The most significant underlying technology trend in networking is that startups have taken analytics and big data software and applied it to network devices.
- Active Security Threat System with Analytics Engines change security from passive to active with smarter capabilities.
- Software Defined WAN enabled devices bring virtualization to the WAN but also visibility, WAN acceleration and traffic management.
- Network Visibility and Analytics Tools.
Active Security Threat Systems and Analytics
The concept of preventing data loss or breaches has run its course. The use of network firewalls as a passive line of defence around the perimeter of the corporate network has comprehensively failed in the last few years and recent breaches mean that budgets are being allocated to upgrade IT security.
The next generation of IT security will be defined by the basic assumption that a breach will occur and the detection of in-progress attacks will become the primary line of IT security defence. Security Threat Systems are constantly analysing the IT estate and using multiple methodologies to scan, analyse and determine in-progress security events. Optionally, these systems can proactively initiate responses to shut down such events.
These solutions are defined by the following characteristics:
- virtual and physical appliances connected to the network collecting data at control points.
- endpoints will be part of the source information for threat detection.
- combining multiple signals to determine active threat to protected systems.
- Replacing existing security NGFW, IPS or sandboxing products.
Key Watch Points:
- use of x86 server appliances (merchant silicon) for high performance software
- use of advanced network adapters with custom silicon for very high performance networking
- physical hardening of appliances for tamper poof security in large networks
- virtual appliances for public and private cloud deployments
- a transition in security deployment from perimeter prevention to “always-active” threat detection, reaction and prevention.
- Cost reduction through retirement legacy security systems such SIEMs, Proxy Gateways and Post-Incident response tools.
Vendors to Watch:
- Vectra Networks
Network Visibility and Analytics with Traffic Control
Network monitoring has been improving steadily over the last few years but simple “monitoring” of network devices is insufficient. Startups are using modern software development methods plus open source data analytics and visualisation software to change the market.
Instead of simply “collect and chart” the next generation of tools are using big data analysis to bring more rigorous intelligence, prediction and pattern recognition to help predict networking problems. At the same time, visualisation software has improved greatly and today it is common to present meaningful and useful data in a web browser. Finally, emerging standards in IETF based on YANG are dramatically changing the available data leading to replacement of 30-year old SNMP with bidirectional data-rich APIs that are dynamically specified by controller and device itself.
These tools are accompanied by rapid change in software development methodologies that enable small teams to scale up software platforms and compete with vendor incumbents either from the cloud or on premises.
Key Watch Points
- Tools that performs use new APIs to collect rich data from devices.
- Tools that perform prediction, suggestive analysis from large data sets.
- Tools that offer graphically intense interface with high levels of visibility information combined with a strong user experience focus.
- Takeup of cloud monitoring platforms by large corporates who are highly sensitive to data security and control.
- Partnerships with SDN Platforms of Cisco ACI, VMware NSX and OpenDaylight.
- Products that are able to programmatically act on the network to improve performance or operation with intelligence from the platform.
Vendors to Watch:
- Sideband Networks
- Pluribus Networks
- HP Networking IMC platform
Software Defined Wide Area Networking
The corporate Wide Area Network consumes up to 75% of corporate networking budgets and often measured in tens of millions per annum. The WAN is resistant to operational change, costly to operate and often outsourced to managed providers to stabilise and control costs.
Software Defined Wide Area Networking (SD-WAN) uses the same principles that SDN in the Data Centre to virtualize the WAN by using overlay networking. The forwarding path of data from branch to data centre becomes independent of the carrier services, can changed without risk and encrypted to use Internet safely. This increases utilisation, changes how data moves across the corporate WAN and increases security while often produces ROI in the first year through savings in WAN changes.
Key Watch Points
- Startups offerings SDN WAN solutions that are incremental or additive to existing networks without replacing existing hardware or connections.
- Segmentation and virtualization of WAN
- advances in whitebox and merchant silicon that provide high performance encryption in network hardware for future upgrade cycles.
Vendors to Watch: