logo

Check Point Maestro and the Need for Hyperscale Network Security

Massive network traffic growth and changing business requirements can be a network security nightmare. Appliances can’t scale to meet unpredictable traffic peaks while upgrades can take time and resources to acquire, configure, tune, and operate. What’s needed? A hyperscale network security architecture offering flexibility and ease of use as business and technical requirements change. This is exactly what Check Point’s Maestro can do.

  • Published: 02-04-2022

  • Related Category: Network Security

  • Type of Content: White Papers

  • Owner: Check Point


Overview

According to ESG research, 85% of cybersecurity professionals believe that network security is more difficult today than it was 2 years ago for several reasons (see Figure 1): 1

Network complexity. ESG believes that complexity is closely related to the expanding attack surface as organizations increase the number of connected devices and embrace public cloud computing, SaaS applications, and user mobility. Network security tools must be able to support changing policies and usage patterns for cloud and mobility. Complexity is also a function of network scale, as organizations upgrade to 100 gbE network cores, gigabit SD-WAN services, and 802.11ax wireless networks for densely populated central offices. In general, network traffic tends to double every 24 to 36 months, forcing security teams into a perpetual game of catch-up.

The insidious threat landscape. Nearly half (45%) of survey respondents claim that network security has grown more difficult due to an increase in the threat landscape. These threats come in many shapes and sizes: network exploits, malware, fileless attacks, social engineering, etc. Combined with network scale, security professionals must examine ingress/egress packets, internal communications, and cloud-based traffic, looking for suspicious/malicious activities always.

The global cybersecurity skills shortage. More than four in ten infosec pros believe network security is more difficult today due to the cybersecurity skills shortage in the form of being understaffed (23%) and/or a lack of security knowledge and skills among existing staff (20%). Other ESG research indicates that 70% of organizations have been impacted by the cybersecurity skills shortage as it has increased the staff workload and made it more difficult to recruit and hire experienced network security professionals.2 It’s easy to see how finite network security teams can be overwhelmed as they try to cope with network complexity while struggling to manage dangerous threats.

Too many network security tools. One-third (33%) of survey respondents believe network security is more difficult today due to an abundance of network security tools like firewalls, IDS/IPSs, VPNs, malware sandboxes, and security.

1 Source: ESG Research Report, The State of Network Security: A Market Poised for Transition, March 2020. All ESG research references and charts in this showcase have been taken from this master survey results set, unless otherwise indicated.

2 Source: ESG/ISSA Research Report, The Life and Times of Cybersecurity Professionals 2020, June 2020.

Figure 1. Reasons Why Network Security Has Become More Difficult

Which of the following factors have been most responsible for making network security management and operations more difficult? (Percent of respondents, N=226, three responses accepted

 

Source: Enterprise Strategy Group

 

Somehow, organizations must be able to mitigate cyber-risk while supporting business initiatives like digital transformation and work-from-home (WFH) requirements driven by COVID-19. Unfortunately, the issues identified by ESG research respondents make this difficult if not impossible.

What’s Needed?

Many organizations have turned to public/private cloud infrastructure as a modern platform for developing, hosting, and operating business applications. CISOs need a similar type of architecture for network security that supports:

Hyperscale. Today’s network security is based on a series of appliances and chassis-based systems. Scaling these devices means accepting the cost of over-provisioning or the time and resources required for “rip and replace” upgrades. To avoid these issues, network security hardware should be based on a hyperscale architecture offering linear scaling of processor, network, and storage resources. In other words, network security architectures must emulate public cloud infrastructure, where hardware resources can be added on demand to meet growing network security needs without disruption. Hyperscale capabilities would be especially useful to help organizations address changing network security demands driven by work-from-home needs related to COVID-19.

Simple installation and ease of use. Network security hyperscale architectures must provide the ability for seamless upgrades. When performance and scaling thresholds approach, security teams should be able to add plug-and-play hardware components while the system automatically load balances compute, network, and storage needs across the existing and new hardware. Security operations managers should then be able to take advantage of the new hardware by configuring security services (i.e., firewall, IDS/IPS, proxy, etc.) into virtual appliance groups using a central management interface. This can help organizations tailor network security services to business needs as they change and grow.

A comprehensive menu of network security services. Network security demands several applications and services that whitelist/blacklist IP addresses, ports, and protocols; encrypt/decrypt communication; and inspect network packets for exploits and malware. In the past, each of these services required its own appliance, leading to operational overhead. Hyperscale network security can alleviate this complexity by supporting virtual instances of a variety of network security services within the architecture. In this way, security teams can configure and fine-tune all network security services with a common management UI/UX, applying the proper amount of hardware resources to each service. Not only does this help with security operations productivity; it also helps organizations improve ROI on security spending.

Streamlined operations. By consolidating devices and managing network security devices through a common interface, security teams should be able to operate network security services more efficiently and effectively while decreasing issues related to human error (i.e., misconfigured systems, policy errors, etc.). Since many security teams are short-staffed, any increase in productivity is welcome.

>> Download White Paper to continue reading.



Related White Papers: