How to Implement a Visibility Layer Solution to Optimize Network Security

Yigal Amram By: Yigal Amram July 30, 2019

It would be understandable if network security pros felt like they were constantly fighting a losing battle.

Between 2018 and 2019, global cybersecurity spending increased nearly 10% to $103 billion. And yet, as you increase cybersecurity spending, attackers continue to successfully break through network security infrastructure. Studies show that the average number of cyber attacks will increase yet again in 2019, costing organizations $13 million per incident, on average.

The stats may seem bleak, but it’s not like you’re going to just give up and let attackers have their way with your network. Instead, you need a way to identify and address the issues that are plaguing today’s network security strategies.

And once you take a closer look at your network security issues, you’ll see there’s one thing that you need to set yourself up for true protection—network visibility.

Network Security Is No Longer About the Perimeter

Attackers have always found creative ways to circumvent network security infrastructures. However, there’s no denying that designing a secure network infrastructure used to require far fewer moving parts.

Until the last decade or so, building a secure network infrastructure was all about the perimeter. You had a core data center with private components that had to be protected from the network traffic coming from public sources. Creating a walled garden with network security solutions at the perimeter made perfect sense.

Firewalls, intrusion detection systems, malware protection, and an assortment of white/blacklisting tools reigned supreme when all you had was a handful of entry points to defend. The problem is that this traditional approach no longer fits the network security landscape because the perimeter as we know it is dissolving.

Now, there are a seemingly limitless number of entry points to your network. Mobile devices, WiFi access points, IoT sensors, cloud applications, increasing virtualization and the growth of East-West traffic, all contribute to complicating traditional network security strategies.

But the complications aren’t coming from a lack of technology. New, more advanced cybersecurity solutions are introduced to the market every day. Rather, the problem lies in maintaining network visibility so that all of your advanced network security tools can reliably analyze your traffic.

Network Visibility Lays the Foundation for Network Security

“With end-to-end visibility, a business can build a baseline of what ‘normal’ traffic looks like. Any deviation from this would warrant investigation from the security team.”Zeus Kerravala, Founder and Principal Analyst with ZK Research

The only way to get value from sophisticated network security tools and an ever-growing cybersecurity budget is to ensure that packets (malicious or otherwise) can’t reach your core data center without being analyzed. And that means creating a network visibility layer that properly routes packets without dropping them or negatively impacting performance.

However, as you deploy a multi-tiered security strategy that includes inline appliances, out of band monitoring tools, and analytics solutions, maintaining network visibility might seem easier said than done. You could run into a number of challenges, including:

  • An over-reliance on SPAN ports that leads to dropped packets and limited visibility
  • Inability to properly monitor cloud traffic and encrypted packets
  • Security and monitoring tools that can’t support ever-increasing network speeds

Overcoming these challenges and maximizing network security requires a pervasive network visibility layer—one that reduces downtime, improves service recovery time, ensures tools see all necessary packets, and increases the ROI of your cybersecurity budget.

Building a secure network infrastructure starts with creating your pervasive visibility layer, including:

  • Network Packet Brokers: While network taps maximize visibility for individual links, pervasive visibility also requires higher-level orchestration to manage ever-increasing amounts of traffic. Network packet brokers ingest traffic from tapped links and load balances raw packets to specific inline and out-of-band security tools.
  • Bypass Switches: Advanced inline security appliances like next-gen firewalls, web application firewalls and intrusion prevention systems are necessary aspects of network security. But they can also introduce points of failure in your network. Bypass switches eliminate this challenge by bringing failover capabilities to inline security solutions.

With these three components in place, you can create a pervasive network visibility layer that gives you a baseline of behavior that will help maximize network security.

Recently we have been witnessing a new generation of visibility layer devices and NPB, offering more advanced features and increasing packet processing capabilities.  With these next-generation visibility layer NPB, the demarcation line between the traditional NPB and the network security appliance is blurring. Thus the user is able to build a network security foundation layer inside the pervasive network visibility layer.

There’s an art and science to building a secure network architecture and pervasive network visibility layer. Knowing which tools to deploy is great, but your next step is to establish a cohesive strategy that accounts for the current status of your network security and addresses how your infrastructure will evolve.

That’s where we can help. If you’re ready to implement a network security strategy that’s built for today’s threat landscape and want to take advantage of Niagara’s Open Visibility Platform,  contact us today and speak to a network visibility expert.

New call-to-action