[ad_1]
Recently, we’ve seen a number of exercise and bulletins round multicloud safety – significantly community safety (or the expanded view – safe cloud networking). We have been on this recreation longer than most opponents. And our expertise has uniquely positioned us to resolve buyer’s multicloud challenges higher. In buyer conversations, now we have noticed three statements that get thrown round quite a bit available in the market. In most instances, with out actually contemplating the client implications, and the impression they’ve on the necessities for an answer. Briefly, they’re:
- You can’t safe what you can not see
- Network and safety have to return collectively
- All safety should be multicloud (however what does that really imply?)
#1 You Cannot Secure What You Cannot See – But Security Remains the Goal
This is clear on its face. But the corollary is that seeing an issue and never with the ability to do something about it is perhaps the worst factor ever. First, it ought to be straightforward – visibility shouldn’t require deployment of infrastructure. Second, visibility right here helps us obtain an final result – particularly, securing cloud workloads by placing defenses in place. In different phrases, see an issue, repair an issue – all in the identical answer. Additionally, once we speak about securing issues we see, even the act of deciding what coverage to make use of requires us to raised perceive all issues cloud. In the cloud, workloads are tagged (partly as a result of bodily location and IP addresses are neither static, nor managed by you). Cloud safety options not solely must eat cloud native tags and attributes at enterprise scale, but additionally deal with them as first-class coverage objects.
#2 Networking and Security Have to Come Together – Else Security is Always Behind
After numerous hours of conversations with prospects, the widespread ache level expressed was how they wrestle with securing workloads within the cloud shortly and at scale. The root of the issue wasn’t due to organizational construction or lack of effectivity. In truth, their cloud networking and safety stacks weren’t working collectively.
First, with the dynamic nature of the cloud, networking and safety controls should be capable of work with each other to routinely adapt and evolve as environments change to make sure defenses stay in place. Second, safety and networking coming collectively implies that directors shouldn’t must go a number of locations to handle coverage (safety) and enforcement infrastructure (arguably, networking). Yet, legacy distributors recurrently try and power match datacenter merchandise into the cloud. The cloud isn’t your datacenter, and power becoming applied sciences in an atmosphere the place they are going to wrestle to maintain tempo and scale with dynamic environments is an inferior strategy. The greatest strategy is to centrally handle multicloud coverage and infrastructure whereas incorporating distributed enforcement factors. This lets you handle your cloud environments globally whereas concurrently implementing safety coverage regionally. Our strategy follows this greatest observe utilizing a Software as-a-Service (SaaS) controller (not VM-based) with in-account (or in-datacenter) Platform as-a-Service (PaaS) enforcement.
#3 All Security Must be Multicloud – Which is Different Than Running in Multiple Clouds
Over the previous few years, legacy distributors have claimed their safety home equipment run in all clouds. But operating a number of level safety instruments in cloud environments doesn’t imply their strategy is an answer to fixing multicloud issues. From the client perspective, a multicloud answer begins with a single coverage (coverage for an app, not an equipment) that may be carried out throughout all clouds, private and non-private, by a single, scalable service. As greatest observe, the service ought to handle each infrastructure in addition to coverage, bringing networking and safety collectively whereas giving organizations the visibility they should place safety controls strategically and precisely. You get the thought, configuring particular person insurance policies on particular person gadgets, throughout particular person clouds doesn’t remedy multicloud issues. Writing a coverage as soon as and distributing it throughout the clouds from a single location does.
The Implications for Enterprises – Requirements are Changing for the Better
The multicloud world is ever evolving and organizations are repeatedly adjusting analysis necessities to adequately shield their cloud workloads. We have heard from quite a few prospects that visibility into their community, bringing networking and safety collectively, and fixing multicloud issues with a real multicloud answer are high of thoughts standards of their decision-making course of.
To study extra about how Cisco helps organizations overcome the three exhausting truths of multicloud safety, go to www.cisco.com/go/multicloud-defense.
We’d love to listen to what you suppose. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: