By Nick Alevetsovitis
As we enter the second half of 2021 and people begin returning to the office, two essential—and very different—narratives are emerging.
The first is a growing sense of optimism across Canada. Vaccine rates are higher, the economy is recovering, and there’s a consensus that the future seems brighter now than it has since the start of the pandemic. There’s also a lingering sense of worry. Yes, businesses are heading back to almost normal. But the world of work in Fall 2021 is a very different place than it was in Fall 2019. IT leaders face a new world built around long-term hybrid work models—and the networks needed to support them. Supporting them requires ensuring access, connectivity, user experience expectations, and the security that must span the campus, the datacenter, the multi-cloud, branch offices, and remote workers simultaneously.
The evolving network is challenging enough from an IT team resource and budget perspective. But add in the evolving cyber threat landscape, and it’s clear security teams have their work cut out for them. However, far too many organizations have approached implementing and protecting their evolving network with a piecemeal strategy that has left their IT team reeling. Scores of solutions from dozens of vendors, most of which do not interoperate at even the most basic level, lead to fractured visibility, limited control, and security gaps that cybercriminals are more than eager to exploit.
That’s why I advise organizations not to get bogged down trying to address issues one at a time. Getting caught up in the minutiae of individual challenges is an easy (and common) way to lose sight of the bigger picture. Instead, IT teams need to not think in terms of creating a dynamic and scalable foundation that can adapt to any need or demand placed on it. In other words, a strategy perfectly suited to today’s hybrid work world.
Often, this begins with a universal platform approach that can span the entire attack surface. Deploying the same solution everywhere, stitched together by a common management and orchestration system, provides visibility, granular control, and consistent policy distribution and enforcement across not just one segment of the network but across all network edges. And ideally, in addition to tying all security policies and solutions together, it can also weave security and network functionality into a unified, security-driven strategy that can automatically adapt to constantly changing network parameters.
Taking a universal, security fabric approach ensures that organizations can cover their immediate security and network needs and provide enough flexibility to scale and adapt as their needs evolve. For example, while implementing SASE, SD-WAN, or a Zero-Trust strategy may not be in the cards today, knowing that a clear and easy transition is an option when that day eventually comes can be a strategic advantage. Rather than ripping out and replacing a rigid network or system every time you outgrow it, organizations with an adaptable, future-proof platform can simply and seamlessly transition to a more advanced strategy.
One of the most essential elements of a universal platform approach is the next-generation firewall (NGFW). The impact of COVID aside, digital innovation has made today’s networking environment more complicated than ever. Networks are dynamic and porous, with points of access, network edges, and endpoints multiplying at an unprecedented rate. IT leaders must have core capabilities at their disposal—deployed everywhere the network is—to handle the risks inherent in this new environment. This includes such things as high-performance decryption, deep packet inspection, detection of malicious URLs. An advanced NGFW will also natively have things like access controls, zero-trust network access (ZTNA), secure SD-WAN, anti-DDoS, and tools designed to detect and stop things like ransomware attacks, such as behavioral analytics, identification of command-and-control activities, and sandboxing—all wrapped in a single-pane-of-glass management system.
Performance is another essential concept in cybersecurity. Today’s businesses run on applications, so maintaining optimal user experience is vital. Last year, many organizations were reminded of the challenges in providing fast and seamless access to critical resources while keeping users and data protected. Networks were inverted, and secure remote access needed to scale overnight. Far too many organizations were caught flatfooted, suddenly spending significant amounts of time and money on quick fixes and workarounds that now need to be replaced with a permanent solution.
The lesson learned is that performance is vital when securing increasingly complex and bandwidth-hungry networks, applications, and services. And it’s not going to get any better. Hybrid networks, smart systems, and edge computing—all powered by 5G and beyond—mean that security must be able to keep up. Unfortunately, not just “any” firewall can do it properly.
Every other industry has spent the last decade designing advanced, purpose-built processors to accommodate this relentless need for speed. Smartphones, graphics processors, cloud servers, IoT devices, and even self-driving cars all feature custom processors that enable our world to operate at digital speeds. Likewise, organizations need to look for ASIC-based NGFW appliances designed and optimized to deliver maximum performance when securing today’s world of converged networks and security.
Such processing power also allows NGFWs to leverage AI and machine learning functionality to conduct deep inspection in real-time. Advanced technologies like AI helps security systems see and even anticipate attacks and more effectively coordinate threat responses to shut down cybercriminals before they can achieve their objectives. But this requires power that tools built using off-the-shelf processors will soon be unable to provide. And, as budgets tighten, advanced performance combined with the ability to seamlessly converge and accelerate networking and multiple security functions into a single solution. This will reduce costs and improve protection while optimizing user experience.
As we enter the new world of hybrid work, broad, powerful, integrated, and automated solutions aren’t just nice things to have. They are essential components of the next generation of network security. And for most organizations that starts with a high-performance universally deployable platform designed to deliver consistent security across all networks, endpoints, edges, and clouds.
Nick Alevetsovitis is VP, Enterprise and Commercial Sales, Canada for Fortinet