Tyler Wishnoff

RSS Feed

This blog post is the first in a series that examines the results of a recent network security infrastructure survey conducted by SANS Institute[1]. It highlights key takeaways for network and security operations professionals to consider.

We’re living in an age where hackers control the headlines, keeping Security Operations teams constantly on their toes. And, sometimes, a security system reaches end of life or a new threat demands features you don’t have available. But, each new deployment risks adversely impact network security and performance.

The proof of concept (POC) is a popular method to combat these risks. In fact, 90% of organizations rely on one or more each year. For many, however, the benefits a POC provides are questionable. In fact, a surprising revelation from the SANS research found that despite the high use of POCs common issues during POC execution open the door to security risks and network performance issues in production environments.

This does not mean POCs should be avoided. They remain a vital part of the deployment process. But. to get full value from them and to ensure they aren’t setting you up for failure, consider these three areas before your next POC:

Evaluate Your Lab Environment

Many organizations choose to run their POCs using lab data. This works at a basic level, but if your network environment is complex, you’ll struggle to effectively simulate production traffic.

In their study, SANS found that 40% of organizations can’t simulate production performance, and even including those that can, 60% encounter an application mismatch between test and production environments. This means you’re likely to experience unforeseen consequences when you finally deploy.

Test Under the Right Circumstances

Speaking of lab data, if you can’t simulate production, you can’t effectively test your security features. This includes how they work and the impact they’ll have on network performance.

According to SANS, 57% of organizations have issues in their lab environments that prevent effective exercising of product features. And, when it comes time to deploy, nearly half of all organizations end up using 50% or less of their active security features.

Forget about the disappointment that comes with being unable to fully utilize your new system; this means less security coverage than anticipated and can leave you vulnerable.

Streamline Your POC Process

POCs are a time-intensive process, and this time investment can eat away at your budget and resources, limiting the number of POCs you’ll be able to perform.

It’s important to evaluate how your current network architecture impacts your POC process. Strategic changes like implementing a unified packet plane with packet flow switches can save time, enabling you to safely test with production data while running multiple POCs in parallel.

Proof of concepts are important to help test new capabilities or systems, but they may not give you a true picture in a production environment. Testing with production traffic and logically separating the security systems from your network may ease some of the challenges in a POC. To learn more about how to do this, read Security POCs: Streamlined.

Want to read the entire report from SANS? You can download it here.


  • Security

Subscribe to Our Blog