Next generation networks
To deal with business transformation challenges and scale their infrastructure to support growth, businesses need a secure platform, like DDI, as well as NGDC agility.
Businesses’ operational and commercial priorities are always changing, driven by a need for greater capabilities and efficiencies, and reduced risk.
While some business models are evolving in line with technological developments, digital disruption and customer expectations, like a bricks-and-mortar store creating an online shop, for example, other models are fighting back or are being reinvented, because not every need can be met online.
“Change and disruption are hardly new,” says Dean Wolson, Country Manager at networking services provider Infoblox. “But it’s happening faster and impacting more aspects of a business than ever.”
To deal with business transformation challenges and to be able to scale their infrastructure to support growth, Wolson says businesses need a secure platform, like DDI, as well as “next-generation data centre” agility.
DDI involves the integration of domain name system (DNS), Dynamic Host Configuration Protocol (DHCP), and IP Address Management (IPAM) into a unified service or solution. It forms the foundation of core network services that enables all communications over an IP-based network, says Wolson.
To meet their operational goals, businesses need next-generation data centre (NGDC) infrastructure, reliable connectivity and strong network performance. Without these three critical elements, a software company, for example, cannot guarantee high performance levels, reliability, security or new services to its customers.
But what exactly is a next generation data centre?
Solid foundations for agility
“The data centre is essentially where the network begins,” says Wolson. “It evolved from on-premises, dedicated hardware to virtualised servers, networking and storage, and now to the cloud. The data centre evolution is being driven by both technological and commercial considerations, such as better economics, cloud enablement, mobile app development and a need to empower big data.”
This means data centres must be effective and efficient at responding to a wide range of problems, while also being able to support pre-emptive actions for competitive advantage. In a word, they must be agile, says Wolson.
Yet expanded security and compliance risks are among the biggest networking challenges experienced in an NGDC, says Mark Apker, Software Engineer at Infloblox.
“DNS is the most common service targeted by application-layer attacks, which makes us believe that DDI-related management issues will continue to be a challenge, and that rapid NGDC evolution will make them more acute,” says Apker.
DNS vulnerability remains a critical consideration for every NGDC, he adds, which is why security, and defending against DNS-based attacks and network-based threats specifically, is an imperative for NGDC agility.
But this is proving challenging for many organisations. According to one study, 92% of businesses get more than 500 security alerts a day, but only have the resources to investigate 4% of these. Another study found that 36% of organisations receive more than 10 000 alerts from their SIEM solution every month. Of these, 52% were false positives and 64% were redundant.
Clearly, the traditional security model is inadequate in today’s world of shifting perimeters, cloud networks and the IOT. The common denominator supporting these? DNS.
“Businesses are driven by DNS. But DNS is an open environment designed for speed and scalability, not security. Because of this, DNS has become a popular means to distribute malware, probe networks and exfiltrate data,” says Wolson.
“NGDCs must always remain up to date against whatever is arising, using threat intelligence. This will speed up reaction times, focus resources and enable automated responses.”
DDI contains critical information about a network that can be linked to specialised network security products. This way, synergies are created to enhance network security and efficiency. “This is not to say that organisations need to add yet another security tool to their stack. At a time when IT departments are trying to do more with less, drive efficiencies and take pressure off the security team, it is possible to build a more adaptive security architecture that doesn’t require a new tool every time a new challenge arises.”
An integrated networking and security solution can protect infrastructure, offer better application and service availability, secure users and data against malware, and include threat containment to optimise security operations. More importantly, it should offload threat detection, reduce the number of alerts through automation, and tap into contextual network and threat intelligence to respond faster and more accurately to threats.
“Ensuring the agility and effectiveness of an NGDC requires scalable core network services, a holistic and unified view of networks and their associated resources, the ability to provision and manage network services across virtualised and cloud platforms, and protection against DNS-based threats. All of these need to be addressed from the network core,” says Apker.
By blocking threats at the DNS layer, businesses can achieve scalability and preserve the processing power of perimeter solutions so that they can focus on deeper inspection. By automating incident response, security teams are more productive because there are fewer false alerts, while real threats are accurately identified.
“To support their changing priorities, businesses need the ability to consume large volumes of threat intelligence so that they can automatically detect, block and respond to threats targeting cloud, IOT and SD-WAN environments. This allows them to get more out of their existing security solutions while reducing the need to deploy additional expensive solutions everywhere,” says Wolson.