now we have an army of remote workers numbering in the millions around the world. The likelihood is that many will continue to have some form of flexibility about where they work in the future, which means there’s a permanent problem to solve: the sheer numbers of people sitting outside of the traditional corporate network using the internet to access resources in the cloud, and how to optimize users’ experience and to help protect them and the data they use.

In recent years companies have adopted software- defined wide area network (SD-WAN) technology to help them better manage their network traffic and applications. In today’s challenged environment SD- WAN facilitates working remotely by taking advantage of internet and wireless broadband, alongside private network services, to deliver superior performance.

SD-WAN solutions offer near real-time performance monitoring of transport networks to make application- aware, policy-based network selections and steer traffic over the best available link.

Since remote workers depend on one residential broadband connection in their home, SD-WAN technology optimizes the available bandwidth by using traffic-handling techniques to throttle less-critical application traffic. This means that even if your children are participating in virtual classrooms, or streaming Netflix, your conference call will not be interrupted by poor connectivity.

There is also a need for what we call zero trust network access.

Zero Trust assumes that traditional access credentials are no longer sufficient to accurately establish trusted identities for user, device and application access.

Zero Trust is a security framework requiring all users, whether inside or outside an organization’s network to be authenticated, authorized, and continuously validated for security configuration and posture before being granted and keeping access to applications and date. This solution grants access only to the specific applications users require to complete their job duties, which in turn reduces the number of users that have access to sensitive data.

Enter SASE or Secure Access Service Edge, which is an emerging architecture that combines an organization’s network and security functionalities into a cloud service that operates closer to endpoints and distributes traffic quicker than traditional network services. By uniting an organization’s necessary network and security services – firewall as a service, secure web gateways, Zero Trust Network Access and Cloud Access Security Broker – into one platform, SASE aims to simplify network and security management.

As we look ahead, the fully formed solution that comes from intertwining these elements in networking and security technology is what’s being dubbed as SASE. This enables organizations to utilize the power of their network and security as a business enabler. Administrators are empowered to provide users with low-latency access to applications hosted at the data center or in the cloud, and to apply unified security policies virtually anywhere business is conducted.

Why is this important?

Digital transformation is driving the convergence of networking and security as technology teams realize the challenges of managing and protecting increasingly complex networks as well as the connections that support them. In addition, networking and security needs are changing for customers with today’s hyper distributed workforce as more employees are accessing the network from unique locations and a variety of devices. 

Organizations are looking to a solution based on SASE principles to solve these challenges through point product consolidation, identity-based access, and worldwide points of presence to support the new and highly distributed workforce. With this consolidated approach, enterprises can also help reduce operational costs by moving to a single cloud-delivered solution.

On the vendor front, it is important that the solution provider has a clear understanding of what businesses need as they modernize and transform their networks, including the importance of security being a critical component of any business initiative. The inclusion of around-the-clock management helps relieve the burden of deployment and day-to-day support, with Security Operations Center (SOC) analysts acting as an extension to a business’ network and security teams.

The right solution is the one that has intelligence built to enable and unlock multiple response actions that can provide SOC analysts visibility into network security, thereby allowing them to respond to alarms effectively and efficiently.

With the convergence of networking and security, organizations are struggling with managing and protecting applications and data accessing the network. Make sure that the solution provider has a heritage of providing integrated business solutions with managed services. It should also have best-in-class fiber and 5G connectivity solutions to deliver on the promise of SASE. The solution will provide visibility and management for a more resilient network, making it safer for businesses to adapt and innovate.

Businesses (especially large enterprises) have separate teams to manage their network and their security. Or, even a separate team for cloud or compliance. In these cases, it may be important to consolidate vendors and management platforms for the tools that each of the teams will be

responsible for.

Arun Karna, Managing Director and CEO, AT&T Global Network Services India