WHAT IS THE BLOG ABOUT?
Network development, cyber resilience, NaaS, Cisco Meraki SD-WAN
Part of the reason for this is that the IT market is also changing to a great extent, but so is the need for organizations to be able to provide services that meet the increasingly dynamic business needs. The network, which is the backbone of the infrastructure, is also undergoing the same development. The widespread adoption of network automation and analytics over the past few years has led to huge strides toward agility, flexibility, and security.
The trend shows that more complex organizations have achieved greater efficiency by automating user management, integrating network and endpoint devices with centralized management, applying preventive network and security policies, enabling cloud connectivity or remote troubleshooting, and introducing ticketing systems.
The change and the need for it originate from the direction of value creation, reliability and cost consolidation, even when examined from many aspects. In complete contrast to what is currently happening in the consumer markets. The world does not need 16K TVs, mobile phones with foldable screens, and numerous social media portals, because there is no content that would give them a reason. In contrast of them, the development of the IT infrastructure creates better conditions for working both on the side of entrepreneurs and employees. Hybrid work or home office is in many ways more advantageous than full-time office work, but outdated IT network concepts are less supportive of this method.
The most complex issue is therefore based on the network architecture and, among other things, its security. If we dissect the topic, everyone can agree that a system should be created that reduces the management tasks of the IT teams and rather expands the possibility of discovering and introducing technologies that further increase the efficiency of work and work processes. However, in today’s world, it is inevitable that we take our eyes off the technologies used even for a moment. The number of cyber threats and methods of perpetration is increasing every year, which overwhelms IT world like a phantom. Many people have experienced what it means when a ransomware encrypts an entire data set, but many have never encountered a breach of this magnitude. The concept of cyber security therefore means different things to everyone.
TECHNOLOGIES CREATING BUSINESS VALUE
The question is what do organizations, ITOps/SecOPs teams really want, what do they expect from their own network security? Simplified, automated handling? Robust protection? Or agility, flexibility?
Hybrid work, the shift to the cloud and increasingly insidious cyber threats are converging to create more complex tasks and create more serious problems, so IT teams need to be more prepared. They need a comprehensive, integrated security system in which different components share information and work together to accurately identify attacks and minimize organizational impact – without creating unnecessary friction for users or complicating the organization of workflows.
Businesses, networks, clouds and devices are becoming increasingly connected, which requires the creation of a next level of security adapted to the future of work. This is defined by cyber-resilience, and it is very different from the nonsensical, but well-marketed developments and solutions of consumer manufacturers that go against environmental awareness.
Let’s look at silly examples! A 2.5-ton, 3-4-liter, diesel hybrid, which can barely fit in a normal parking lot, does no better for environmental protection, safe and civilized traffic, or getting from point A to point B than most restrained vehicles have done so far. in recent decades. Smartphones that are “renewed” every year can’t add more to the experience of telecommunications with 100 megapixel cameras, because it’s not possible to take usable, distortion-free pictures without a suitable lens, but you still have to charge them every day, as was the case with the briefcase-sized 450 30 years ago. phones. And one could go on for a long time about the failed development directions, but that is not the goal, they were only mentioned as a comparison.
Cyber resilience is a real business, results-oriented perspective and recommendation for everyone. Because – returning to the point of the blog – network and security developments and infrastructure development must follow the goals by which physical and virtual devices and applications are better aligned with the necessary business models, support changing processes with scalable, flexible solutions and make them visible even the smallest activities of processes, networks, and users. This is necessary so that as many elements of the work system as possible are subject to automated and centralized management with the help of machine learning-tuned intelligences. In the event of any threat or force majeure, recovery is easier and faster, not to mention minimizing operating costs.
organizational needs: new technologies
Examining the technology side of network security, it will be necessary for every organization to switch to a concept that differs from the inherited concepts. From widespread peripheral monitoring, analysis of firewall logs, and IDS/IPS data management, it is necessary to switch to more holistic methods. Network telemetry, packet recording, and recursive DNS traffic data provide information that can be analyzed much better, while end-point monitoring and post-breach analyzes bring us significantly closer to the necessary protection solutions than could be known from data collected at the perifery of the network.
Since data is stored, processes and applications are run at and from physically remote, unpredictably determinable points in cloud-based, hybrid worker systems, security monitoring must cover the entire spectrum of network and access. General network security monitoring is usually associated with core networks or data centers, but should also be extended to access networks, distribution networks, WAN links, and branch office local networks following cyber resilience considerations. Moreover, and therein lies the maximization of awareness and protection against threats, if the organization also exchanges telemetry data with its business partners to get a better picture of the IT environment.
