The SSL Inspection Gap is essentially a problem of performance. Currently, enterprises have a single-purpose appliance which is made up of a fixed number of CPUs to inspect encrypted traffic. This means companies have a finite resource which is not able to effectively decrypt and inspect today’s high levels of encrypted traffic, leading to firewalls “burning” everywhere. All we have to do is look at the cloud to know that the way to keep up with the demands of scale is to horizontally distribute workloads and virtualize.
The math is simple: one CPU vs an unlimited number of CPUs. What has more ability? What can handle more work? The answer seems obvious, yet for network security the industry has struggled to come up with an easy way to scale out network security as painlessly as we scale out web applications. When you do, though, there are multiple benefits.
In the first of two blog posts, we’ll discuss five compelling reasons to virtualize your network security:
1. A Cloud-like Experience
Virtualization isn’t a new concept in the world of technology. One of the most successful examples has been the transformation of the data center into a cloud-based experience. We have the benefit of taking all the lessons learned from Hyper Converged Infrastructure (HCI) for storage so that we can make network security for the private network a cloud experience too. In other words, we know how to make network security software-defined.
2. Strategic Focus
Virtualization breaks the infamous 80/20 rule where 80% of your budget is focused on keeping the lights on, while a mere 20% is dedicated to innovation. With turnkey network security virtualization you benefit from an automated, self-service system with pay-as-you-grow scaling of traffic inspection. With this model, the management and provisioning of network security are greatly simplified, increasing the productivity of your team and allowing them to focus on high-value security activities.
3. Fast Provisioning
A virtualized system operates like “just-in-time” infrastructure. Scaling inspection capacity is simple; if resources become scarce, you are alerted by the system. All it takes is the click of a button to add more compute capacity, augmenting what you have. The additional resources are ready for use in minutes as opposed to the days or weeks it takes to set up hardware appliances. What’s more, the underlying infrastructure is invisible to the user –they can stay razor focused on security policy and managing threats.
4. Reduced Costs
Most security appliances need replacing after about 3 years. This involves running an RFP, research, and hours of due diligence, not to mention installation, commissioning, operation and maintenance. When network security is virtualized, you reduce both capital and operating costs since you don’t have to own and manage hardware. It also means your security team don’t have to worry about server CPU sizing or how to model your network accurately in order to purchase enough inspection capacity to last. You specify how much traffic you currently need to inspect, and with what kind of security profile, then the system ships to meet that requirement.
As a business grows, so do your network and security needs. Thanks to virtualization, additional inspection can be provisioned in a matter of minutes, granting companies the ability to deploy resources in an elastic fashion when demand dictates. No forklift upgrades or big network redesigns when you add employees, locations, or resources. This flexibility leads to significant improvements in Total Cost of Ownership (TCO).
While the cost savings of virtualization may be well-known, the advantages go much further. When network security is delivered as a turnkey, cloud-like experience, you benefit from a responsive, flexible system which grows with your company, freeing up your security team to focus on strategic priorities rather than fighting fires.
Check back in for PART TWO where we’ll outline another five reasons to virtualize your network security!