Virtualization is no longer the buzzword it was just a few years ago. Today, at the enterprise level, the transition from hardware-based networks to software-based architectures has businesses seeing its value.
As more networks move away from hardware-based network foundations, more opportunities arise to alter our approach to network construction and management. This can help to ultimately reduce hardware costs, power consumption and downtime, while at the same time improve network management and operational efficiency. Security is a key area where this transformation is evident, and the timing is impeccable.
In a recent report from AT&T, 66% of companies surveyed admitted to being a victim of a data breach in 2015. It's sobering news for businesses that focus heavily on cybersecurity protocols and feel they are making the right security investments. However, if those investments don't already include a transition to a software-centric network and security strategy, companies should seriously consider it.
The reason? Adaptability and flexibility. Unfortunately, these are traits shared by many hackers and other adversaries poking holes through enterprise security defenses. As technology evolves, so do hackers' methods. When their tactics lose effectiveness, they quickly move on to newer ones. Matching their ability to adapt is where enterprises have to gain the upper hand.
Virtualized security functions help make this possible.
Virtualization inherently helps create a more dynamic environment for all designed functions -- and security is one of the most important. In a world where cyber threats and vulnerabilities are constantly changing, keeping up with a moving target can be a monumental task for even the largest IT teams.
This is exactly where virtualized security shines. For example, as security professionals and threat researchers identify thousands of threats each day, the network administrator is able to update a virtualized firewall's defenses to help block those new threats. And this all happens in near real time.
Through virtualization, many of those capabilities are automated, even threat detection. Advanced analytics programs can use huge caches of data to identify spikes in login attempts or other abnormalities, and react quickly to update security defenses. AT&T, for example, can search across 117.4 petabytes of data crossing its network every day to help identify and address potential threat activity for customers on the network.
With traditional networks, updates may require a complete swap of hardware. Imagine you had to identify the issue, order the part, ship the part, deliver the part, install the part, and so on; addressing a serious security flaw could take days, if not weeks. That doesn't even account for the potential costs and downtime.
If you could significantly reduce the time for deployment of security protections, why wouldn't you?
For many businesses, downtime is their greatest fear. Whether it's a minor disruption of business operations or major impact to the customer experience, it could have severe financial consequences. Distributed denial of service (DDoS) attacks are generally the easiest, most effective ways to bring an organization to its knees with an outage. Unfortunately, that makes it the most popular among even novice cyber attackers. In this case, virtualization's benefits are twofold.
An organization's virtualized network is less susceptible to downtime. The dynamic nature of the network helps detect the increase in traffic and rapidly scale capacity at a much lower risk. A virtualized network could concurrently help nullify the attack based on previously assessed data.
This type of software-based security allows networks to go beyond a single defense layer and helps protect each individual application and data set.
Compare the situation to a castle moat. These water barriers were traditionally an effective castle defense. As history and technology progressed, bypassing the moat became much easier. Castles needed to adapt with higher walls, more locks and bolts installed and more patrolling guards to prevent attackers entering from any angle.
When more organizations can say they've been breached than not, it's clear there's a need for more security in the networks. The shift to software-based networks drives the requirement to make security every bit as dynamic as the networks they’re helping to protect.
— Jason Porter currently leads AT&T’s cybersecurity business. He is responsible for the AT&T Security portfolio, consisting of network, premise, cloud and mobile security products, threat management and consulting. He leads a large team consisting of sales, product, marketing and consulting leaders. Follow the team on Twitter @attbusiness. Special to the New IP Agency.