Five Business Drivers for Visibility and Control of the Atomized Network
By Martin Roesch, CEO
I write a lot about the Atomized Network and the massive implications it has on network security. However, the ripple effect of the Atomized Network across the business also creates substantial challenges for other operational teams. Today’s Atomized Networks are dispersed, ephemeral, encrypted, and diverse, and organizations struggle because they are functionally blind to the composition and activities of their networks. Dispersed tools and teams are responsible for only parts of the network, not the whole. And the capabilities of conventional tools we’ve relied on for network visibility and control—deep packet inspection (DPI) technologies primarily delivered on appliance-based architectures—are being eroded by the pervasive use of encryption in software-as-a-service and Zero Trust environments and are impossible to deploy when and where they’re needed in Atomized Networks.
At Netography, we’re helping enterprises adapt to the evolutionary pressures of the Atomized Network so you know what you’ve got, what it’s doing, and what’s happening to it. We’re where you need us when you need us. We are immune to encryption. And we look at your network as a composite of its components, not as a pile of components with separate solutions required to figure out what is happening. The business outcomes are powerful. Here are just five examples.
- M&A visibility
When you acquire a company, that company has a preexisting network. You think you know what is on it but typically, you don’t because the company only has a fuzzy idea of what was on it anyways, particularly if they have an Atomized Network as well. Our ability to do real-time network discovery and show you the assets you now have and what applications and data they are using without having to deploy anything to make it work, provides unprecedented speed to understanding. With Netography Fusion, you quickly gain an understanding of the composition of the networks of the entities that you bought, beyond what they might have understood themselves, and including their compliance or non-compliance with your policies.
- Network discovery and asset inventory
Creating an accurate asset inventory starts with having comprehensive visibility so you know what you’ve got across your enterprise. Since devices aren’t static, you also need real-time network discovery capabilities so you can see changes as they are happening and make sure your asset inventory is comprehensive and always up to date. With the addition of context labeling and tagging in our latest release, now you can also associate organizational business logic with what we are showing you. Teams can visualize and analyze networks by applications, location, compliance groups, or any other scheme. You can view devices by audit requirements and make sure they are covered under your audit plan, so they have proper oversight and requirements are being met.
In many ways, Netography Fusion is better suited to helping meet your compliance requirements than traditional next-generation firewall (NGFWs) and intrusion prevention systems (IPSs) because we are capable of defining and monitoring for acceptable behaviors, not just detecting attacks. Context labels allow for custom searches using Netography Query Language (NQL) to define all sorts of non-attack behaviors that are more or less acceptable in an environment. For example, proving segmentation of the development and production environments within minutes. Our client, Shannon Ryan, Sr. Director, Core Security Services and Architecture at FICO says, “The addition of context labels enables new use cases, including policies that we can apply to specific applications or our on-premises or multi-cloud infrastructure, enabling us with visibility and alerts for specific compliance controls. Context labels also make it easier for more team members to analyze incidents and answer audit questionnaires quicker.”
- Protection of dispersed and remote locations
Traditional DPI technologies delivered on appliance-based architectures take a long time to deploy and make productive. And as your network evolves and changes, the ability of appliances to keep up with that evolution is fairly limited because as a physical device each appliance has a limited purview into a network environment, and it is very difficult and costly to change that. In contrast, our SaaS-based universal platform deploys frictionlessly to deliver capabilities immediately when and where they’re needed across your Atomized Network. We don’t require you to deploy anything or call us for additional licensing. The barrier between you and extending or changing where you have visibility and control in your environment is your ability to provision, which is driven by you, the customer. If another part of your network needs coverage, it can happen in minutes.
- Data privacy
The capability of traditional DPI systems is strongly correlated with their ability to see into unencrypted traffic. When they are exposed to encrypted traffic that they can’t decrypt for whatever reasons, their capabilities degrade rapidly. Netography Fusion is unaffected by the presence of encryption because we aren’t looking at network packets. Instead, we rely on network flows, metadata, and enterprise context, not packets, to provide complete network visibility and control. In environments where encryption is prevalent and the capabilities of DPI systems vary widely, our live off the land approach allows us to operate outside the constraints of whatever encryption technologies are being used. With Netography, organizations can do what they need to from a data privacy standpoint and remain confident in their ability to maintain comprehensive visibility.