It seems that just about everything we do in business has been changed by COVID-19, and network security is no exception. A recent Gartner study revealed that 69% of boards have responded to COVID-19 with a call for increased digital business acceleration. CIOs and CTOs are focused on meeting this challenge and ready to fund it. Business leaders need to nurture emerging, evolving and expanding areas of digital expertise to increase customer value; it’s no longer just about fixing or avoiding problems.
So, here’s the question: How can network security be part of digital business acceleration and not a roadblock? How can security leaders meet these new security challenges with innovation?
The limitations of physical firewalls
As things stand today, network firewalls (a foundational piece of any security architecture) are actually getting in the way of new digital initiatives. Every large network has tens, or even hundreds, of network firewalls scattered about, each one protecting different tenants and their environments. All of these firewalls are physical appliances, which means they are a fixed resource that is complex and expensive to deploy, manage and operate. This leads to tension between network security and business innovation. Despite the best intentions (protecting the network), firewalls are hampering business agility. Unlike many other cybersecurity products, they remain stuck in the past – rigid, physical edge deployments.
So, what is the missing ingredient which will transform network firewalls into a simpler, more flexible application like other elements of network security? What can we do to avoid struggling with network firewalls so they don’t slow the speed of business? And, how on earth will it be affordable?
The new requirements for network security
First, let’s clarify the new criteria for network security so we can understand how to arrive there. The new digital initiatives being adopted by businesses need their security to be:
- Agile so you can keep network security in sync with the pace of digital business acceleration.
- Flexible so you can deploy in different scenarios (public, private, hybrid cloud) and extend security outside the organization as needed.
- Scalable so you can upsize or downsize the security services as needed or add new ones quickly.
All of this must be done while keeping the infrastructure light, not increasing the budget and protecting the business from cyberattacks.
The missing ingredients: virtualization and automation
What will make all this possible for network firewalls? Automation is the key technology advancement which we haven’t applied to this part of the network security stack. We’ve seen how, in other areas, automation brings speed and repeatability, reduces human error and quickly makes updates to whole networks. We need to apply this same ingredient to network firewalls. And to make automation possible, we must shift from hardware appliances to virtual firewalls. This lets us automate deployment so network security can operate at cloud speed and scalability.
It’s a one-two punch; use virtualization and couple it with automation to easily replace your physical network firewalls with virtual ones. There are plenty of partial pieces and separate tools available to enable virtualization, but they all require a lot of scripting and huge DevOps effort because they are not designed for the network firewall. They are all intended to protect workloads and applications. However, when you add automation at the infrastructure level, virtualization becomes simple and attainable for every enterprise. With an integrated solution for automation, you continue to use all the policy management tools you currently have in place. You don’t touch the firewall configuration or rules. The virtual firewalls remain within the private network, so the organization keeps their private network and multi-tenant environment, but they can now operate its network security at cloud speed.
The benefits of network firewall automation
It’s clear that network security needs to become agile, flexible and scalable in order to support business agility. It’s also clear that virtualization and automation are the keys to transforming network security. When you replace your existing physical firewalls with virtual ones, you maintain the same features and gain the all-important flexibility to keep pace with digital acceleration. And, when you adopt automation at the infrastructure level, you gain other business benefits:
- Rapid time to deployment: This is one of the biggest advantages of automation at the infrastructure level: no need for scarce engineering skills, no need to reconfigure the network architecture. It’s ready to deploy out of the box and takes a matter of minutes to set up.
- Reduced need for complex DevOps: There’s no ongoing training needed as you get to keep your current or preferred providers, and the system is integrated with your security and operations tools.
- Cloud-like experience: Like so many other areas of IT and cybersecurity, this new paradigm means that network firewalls can be managed like the cloud, making it familiar and accessible to all team members. Spinning up a new firewall becomes “as easy as the cloud.”
- Simple, centralized management: You cut the average provisioning time and complexity per event since all firewalls are controlled from a single, central UI.
- Significantly reduced TCO: Switching to virtual firewalls removes the CAPEX investment associated with physical firewalls, and automated firewall virtualization minimizes the need to use costly DevOps resources. Plus, you only pay for the capacity you need, driving down overall cost even more.
Network security leaders need to be active in the conversation around how to accelerate digital transformation and how to maintain a sustainable digital environment. If network security doesn’t keep pace with other changes in the enterprise, it’ll end up being a roadblock to business agility. The biggest shift needed is to convert the infrastructure layer from physical to virtual and automate the deployment across the network. We need to pull the benefits of virtualization and automation into the network firewall and make it as agile, flexible and scalable as other cloud elements. And because all this can be done at significantly lower TCO, automation of network firewalls offers a much more affordable route to the enhanced threat protection which our enterprises are demanding for their digital business.
Go behind the scenes of our customer’s real-world deployment to see how easy and fast it can be to increase business agility by automatically converting your physical firewalls to virtual one. Watch the video that shows how Corsa Security helped them use virtual firewalls to dynamically scale threat protection, inspect terabytes of traffic at a very low total cost of ownership and thwart command and control botnets.