Cyber security and networking have been on a collision course for more than a decade. These two disciplines have historically operated in silos in which network engineers did network things and security practitioners focused solely on protecting threat protection.
The two groups were often at odds with one another as security tools and processes often got in the way of network and application performance. These opposing goals have created a fair amount of animosity between the two groups. I’ve actually experienced this prior to being an analyst; I was in corporate IT and was a network engineer for years. I always believed the security team didn’t fully understand our challenges, although I’m sure they felt the same way about network staff.
Network and security have been at odds for decades
Because network and security both play critical roles in businesses, there has been a strong desire to bring these two functions together. If network and security were to actually work together, the goals of the groups could be aligned, creating greater efficiencies for both. The reality is, over the past decade–while there has been plenty of chatter in bringing network and security together–the market has moved slowly. However, a combination of digital transformation and the COVID has sped this up.
This shift to work from anywhere has made cloud and mobility the norm for almost every business service, and this requires a highly reliable network and security. This has caused more and more network and security vendors to cross over into the other domain.
SASE is a great example of this, because it’s based on cloud-managed and/or delivered network access and security functions. Recently, there has been a flurry of vendor activity that is helping accelerate this trend. Detailed coverage of three of the main news items are in my latest ZKast video, done in conjunction with eWEEK, but I’ve provided highlights below.
Arista stakes its claim in security
Arista Networks has been the performance leader in networking since its inception. Late last year, it acquired a network detection and response (NDR) vendor, Awake Security, that uses machine learning to find network anomalies. This was Arista’s first foray into security. Last week it announced an expansion to its Macro-Segmentation Service called MSS-Group, targeted at simplifying the process of segmenting IoT devices using zero trust.
The addition of MSS-Group and zero trust moves Arista from being a network vendor that happens to sell security to network engineers to a legitimate security company, whose products can be used by networking and security professionals helping bridge the gap between the two. A complete writeup of the announcement can be found in this eWEEK post.
Cisco integrates security into AppDynamics
In 2017, the de facto standard for networking, Cisco, plunked down $3.7 billion for AppDynamics, an application performance management vendor. This made a lot of people go “huh?” Cisco is known for a lot of things, but applications isn’t one of them. After a couple of years of running the business as a standalone unit, Cisco has been very active integrating “AppD” with other parts of its portfolio. Last year, Cisco announced AppD integration with Cisco’s IT Operations platform, Intersight. It also integrated AppDynamics with its ThousandEyes Internet monitoring solution.
Last week, Cisco announced it had integrated its Secure Application Software into AppDynamics. The combined product protects applications from the inside out, instead of having to secure them with external tools. This combined solution ensures security as well as maintains a best-in-class application experience. Typically, security is at odds with application performance and is often thought to get in the way. The AppD – security integration provides a best of both worlds.
Fortinet continues to make moves in networking
There is perhaps no vendor that typifies the integration of networking and security better than Fortinet. The company is known as a top-tier security vendor with one of the broadest product portfolios in the industry. During the past several years, the company has been quietly building a strong set of network products, and this is starting to bear significant fruit.
Last week the company announced its Q4 earnings, and the company crushed its already strong forecast. Fortinet delivered Q4 revenue of $748 million, up a whopping 21% from a year ago. This was well ahead of the $722 million the street had been expecting. Its earnings of $1.06 a share was also a strong “beat”–analysts were predicting $0.97 per share.
One of the catalysts for Fortinet’s growth has been its entry into SD-WANs. The company was a late entrant into the market, but it hit the market when it was shifting from one network only to requiring network and security. Wave 1 of SD-WANs was used to transform branch connectivity. Now SD-WANs are being used to tie remote workers to clouds to the company network, and that requires a much higher level of security.
During its earnings call, Fortinet also announced its upcoming FortiOS 7.0 release, which is loaded with new SD-WAN capabilities including SASE, self-healing SD-WAN tools with automated remediation, 5G and LTE security and updates to FortiManager and FortiAnalyzer.