2014: The year network security operations become orchestrated
Reuven Harrison, CTO, Tufin
The past few years have set the stage for some disruptive shifts in network security operations. These shifts are driven in great part by the rise of virtualization and the cloud, which have enabled organizations to deploy applications much faster. Occurring in tandem, the proliferation of network and next-gen firewalls inside the perimeter has made them essential for successful application deployment because firewalls literally connect applications to the network. These converging trends have fused application and network layer functions, causing a fundamental reset of the security operations function.
I was anticipating several key outcomes to catch fire in a big way in 2014, but in light of the major 2013 announcements by Cisco, VMWare, Palo Alto Networks and F5 Networks around network automation and application-centric abstraction, I think it is safe to say the spark has already caught. With that being the case, I am now willing to double down on my 2014 predictions:
management of network infrastructure will be embraced as the next big thing with change management being the catalyzing use
will drive a convergence between security and IT operations (fueled
concurrently by the rise of DevOps). As a result of this fusion, many
organizations will merge these functions into one unit. This new and improved,
security-aware IT operations team will have a very clear charter: to deploy
applications faster, better and more securely. This will not only align
security with the business, but enable security to help drive the business
- These next gen IT ops teams will give rise to a new role– the application-infrastructure manager, a role that will blend networking, security, storage, virtualization and application expertise into a single position. These folks will be require a broad cross section of technical expertise, but the effort spent to developing such a well rounded, diverse skill set will be rewarded with job security. Plus, they will have specialized tools to help ensure seamless and secure application delivery.
So if we look at my first prediction let's begin by looking at the definition of orchestrationAccording to Wikipedia, orchestration “describes the automated arrangement, coordination, and management of complex computer systems, middleware, and services.” Traditionally, the concept of Orchestration has been primarily used in the context of the Cloud, SOA and virtualization, however, it has caught on in network security circles in a big way because firewalls – which fall under the purview of security operations teams – have become the lynch pin between applications and the network. The need to deploy, decommission and maintain more applications faster has caused the volume and frequency of firewall (aka Security Policy) changes to increase exponentially. Managing those changes in a fast, secure and compliant way is essential to keep applications up and running on the network.
As such, firewalls have become the natural focal point for network layer orchestration. Orchestration significantly automates painful manual security policy change processes while preserving governance and control over the process, which is absolutely crucial for security-related changes. In addition, orchestration provides the capacity to automatically provision changes to relevant devices and systems such as applications and servers that require current and accurate security policies.
Additionally, if you look at the broad orchestration-related announcements made in 2013, it's safe to assume that my prediction will play out, as these platforms become embraced and validated in production environments in 2014. This will create a healthy balance between business units, some of which may have already been automated. So when I predict that orchestration will “drive the business forward,” that is not lip service. In fact, the benefits have already been identified and are clearly quantifiable.
This segues into my second prediction: that in 2014, security ops will converge with IT ops to the point where they no longer exist as separate entities. This convergence is already underway. A recent survey of 502 IT executives revealed that 71 percent had to adopt new processes, learn new technologies and interact with new people because of trends like Cloud, IPv6, DevOps and virtualization. Fifty-five percent reported that new business initiatives now require security's input, and almost one third reported that they require data from new stakeholders in order to design proper security policies. As a result, security teams are engaging IT Ops teams earlier and much more often. As organizations continue to virtualize their infrastructure, these groups do more then engage – they will merge. I expect to see that happen en masse in 2014.
As this occurs, my third prediction will then come into play – the rise of application infrastructure managers. This role will be the face of the evolved IT Ops teams that will emerge in 2014. Application infrastructure managers will need to possess a well-rounded skill set and are as likely to come up through the security and networking side as they are to come from the application and/or virtualization side.
While I might be a bit early on this last one, I'm still placing my bet on 2014 for us to start hearing about application infrastructure managers. I'm willing to bet that I'll see the title on a business card before the end of the year. Time will tell.