Channelling the shift in securing networks

Man in suit with graphic representing people in a network

The heterogeneous nature of most organisations’ IT systems and networks today means the channel must rethink traditional approaches to keeping their clients’ environments secure.

Over the past decade, organisations have increasingly adopted virtualisation and cloud-based systems in a bid to boost their agility. Indeed, it’s now possible to virtualise the entire computing stack – servers, storage, network and security. This has given rise to the software-defined datacentre (SDDC), which can be entirely managed and configured centrally through software, with unparalleled flexibility and speed.

But moving to this new paradigm is rarely a rip-and-replace exercise - most firms are making the transition gradually. Today, they typically have a mixture of systems running on (variously) traditional physical servers and networks, in-house virtualised kit (or private clouds), and public clouds such as Microsoft Azure or Amazon Web Services. Managing this complex, multi-vendor environment presents them with considerable challenges, particularly around ensuring systems remain secure and compliant. This is where the expertise of the channel can help customers bridge the gap until we move to a software defined utopia.

If we look at the enterprise firewall market, which protects heterogeneous networks, it’s estimated to be worth $8.41bn by 2019 (by Markets and Markets). Given the speed at which growing organisations introduce new applications onto the network, there is an opportunity for channel partners who take an app-centric approach to network security to educate customers in the evolving security needs, and provide top-to-bottom visibility of network activity.

Traditionally the primary function of a firewall was to transport traffic from IP A and IP B, whereas next-generation firewalls talk to an application or user ID across the network. Next-generation firewalls have recently become an essential part of business evolution as they allow for investment in new applications that can propel growth and put a business ahead of its competitors.

Currently many customers do not have the central control or network visibility that would allow them to take advantage of new firewall capabilities. Without clear visibility, ITOps can’t see where the risk lies or policy changes that need to be made in order to effectively protect the business. Manual sifting through the network and configuration of firewalls will identify risky areas, but not always in time. It is a time-consuming and dangerously inefficient process, particularly as the raft of vendors and APIs increase.

Not only does this escalate the risk of human errors and omissions, but when the business demands any changes to an application it may have to wait weeks before all the necessary configuration changes are made. In other words, it’s causing a serious bottleneck that’s preventing firms from realising the full agility benefits of virtualisation and the cloud. What they need is a way to visualise and manage the entire network – including all those heterogeneous components in the physical datacentre – through a ‘single pane of glass’. And that’s what channel partners can offer them with security policy orchestration tools.

This step-change in the way network infrastructure operates means that the channel must tell a suitably evolved story in order to be successful. Traditionally some channel partners have shied away from technology that offers improved efficiency, fearing an impact on their professional service offerings. However, such tools are increasingly less of a ‘nice-to-have’ and more an essential investment for business agility. Channel professionals that do not embrace these solutions risk losing out in competitive business pitches.

Such tools have been around for some years now, and the best have reached a level of maturity that will effectively allow firms to orchestrate (and automate) their entire security policy. They create an abstraction layer that hooks into the APIs of multiple vendors’ systems and allows organisations to visualise and manage network security simply, across all parts of their infrastructure – physical and virtual, on premise and remote. They can be flexibly configured to understand and apply a security policy across a heterogeneous IT estate, triggering alerts when there’s a potential security risk or compliance breach, and making configuration changes automatically if desired. They also give clients complete visibility over their applications – monitoring connectivity changes and showing how these affect specific security and compliance policies.

There are other compelling benefits too. First, these tools greatly ease the process of migrating applications or of replicating them elsewhere to provide resilience or disaster recovery facilities. They also speed up the modelling, deployment, decommissioning and troubleshooting of applications and ease the auditing of firewalls and applications. They also dramatically reduce the cost of firewall operations, improve communications and understanding among IT security, development and operations teams. And crucially, they cut the time it takes to make any changes from weeks to less than a day.

Investment in a ‘security solution’ is no longer enough. Modern network management must be positioned and approached as a core business tool. One that can do more than simply automate business security, but one that can deliver a scalable, intelligent solution that moulds itself to the fast changing environment of enterprise infrastructure.

By helping firms virtualise security across mixed, multi-vendor environments in this way, the channel can ensure clients’ complex, heterogeneous networks are always as secure and compliant as possible, while also helping to bring about a quantum leap in customer’s IT and business agility. If embraced it can put channel players in a position they want – as a trusted advisor. In educating customers in their approach, channel partners can demonstrate the clear benefits of infrastructure efficiency, consistency and automation in order to stay ahead of the competition.