Tyler Wishnoff

RSS Feed

This blog post is the second in a series that examines the results of a recent network security infrastructure survey conducted by SANS Institute[1]. It highlights key takeaways for network and security operations professionals to consider.

Managing network security and performance often feels like a balancing act. And the struggle is real for 48% of IT organizations that are using fewer than 50% of their available active security features due performance impact concerns. 

Even getting to 50% isn’t easy. Some teams are forced to put security at risk, starting out with fewer activated features while they figure out what it is their organizations really need.

Before you play another round of feature whack-a-mole, consider two ideas that can make for an easier time optimizing both performance and security:

Review Your Proof of Concept Process

As discussed in part one of this series, optimized proof of concepts (POCs) lead to deployments that are more secure. In addition, POCs eliminate the need for feature adjustments.

Most organizations encounter challenges when choosing to test with lab traffic. In fact, 57% of the time, it’s impossible to effectively test product features because lab traffic doesn’t adequately reflect the production environment. Testing with production traffic offers visibility into how the network will react to a deployment so that by the time a solution is rolled out, you have maximized active features and performance without adding risk and wasting time.

Plan for Scaling and Bandwidth Limitations

It’s worth considering how your network security will scale and support higher network speeds of 10, 40, and 100G.

Left unexamined, these factors have serious consequences. 68% of organizations that are unable to leverage all of their available active security features are hindered due to issues related to scalability and speed. Not planning for scale creates silos of visibility that complicate monitoring across distributed sites, generating opportunities for new threats. Not considering network speeds can result in overworked tools that drop packets and leave you vulnerable.

For both POCs and future network changes, implementing a unified packet plane, enabled through a packet flow system, allows you to logically separate your active security tools from your network. This has the benefit of making POCs easier and safer to execute with production traffic, while reducing the silos of visibility. A unified packet plane also manages the flow of packets between your network and tools of different speeds, keeping things secure and running smoothly.

New security deployments are inevitable. 79% of organizations will need to update their security infrastructure at some point due to end of life. Before you make your next move, consider how your approach can be improved with more thoughtful POCs and a unified packet plane in the mix.

Want to read the entire report from SANS? You can download it here.

[1] Network Security Infrastructure and Best Practices: A SANS Survey, 2017

  • Security

Subscribe to Our Blog