In recent years, a number of cloud architects have proclaimed the demise of network security with the adoption of the public cloud. Yet, network security persists in being one of the largest markets in security and is an area where each of the major cloud service providers (CSPs) have launched significant new offerings over the past few years. It shouldn’t be a surprise that the network remains critical to security, even in the cloud.
The network provides a universal control point providing the enterprise with leverage in securing everything, regardless of the workload/app's architecture. Many enterprises moving to the public cloud may have thought network security would be superfluous – after all, the cloud provider owns the network, so network security is handled by the CSP – but something interesting happened instead.
The move to the cloud signified the realization of a dream business folks have had since the inception of IT – stop caring about the underlying enabling technologies (i.e., infrastructure) and only focus on the application. Moving workloads to the public cloud enabled that focus to an unprecedented degree. Instead of focusing on securing the infrastructure, organizations were able to focus on the app/workload and its functionality and security – patching, locking down access, etc.
But as cloud grew at a blistering pace, cloud architects were reminded of a few truths:
As organizations move from few to thousands of workloads, somewhere along the way, simple patching of vulnerabilities became difficult. Recent surveys have suggested that vulnerabilities like Log4j took months to patch, which with the rapid development and automation of exploits, highlights the need for defenses outside the app/workload.
Defenses outside the app/workload can be applied in a variety of ways (compute, network, container), but the need has become front and center for cloud architects. While it depends on the application architecture in question, the network has a couple of things going for it:
While CSPs will go to great lengths to secure their networks, that’s never been what organizations care about. Most organizations only care about securing workloads and data. This is why network security has a slight change in mission – it’s not about securing the network; it’s about securing workloads.
In addition to the modification in mission, there's also a change in execution needed – organizations in the public cloud can't abide by a security capability that uses a management and ops model from the data center. In other words, virtual appliances designed to secure networks and managed on a box-by-box basis aren't going to work where operations are designed around everything-as-a-service. Sure, appliance providers will supply duct tape and zip ties to stand things up in a cloud environment, but it's not a resilient approach that enterprises can rely on.
What’s needed in a modern multi-cloud environment is an automatic, cloud-native capability that enables strong security approaches like zero trust. With a number of announcements from the major cloud providers over the last year, it’s great to see recognition of the need for network security in the cloud. Now, with greater recognition of the need, the cloud network security market seems poised for a breakout year of growth in 2023 as more organizations evolve in their cloud journey.
Vishal Jain is the Co-Founder and CEO of Valtix.
Related articles:
With many enterprises new to NaaS, service providers can differentiate themselves from competitors by prioritizing superior customer service and experiences.
Unlocking the full potential of telecom in the SaaS era relies on comprehensive strategies and a constant commitment to evolving security practices.
Eliminating complexity by standardizing with a platform approach is the way to put the brakes on the complexity cycle.
