Security Should Not be an Afterthought and Neither Should Networking

Abstract background with interweaving of colored lines and dots. Network connection structure. Data exchange. 3D rendering.

Computing is no longer just in private, public and hybrid clouds. It’s more distributed than ever before and can be found on the enterprise edge, branch offices, connected platforms and just about anywhere data is used.  This has led to an explosion in the number of network edges and more ways for threat actors to breach networks. Complexity, the need for consistent performance from any location, and the inability to keep pace with the threat landscape is overwhelming the in-house capabilities of many organizations. 

Author: Jonathan Nguyen-Duy, VP of field CISO, Fortinet
Author: Jonathan Nguyen-Duy, VP of field CISO, Fortinet

This is where an MSSP’s expertise in networking, security, and the cloud, as well as access to scarce skillsets, the latest technology and threat intelligence really comes into play. In addition, demand for MSSPs is growing because of the realization that networking, security, and compute must work together to deliver better user experiences and business outcomes. 

Here are some considerations for MSSPs as they develop the next generation of converged solutions.

SD-WAN Is Foundational for Networks

You cannot think about cloud without considering how to access cloud resources. This is where Software-defined Wide Area Network (SD-WAN) comes in. SD-WAN is the foundation for today’s networking strategy because its intelligent routing across broadband, wireless and MPLS, helps ensure optimized access. But it's not just about access, it's also about security.

The cloud, cloud adoption, and digital transformation—the big story—represents the need for consistent networking and security performance to deliver the promise of the cloud. This is reflected in the macro trends around platform consolidation, cybersecurity mesh architectures, and Secure Access Service Edge (SASE). Technology and strategies are aligning with the need for a convergence of networking and security – what Fortinet termed Security-driven Networking over a decade ago.  

Working in Concert

Organizations and IT teams are beginning to realize that their challenges and threats don’t occur in silos and yet they operate in silos, with separate tools, procedures, and internal organizations.  The practical reality is that this is an unsustainable operating model as the volume, variety and velocity of data and threats grows. It’s easy to see why enhanced user experiences and business outcomes require all three elements—cloud, security, networking to work in concert.

Therefore, a cloud-first strategy means taking networking and security into consideration from the outset.  Security shouldn't be an afterthought, and neither should networking. As networks become more distributed, spanning private, public clouds and the enterprise edge.  It’s critical to think about networking, security and computing holistically, rather than siloed operational stacks.    

Securing the Edge

Going forward, demands for faster data collection, analysis and utilization will increasingly drive computing closer to the enterprise edge – where it’s needed.  Edge computing is just the latest manifestation of more distributed computing in private clouds, public clouds, hybrid clouds and now on the enterprise edge.  The challenge now is how to consistently connect and protect these computing nodes – irrespective of location.   

It’s important to note that the edge is just the latest iteration of computing – which is always moving between the dynamics of centralized and distributed computing.  What’s key is understanding that networking and security always adapts to the compute, wherever it is located.  In today’s environment, MSSPs must find vendor partners that can enable solutions across a highly distributed and diverse network ecosystem.  

You really can't think about these elements separately. In fact, architecting a digital infrastructure that spans LAN, WAN, data center, cloud and the enterprise edge requires considering how to integrate networking, security, and compute up front.  Doing so can help MSSPs make the most from vendor and platform consolidation.  By following the first principles of reducing complexity and consolidating wherever possible, especially from point products to platforms, MSSPs can reduce the challenges and costs of managing multiple vendor contracts, licenses, and staffing requirements.  Accordingly, standardizing on a few strategic vendor platforms is a very effective way to improve scalability and deliver better, more consistent outcomes. 

Cloud Strategy Success

The success of your customers’ cloud strategy isn't just about migrating the applications to a cloud or hybrid cloud. Ultimately, success is based on how well it delivers improved user experiences and better business outcomes. And what you see again is that networking, security, and the compute all must work together.

That's what we're seeing right now when CISOs and CIOs talk about integration and convergence. They’re talking about having a single pane of glass and not a single glass of pain. Indeed, they’re outlining the solutions that will be table stakes for MSSPs. There is a demand from the marketplace for a unified dashboard that presents holistic view of what's happening in networking, security, and the compute. 

What It’s All About

For many organizations, the typical cloud strategy starts with adopting SaaS and is usually followed by migrating less critical applications.  Ultimately, the result is often a hybrid of private and public clouds, as well as SaaS and edge computing.  Combine this situation with the approach of adding security and networking solutions as afterthoughts, and you can quickly see a level of complexity that simply overwhelms in-house teams.  Complexity, as well as access to the latest technology and scarce skills are the key reasons why organizations of all sizes are looking to MSSPs for some, or all, of their security requirements.  

For MSSPs taking up this challenge, it requires a platform-based approach that integrates networking and security to work in unison with computing – in private clouds, public clouds, on the enterprise edge, or some hybrid combination public/private infrastructure, platform and software.  The practical reality is that MSSPs can’t deliver such tightly integrated solutions with the legacy approach of using dozens of vendors, point products, customized automation and manual work-arounds.  Remember, it’s not just security that can't be afterthought. It's really thinking upfront about SD-WAN and security to enable you to ensure the success of your customers’ cloud strategy.

Author Jonathan Nguyen is VP of field CISO at Fortinet. Read more Fortinet blogs hereRegularly contributed guest blogs are part of MSSP Alert’s sponsorship program.