The shift to remote working during the pandemic has increased the demand for bandwidth. But as companies accelerated their digital transformations, it became clear that maintaining business resilience will require much more than faster connections.
Many legacy networks were already feeling the squeeze before the pandemic. The adoption of cloud platforms resulted in the decentralisation of applications and data resources, testing the limits of conventional hub-and-spoke network designs that have dominated for years.
“The whole network architecture is actually changing quite rapidly,” says Andrew Milroy, a cybersecurity advisor with Singapore-based consultancy Veqtor8.
As the pandemic took hold, Milroy witnessed how the transformation imperative caused companies to rework their connectivity strategies almost overnight.
“A lot of pressure is put on traditional network architectures and networks that were predominantly private. A lot of organisations have invested a lot of money in them.”
However, those networks “are no longer fit for purpose as we do more and more in the cloud and people work remotely”, Milroy continues. “So people are bolting on little bits to try and make it work – meaning that most large organisations have hybrid IT environments at the moment. It’s a real mess.”
That complexity is creating new challenges for companies trying to manage their networks. For example, a myriad of technologies now obscures the visibility of multiple IT environments that often span a number of private clouds and public cloud infrastructure as a service (IaaS) providers.
“For most companies, there’s a limit to what you can do when you’ve got a lot of legacy infrastructure to manage,” Milroy explains. “Just keeping up with the demand on the network is a real juggling act for companies that need the performance, uptime and security to meet their nonstop requirements around compliance.”
Reinventing network security
As well as increasing the performance demands of the typical enterprise network, the shift to multi-cloud digital transformation is complicating the enforcement of security policies across enterprise networks.
“The days are gone where you have your infrastructure locally behind a firewall,” explains Osh Ranaweera, Network Manager IT Service provider Somerville. “Once you’re part of the public internet, every device and every piece of network equipment you’re using is exposed to the outside world.”
Cloud environments each have their own security profile and methods of access control. That makes ensuring a consistent user experience – and consistent security policies – across these environments simply impossible without taking a step back for a broader view of security requirements.
There is good news, however: newer, more intelligent network environments offer a range of options to support those requirements by streamlining the way remote workers and cloud workloads are secured.
“Modern network automation and orchestration approaches deployed in cloud architectures dynamically adapt to changing network conditions and workload transitions,” notes Nicholas Harders, APJ Solutions Director with Aruba.
“They provide a level of network resilience far superior to what is possible with more traditional network management and operational tools.”
That automation is increasingly helping enterprises automatically deploy secure, intelligent digital workspaces that encompass business applications, security controls, and management services.
Such services can be sourced and integrated into the cloud with relative ease, says Simon King, Director of Systems Engineering with Cisco ANZ. Cloud-based malware detection, data loss prevention, remote browser isolation and passwordless authentication can be readily applied across hybrid networks using cloud services, King says.
“The ability to offer this level of security in a speedy timeframe is possible due to the enhanced, automated connectivity possible for existing IaaS and platform-as-a-service environments,” he explains.
“Overall resilience will be enhanced by increasing overall security of the environment using cloud-based security, while using profiles and central policy to enforce consistent protection wherever the network reaches.”
This new security model is becoming more widely accepted. “IDC’s research shows an increasing number of IT and line-of-business decision makers ranking investments in digital infrastructure resiliency as priority or top priority technology investments for the next two years,” says Mary Johnston Turner, IDC Research Vice President for the Future of Digital Infrastructure Agenda.
“As organisations begin planning for sustained support for hybrid work models, deeper digital engagement with customers and suppliers, and continued economic and social disruptions around the world, digital infrastructure resiliency is rising in its strategic importance to many enterprises.”
Increasing visibility and control over enterprise networks support growing efforts to improve security with platforms that have integrated a broad range of capabilities into a coordinated network defence.
Go where the skills are
Deeper integration of security and networking services is helping managed network providers elevate their customers’ security while letting them focus on outcomes, not on the details of security. These services include software-defined wide area networks (SD-WANs) and broad secure access secure edge (SASE) frameworks.
“What we use the internet for is rapidly changing, and from a security point of view, the internet itself has been heavily compromised” explains Somerville Founder and Managing Director Craig Somerville. “The security, end-to-end connectivity and resilience requirements over the top of that commodity platform is where the value is – and we are layering those technologies to ensure 100% availability for remote workers.”
Yet despite the undisputed importance of better network security, many enterprises will struggle to build the base of internal security skills necessary to add value to network services – and that, says Somerville, is where customers need the most help.
“Securing a network has become complex and challenging,” he explains. “As we adopt newer security technologies, there is a lot more knowledge required to be able to effectively implement and have visibility of them. Broad skill sets are already a challenge in most organisations, and will continue to be.”
For example, improving network resilience and cybersecurity were key goals for leading pipeline infrastructure solutions provider Interflow, which recently worked with Somerville to overhaul its network architecture.
The project also saw Somerville breathing new life into Interflow’s security practices with the implementation of firewalls, managed network services, and a comprehensive cybersecurity strategy. The latter was built around the Australian Cyber Security Centre’s Essential Eight Maturity Model and 37 strategies to mitigate cybersecurity incidents.
“Somerville helped us step up from our original solution into an enterprise-grade, site-to-site networking solution,” says Interflow’s IT Technical Services Manager Daniel Bogos. “That delivered a high level of cyber resiliency, and oversight and management across all of our networks. It’s robust, and we don’t even have to think about it.”
Want to learn more?
Read more in our whitepaper “A New Network for a New Normal: How to Build Resilience into your Connected Infrastructure”. Click here to read.