The Convergence of Security and Networking is Driven by the Hybrid Workforce
Much has been written about the convergence of security and networking. Often the focus is on one side or the other. Networks need to be more secure. And security needs to take the network into account. But what’s often ignored is that the convergence of security and networking is driven by the needs of a hybrid and distributed workforce. And networks and security need to evolve—and converge—to meet those needs.
Case in point: because of the pandemic, more users are working from home. And each of these remote users is their own “branch of one,” so security not only needs to focus on the edge more than ever, but it must work seamlessly with connectivity to ensure secure and timely access to critical applications across highly volatile and unreliable connections. The working from anywhere trend is just one of the many network transformation pressures that are increasing the number of network edges. Your edges are no longer just a branch or a campus, they are widely distributed. It’s at home, or in the car, or in the coffee shop. It’s in private and public clouds. It’s the campus and data center edge. It’s the branch office and the home office. They all need fast and reliable connections. And they all need to be secured ideally by an integrated platform approach where all connection talk to each other and can be holistically managed.
In today’s dynamic environments, it’s extremely important to implement a security-driven network strategy, where networking and security function as a unified solution to deliver consistent and reliable connections, protections, and user experience from any place in the network, whether it’s SD-WAN, access points or switches, secure access service edge (SASE), or any other networking solution. And that networking and security functionality must be applied consistently everywhere, regardless of WAN transport such as broadband, satellite, LTE/4G/5G, or MPLS, so policies can follow users, applications, and data.
Changing Architectures
The whole network architecture has shifted because users and applications have shifted. And with everybody now working on their own separate—and often mobile—edge, (SASE) plays a big role. It ensures that no matter where users are, security is always an integral part of their cloud application access and use. But while some are saying the SASE market will edge out SD-WAN, that couldn’t be further from the truth. With very few exceptions, networks are a hybrid collection of physical and cloud environments, and for security policies to span the network edge to edge, SASE cannot operate in a silo.
To ensure that SASE seamlessly integrates with the rest of the network, one of its core components is SD-WAN. This helps ensure quality of service, optimizes user experience, and helps integrate cloud-delivered security and services with the physical solutions at the edge of the network and even deep into the local LAN using SD-Branch. And to do this effectively, a SASE solution must truly converge security and networking. They shouldn’t just be stitched together; they should operate as two sides of a unified policy.
The Benefits of Security-Driven Networking
Adopting a security-driven networking philosophy has three core benefits. The first is that it ensures high quality of experience for users by accelerating application performance and maintaining optimized connections with self-healing capabilities. And it does this securely, adapting security policies and enforcement as connection parameters change to eliminate critical gaps in protection.
Secondly, accelerated convergence brings advanced routing and security to the entire connection, handing off connection protocols and security policies between edge networks, SD-WAN and SASE connection, multi-cloud networks, and campus and data center perimeters. This unified approach, enabled by an integrated and automated security platform that can be broadly deployed in any environment, provides flexibility across every edge, whether on-prem, off-network, or cloud delivered.
Thirdly, security-driven networking offers more efficient operations because you can add branches—even the branch of one—in minutes. And because they are automatically part of a unified security fabric, any issues anywhere can be immediately discovered, analyzed, and corrected. Adding a ubiquitously deployed security fabric to a security-driven networking strategy allows it to be seamlessly scaled to thousands of sites, helping organizations protect the entire digital attack surface while maintaining high user experience.
Keeping it Simple
For organizations to adapt quickly to today’s digital business requirements, networking and security have to function as a single system. And because it can be deployed anywhere, organizations have the ability to use security on-prem and in the cloud with the full expectation that security policies and user experience are consistent in every corner of the network. If you’re not looking at your digital innovation efforts, especially the adoption of new network technology, through a security lens, then you’re setting yourself up for a far too complex and far less secure network.
And to function at the new speeds that users require, these solutions also need to be augmented with artificial intelligence (AI) and machine learning (ML) to detect suspicious behavior, determine if it’s malicious, and initiate a coordinated response across the network. But pulling this all together requires a vendor with years of experience in security, networking, the development and training of AI systems, and a proven track record of innovation.
Those who cannot are forced to sell you what they have. You will find vendors who say everything is in the cloud or everything is on-prem because that’s all they deliver. But today’s reality is that you need consistent enterprise-grade security and network availability and connectivity that can span the most hybrid of networks. It’s the only approach that enables any user on any device to access any application or other connected resource, regardless the location of the device or the data. In the end, the goal is always to keep users happy, and that is only possible when everything is running securely and consistently, all the time, everywhere.
Take a security-driven approach to networking to improve user experience and simplify operations at the WAN edge with Fortinet’s Secure SD-WAN solution.
Copyright © 2021 IDG Communications, Inc.