There is an obvious solution for improving network security, expanding flexibility and avoiding operational difficulties and planning operational costs. With every IT development, organizations increasingly strive for solutions used as a service, like cloud-based office applications, ERPs, computing centers, data storage. There are countless “-as-a-Service” solutions at the infrastructure, platform or application level, so why should the network be any different?
The network as a service is an existing solution, and although it is not new, we are still in the early stages of its utilization. In this concept, organizations can acquire and use network capabilities as a service, virtually anything that can be virtualized. The point is that in the cloud-based network-as-a-service (NaaS) model, organizations can flexibly and proactively use network resources without having to own, build or maintain the infrastructure themselves. NaaS is a trend that has great potential to reshape the industry in the coming years.
The motivation of the NaaS solution lies in the development of the vision of the future. ITOps/NetOps teams represent a significant expense in the operating costs of organizations. Nowadays, it is common for IT specialists to take on jobs for 5-10 times the salary of the average office worker, and their retention also causes problems. In the event that an organization maintains a smaller team with the given budget, the chances of retaining specialists are more likely. To do this, the workload per person must be reduced, the only reasonable way to do this is to develop IT as a service. The NaaS model – together with other ‘aaS’ solutions – ensures access to the latest technologies and capabilities without internal or local development, installation or testing. It drastically reduces the life cycle loads of the network and qualified professionals could focus on innovation and new projects. In the NaaS model, professionals almost only have to deal with how they can integrate new technological opportunities into the existing system and use them to improve the business. From the HR point of view, this can provide inspiration for the professional, as it pushes their work in the direction of creativity, leaving the monotony behind. And if we look at the NaaS model from the technology side, then by definition it offers the opportunity to exploit the latest capabilities. While a phone with a foldable screen is of zero benefit to an organization’s future, network security and dynamic new technologies can provide real business benefits. A well-planned cyber attack cannot cause as much damage or downtime as a local system could, and work processes can be adapted more dynamically to changing business needs.
THERE ARE PLENTY OF OPTIONS
Where there is no plan for NaaS as a network solution, there is no need to worry that the network is less supportable based on both security and operational aspects. Cisco Meraki makes maximum use of both aspects with its solutions. What’s more, Cisco Secure products can be extremely easily integrated into a central cloud system, with which the SD-WAN architecture and the clients of hybrid work can be maximally served by the relevant recommendations of cyber resilience. The difference is that expansion or scaling options must be taken into account when planning the life cycle of ground service devices and when building the network.
However, what cannot be omitted in the design and implementation of any concept is that security, flexibility, and scalability cannot be a “patchwork” solution. These inherently require centralized, integrated implementation. Furthermore, it is necessary to strive for standardized, unified systems, which do not require dozens of hard-to-find professionals with specialized knowledge. Whether a system is cloud or physical, it is not only what knowledge and capabilities you have that matters, but how simply and cost-effectively it can be operated. Why is it important? Because they have to be able to manage interconnected services on a single system interface, and with their automation capabilities and intelligence support, to be prepared to act against threats, and in the event of an attack, to be able to prevent damage and begin recovery with coordinated response measures.
Since 100% secure IT systems and networks do not exist, it is also important to emphasize that a high degree of cyber security is not a state, but an endless process. The solutions that provided maximum security two years ago are also outdated, and cybercriminals are looking for ways to outwit them at every possible point. Cloud-based network and security equipments can therefore mean greater security, since updates are done automatically, and there is no need to worry about delayed or missed maintenance at the organization.
recommendations FOR NETWORK DEVELOPMENT
Finally, in relation to network security developments, it is worth mentioning that planning and implementation require an engineering approach, as it is made up of many complicated steps, not to mention the fact that it requires a detailed preliminary assessment and consultation by experts. When planning, business and economic aspects must also be taken into account, and their impact onto the life cycle must be considered. Our experience shows that even the best-trained IT administrators cannot necessarily meet all points, just as not a single specialist in specialized companies carries out the assessment, planning and implementation. In the case of the latter, for example, a careless cable fastening can also cause serious problems in operation. In order to achieve a cost-effective and reliable implementation, we recommend the involvement of qualified network security experts and network architect professionals for the entire phase of the project.