I’m looking forward to RSA Conference 2016 in San Francisco, and although I’m a networking analyst focused on core networking technologies, we must also be aware that networking is a critical component of security.
For the same reason that you don’t want a security guard with really bad eyesight, you want good visibility in the network to understand what is going on. Obviously they often feed into other tools to provide detailed insight, but accessing the network packets is where it starts.
Firms like APCON, cPacket Networks, Gigamon, and Ixia are showing their network visibility products such as network taps and packet brokers that enables network security. Traditional networking equipment makers such as Interface Masters have TAP solutions that work with partners like PacketSled to perform network forensics and visibility solutions. I'd like to better understand how all of these firms approach this problem, and what are the considerations that matter. For example, there is the core consideration of performance.
While pure performance hasn’t taken the limelight in networking recently, at least within the data center as many vendors provide switches that run at similar speeds, performance matters in security as lost packets means a loss of visibility to potentially suspicious activity.
Ixia, which traditionally has been associated with their testing solutions, is bringing systems that provide 100% visibility. This may be important as there’s an increased presence of unknown devices, whether they be “ghost devices” or new IoT systems that augment traditional endpoints and servers. A talk titled “The Air Up There: Wireless Beyond Wi-Fi, IoT from DC to 10GHz” by a speaker from Bastille touches on some of these issues at this year's conference.
Traditional networking equipment vendors, such as A10, Brocade, Cisco, Dell, F5, and Juniper are also exhibiting, and we'd like to understand how a comprehensive vendor can provide the one-stop-shop solution, or whether a stiching together of "best of breed" makes sense for different types of users. I'll explore more in another blog.