Automation Makes Network Security a Much Bigger Priority
This article was first published by Light Reading.
Organizations across the globe are transforming their networks with intelligent automation, programmable optics and advanced software analytics capabilities to create networks that can easily adapt and respond to changing market demands. Despite the proven benefits of automation, there are still some concerns that must be addressed to ensure a successful network transformation.
According to ACG Research, most trepidation comes from concerns surrounding security, lack of intelligence/analytics and finding a skilled workforce that understands traditional telecom networks and new IT and software innovations.
Despite these concerns, companies are moving full steam ahead -- 75% of network providers expect significant or full
network automation within five years. Why? The benefits of automation will have a major impact on a company's
ability to meet customer demand and stay competitive, such as providing faster service delivery and support more
complex and innovative services. To ensure automation becomes a key differentiator, companies need to address any
concerns now, including one that is top of mind for many -- security.
75% of network providers expect significant or full network automation within five years.
Navigating networks operating in real time
Organizations today require a network that self-configures and optimizes so that it can adapt to constantly changing demands and potential security threats. If we think of networking like a map -- yesterday's network was a printed map. It included all of the information that one may need to get to a destination, but you couldn’t add context. Today, GPS apps allow us to add in preferences -- tolls, highways, shortest time, shortest distance, etc.
The network of tomorrow will include GPS-like qualities that understand the businesses' ultimate goal of prioritizing different types of traffic based on user and application, and then delivering that traffic to a specific destination by a specific time -- proactively providing updates based on occurrences such as increased congestion, etc., and dynamically altering a route based on potential security risks and real-time network information. This translates into a network system that configures automatically, adapting network traffic flows in real time to meet changes in demand, security considerations and service level agreements (SLAs).
The stakes are higher with automation
As automation becomes more pervasive, one concern is that the network can adjust its configurations too frequently and in inappropriate ways. For example, if a deliberate change via a hack occurred and there were no automation capabilities in place, the corrupted action would only happen once -- with the impact likely being limited in scope. If the same change occurred and was part of an automated process, it could be replicated thousands or millions of times in a short span of time, which could easily bring down a network.
As automation becomes more pervasive, one concern is that the network can adjust its configurations too frequently and in inappropriate ways.
So what threats are impacting the network today? MIT Technology Review went through six cyber threats that organizations "should really worry about in 2018," including cyber-physical attacks, huge data breaches and ransomware in the cloud. In addition to these wide-ranging security concerns, companies have to comply with new regulations such as the recently implemented General Data Protection Regulation (GDPR). While these concerns are not isolated to those implementing automation policies, it highlights why organizations can't afford a misstep when it comes to creating a next-gen network.
Looking deeper at security considerations
While there is no one-size-fits-all approach, here are some things to consider when moving towards an automated network:
- Intent-based policies, for example, ensure networks can react appropriately to changing user demands and unexpected issues, but complete control is not relinquished and policies can be changed if needed. Plus, to make sure the right people are making those changes, role-based access is also necessary.
- Another critical part of the security equation is encryption. While it's certainly not a new concept, encryption remains an important piece of the security puzzle as there is no foolproof way to keep unauthorized users out. To ensure all at-rest and in-flight data stays safe from being viewed, obtained or altered by unauthorized entities, encryption must be in place. Also, it is essential that only owners of the data and the end user should have full control of the encryption security parameters associated with their critical data.
- The use of analytics is crucial in ensuring a network can self-adjust to meet SLAs and bandwidth requirements in a cost-effective and timely manner. It is also imperative that analytics be used in the fight to keep a network safe. Having a greater insight into a network via analytics can help detect attacks in real time, as well as ensure the network is protected from a similar attack in the future.
Continue to put security first, without hindering innovation
While it's no surprise that security tops the list of concerns among companies looking to move towards automation, we also know security can’t be a concern only when new technology is implemented. There is no silver bullet for security -- it must be a top consideration at all times and become part of an organization's fabric.
When the right security measures are in place, it makes the automation process more secure AND improves the security posture of the organization as a whole.
As the network shifts, there is a greater level of control and added intelligence that is available and must be utilized. When the right security measures are in place, it makes the automation process more secure AND improves the security posture of the organization as a whole.