Four Ways to Quickly Determine Your Atomization Issue and Next Steps to Fix it

Four Ways to Quickly Determine Your Atomization Issue and Next Steps to Fix it

By Martin Roesch, CEO

Network atomization didn’t happen overnight. It’s been a progression over the last fifteen-plus years driven by digital transformation, a rise in multi-cloud strategies, and the shift to a hybrid workforce. And now, we’re seeing the Boiling Frog phenomenon: some of the core approaches to network security are being rendered obsolete and nothing has replaced them. As a result, organizations are experiencing a confluence of network traffic monitoring and security challenges that make it difficult to adequately protect their Atomized Networks.

However, if we look at the definition of an Atomized Network – a network environment that is dispersed, ephemeral, encrypted, and diverse – we can map security issues to these four areas and understand how to fix them.

1. Dispersed – the “where” issue. Modern enterprise networks are comprised of multi-cloud, hybrid-cloud, and on-premises infrastructure. Getting network visibility and control where we need it in dispersed environments is problematic because classic sensor-based architectures make it difficult to provision sensors everywhere they need to be. Additionally, sensor-based architectures are very limited in their vantage point – they only see the traffic passing very specific points on the network. And cloud-native security vendors focus on providing visibility into cloud environments with little regard for the fact that a modern enterprise could be atomized and, therefore, not just in a cloud but also on-prem.

• • The fix: What’s needed is a cloud-native solution that leverages the underlying network infrastructure without the need to deploy software or hardware so that any place organizations need visibility they can have it immediately. With Netography’s cloud-native security platform, network visibility is always available – in the cloud and on-prem – because there’s no need to deploy appliances or software packages, manage license keys, curate policy, and integrate with management infrastructure.

2. Ephemeral – the “when” issue. Getting network visibility and control when we need it given the ephemeral nature of today’s modern networks is also a problem. This is especially true in cloud environments where workloads can spin up and down in a matter of minutes. When services can come and go – often without the knowledge or buy-in of security teams – there has to be a way for network visibility and control to come and go in lockstep. The standard way of provisioning isn’t well-suited to environments where we might not even be aware of all the networks we really have and where they are, let alone if changes have happened that require a change to provisioning. And the ability to dynamically provision more capability is extremely limited because it is tied to being able to deploy software either wrapped in a piece of hardware or in a virtual appliance, sidecar load, or agent.

• • The fix: Organizations need the ability to dynamically provision with the same dynamism as the environment they are operating in. Netography enables automatic provisioning and auto-registration to deliver visibility across the Atomized Network instantly. As soon as the environment is extended or changed, organizations are able to start sending information via APIs to the Netography platform immediately. There’s no need to delay delivery of security capabilities because there’s no need to deploy anything or call us for additional licensing.

3. Encrypted – the “what” issue. The pervasive use of encryption is blinding deep packet inspection (DPI) technologies we’ve traditionally relied on to detect attacks. So, in environments where we have sensors that can get clear text data we have one set of security capabilities, and in other environments where we have to do decryption, we have a different set of capabilities. The disparity in what we get increases cost and complexity, and we still may not have any real awareness of when and where we lack visibility and if the capability deployed is able to do its job. Attackers take advantage of the opacity and gaps that make it difficult to detect and stop attacks.

• • The fix: With an approach that is unhindered by encryption, we can have an equal set of capabilities everywhere all the time. Netography operates in real-time on metadata in the form of flow data, which doesn’t contain any encrypted payloads and provides all the information needed to get comprehensive and consistent visibility and control across the Atomized Network, regardless of the presence of encryption.

4. Diverse – the “how” issue. Atomized networks can consist of up to three types of environments: IT, cloud, and operational technology (OT) environments. In many instances we have different tools for each environment, including in each of the different clouds, run by different teams. These tools may or may not be looking for the same things and they all use their own discrete languages to define what a hostile activity or an anomaly looks like. Each tool frequently has its own configurations and threat definitions, and its own eventing and reporting platform. How these tools generate events and report on them will vary, which can provide very different results and no cohesive picture for common understanding and comprehensive risk mitigation.

• • The fix: Organizations need a way to bring teams and tools together so they can be more efficient and effective. Netography treats every environment the same with an approach that is architected for diverse environments. We have one common language to describe what threats and compliance look like, and one eventing and reporting platform that everyone can use to see what they’ve got, what it is doing, and what’s happening to it across environments. And our write once, detect everywhere capability enables comprehensive, rapid response.

We believe the Atomized Network is not just the new normal – it’s fundamentally changing what’s required for effective network traffic monitoring and security. It’s also the driving force behind how we architected Netography Fusion, delivering an entirely new and proven approach to solve your atomization issues and better protect your DEED environments.