The Benefits of Shifting IT Security into the Network

By Carmelo Calafiore, ANZ Regional Director, Extreme Networks

Of the raft of changes that have taken place in the business world during the past few years, one of the most fundamental has been a shift to remote and hybrid work practices.

Network users are more distributed than ever before and require reliable, high-performance access to digital resources located both in on-premise corporate data centres and cloud platforms. And users expect the same experience when they access those resources, no matter where they’re located. It’s a trend that’s been dubbed the ‘infinite enterprise’.

Achieving effective security

This change in network landscapes brings with it challenges when it comes to achieving effective security. These challenges fall into the categories of cost, complexity, and scale.

Within most organisations, the cost of current security solutions is already high and rising. As enterprises become more distributed, additional secure access service edge (SASE) ‘bolt-on’ solutions increase these costs even further.

In addition, most existing security landscapes consist of a range of solutions that are loosely connected at best. They are not orchestrated together, are difficult to deploy, and are error-prone due to a lack of integration.

Further challenges are created by the fact that traditional virtual private network (VPN) security solutions for remote access are no longer able to keep up with user demands. They are not easily scalable and do not provide a frictionless user experience.

A different approach

The increasing need to support remote and mobile access for the majority of users has led many organisations to re-evaluate traditional security approaches. Increasingly, they are choosing to embrace a strategy of Zero Trust.

Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location. While Zero Trust is based on age-old security principles, it departs from the notion that users or devices can be trusted once they are inside a secure perimeter.

Instead, secure access is based on a least privilege principle at every endpoint. In essence, Zero Trust is a reimagined approach to access control, designed to offer protection within an evolving threat landscape.

A Zero Trust framework can incorporate a variety of cybersecurity principles that reduce reliance on defensive measures within an enterprise IT infrastructure. It involves protecting individual resources rather than focusing on network segments and validates all attempts to access those resources.

Networking and security

In the past, IT networking infrastructure and access security solutions have typically been treated as two separate entities. Networking infrastructures require protection which means security solutions have traditionally been deployed as overlay solutions.

As a result, organisations have tended to seek out security vendors that offer capabilities not provided by enterprise networking vendors. While they are often effective, these overlay security solutions can create operational challenges that are complicated, costly, and difficult to manage.

At the same time, organisations are experiencing a period of massive growth in data and the ongoing distribution of users. Organisations need to be able to scale their networks while also scaling their security capabilities.

Scaling two disparate things is very challenging. Scaling a network also becomes more complicated and costly when there is a need to also scale security solutions. The answer is convergence.

Security capabilities need to be baked into the network. By following a Zero Trust strategy, an organisation can achieve this without suffering from additional complexity and higher operational costs.

Zero Trust needs to be considered a key cornerstone of any dispersed corporate network infrastructure. It removes reliance on separate security elements and ensures that all resources are protected regardless of their location.

Users also benefit from following this strategy as they are able to securely and efficiently access the resources they need whether those resources are located within a corporate data centre or on a cloud platform. As well as improving security, this will also have a positive impact on productivity.

Overall, a Zero Trust strategy can simplify network operations across an organisation while at the same time increasing security. That makes it a potentially very valuable road to follow.

Carmelo Calafiore, ANZ Regional Director, Extreme Networks