Overcoming the Three Exhausting Truths of Multicloud Safety

Just lately, we’ve seen a number of exercise and bulletins round multicloud safety – notably community safety (or the expanded view – safe cloud networking). We’ve been on this sport longer than most rivals. And our expertise has uniquely positioned us to unravel buyer’s multicloud challenges higher. In buyer conversations, we now have noticed three statements that get thrown round loads out there. Typically, with out actually contemplating the shopper implications, and the affect they’ve on the necessities for an answer. Briefly, they’re:

  1. You can’t safe what you can not see
  2. Community and safety have to come back collectively
  3. All safety should be multicloud (however what does that truly imply?)

#1 You Can’t Safe What You Can’t See – However Safety Stays the Aim

That is apparent on its face. However the corollary is that seeing an issue and never with the ability to do something about it may be the worst factor ever. First, it must be simple – visibility shouldn’t require deployment of infrastructure. Second, visibility right here helps us obtain an end result – particularly, securing cloud workloads by placing defenses in place. In different phrases, see an issue, repair an issue – all in the identical resolution. Moreover, after we speak about securing issues we see, even the act of deciding what coverage to make use of requires us to raised perceive all issues cloud. Within the cloud, workloads are tagged (partly as a result of bodily location and IP addresses are neither static, nor managed by you). Cloud safety options not solely should devour cloud native tags and attributes at enterprise scale, but additionally deal with them as first-class coverage objects.

#2 Networking and Safety Need to Come Collectively – Else Safety is At all times Behind

After numerous hours of conversations with prospects, the widespread ache level expressed was how they battle with securing workloads within the cloud shortly and at scale. The basis of the issue wasn’t due to organizational construction or lack of effectivity. In actual fact, their cloud networking and safety stacks weren’t working collectively.

First, with the dynamic nature of the cloud, networking and safety controls should be capable of work with each other to mechanically adapt and evolve as environments change to make sure defenses stay in place. Second, safety and networking coming collectively signifies that directors shouldn’t should go a number of locations to handle coverage (safety) and enforcement infrastructure (arguably, networking). But, legacy distributors usually try and pressure match datacenter merchandise into the cloud. The cloud just isn’t your datacenter, and pressure becoming applied sciences in an surroundings the place they are going to battle to maintain tempo and scale with dynamic environments is an inferior method. One of the best method is to centrally handle multicloud coverage and infrastructure whereas incorporating distributed enforcement factors. This lets you handle your cloud environments globally whereas concurrently implementing safety coverage domestically. Our method follows this finest follow utilizing a Software program as-a-Service (SaaS) controller (not VM-based) with in-account (or in-datacenter) Platform as-a-Service (PaaS) enforcement.

#3 All Safety Have to be Multicloud – Which is Completely different Than Working in A number of Clouds

Over the previous few years, legacy distributors have claimed their safety home equipment run in all clouds. However working a number of level safety instruments in cloud environments doesn’t imply their method is an answer to fixing multicloud issues. From the shopper perspective, a multicloud resolution begins with a single coverage (coverage for an app, not an equipment) that may be carried out throughout all clouds, private and non-private, by means of a single, scalable service. As finest follow, the service ought to handle each infrastructure in addition to coverage, bringing networking and safety collectively whereas giving organizations the visibility they should place safety controls strategically and precisely. You get the thought, configuring particular person insurance policies on particular person units, throughout particular person clouds doesn’t remedy multicloud issues. Writing a coverage as soon as and distributing it throughout the clouds from a single location does.

The Implications for Enterprises – Necessities are Altering for the Higher

The multicloud world is ever evolving and organizations are constantly adjusting analysis necessities to adequately shield their cloud workloads. We’ve heard from quite a few prospects that visibility into their community, bringing networking and safety collectively, and fixing multicloud issues with a real multicloud resolution are high of thoughts standards of their decision-making course of.

To be taught extra about how Cisco helps organizations overcome the three laborious truths of multicloud safety, go to www.cisco.com/go/multicloud-defense.

We’d love to listen to what you suppose. Ask a Query, Remark Under, and Keep Linked with Cisco Safe on social!

Cisco Safe Social Channels



Leave a Reply

Your email address will not be published. Required fields are marked *