In the Atomized Network appliances are a dead end. Think outside the box.
Matt Wilson
Sr. Director Product Management
Industry analysts, business consultants, and the media have all written about and commented extensively on the acceleration of digital transformation in the face of the global pandemic. Immediately, business leaders had to think outside the box to increase productivity and drive revenue to remain competitive. Casting aside concerns and competing priorities that were holding them back, they digitally transformed various areas of their operations quickly to survive as industry paradigms evolve.
Today, virtually every enterprise is adopting cloud technology and operating in an increasingly distributed computing environment, the likes of which we’ve never seen before. Applications and data are scattered across a complex and fluid environment consisting of multi-cloud, on-premise, and legacy infrastructure, being accessed by mobile and remote workers. We call this the Atomized Network, and it is challenging businesses to think outside the box once again – this time around how they secure their ever-expanding and dispersed networks.
A missing middle
Conventional threat detection and application-aware security on the network has historically required deep packet inspection (DPI) appliances that were deployed in the middle of network traffic. But in the Atomized Network there is no middle anymore, so the number of places to put these middlebox appliances is diminishing. Even if you could figure out where to place them, execution gets very expensive very quickly. Ultimately, your ability to monitor traffic using an appliance-based architecture is outstripped as networks expand and the volume of network traffic increases to support digital initiatives. In the Atomized Network, appliances are a dead end.
The demise of DPI
The rapid adoption of Zero Trust initiatives is also contributing to the demise of DPI appliances. As Zero Trust becomes the norm, encryption of network traffic is accelerating, and DPI is increasingly blinded. Companies that try decrypting network traffic for inspection soon bump up against scalability issues as decryption consumes overhead and hampers performance. They also quickly realize they never even use much of the data they decrypt because they don’t need to see inside every packet to know that something bad or different is happening within their network. What’s more, decryption introduces compliance and privacy concerns as data is exposed to risk.
Think outside the box
Clearly, DPI appliances were architected for an old and dying paradigm. Companies need to think outside the box and consider a new approach to analyze encrypted traffic across a fluid computing environment where applications, data, and even system resources are in a perpetual state of motion.
As it turns out, there is no need to capture and try to inspect full packets. Metadata that is already available across your entire network infrastructure is all you need for complete network visibility. And because metadata provides information about the traffic without including sensitive or private data, you can collect and store it without compliance or regulatory concerns.
This is the foundation for Netography’s approach to secure the Atomized Network. Our SaaS-based, universal platform provides complete network visibility for real-time and retrospective attack detection across your entire footprint — multi-cloud, on-premises, and hybrid environments. We do this by taking a less is more approach. There’s no hardware, no software, nothing to deploy. And we live off the land, collecting and storing metadata in the form of flow data without capturing and inspecting full packets. Our architecture means we write our threat detection models once and protect everywhere in minutes. A single portal provides a unified view of data enriched with business and threat intelligence to accelerate and simplify detection, hunting, and analysis. Customized responses and remediation interfaces simplify automating the protection of your environment.
Now that’s what we call thinking outside the box, and how digital transformation leaders are innovating how they secure their modern enterprise.