For the last 20 years, networking and security teams have had quite a tumultuous relationship thanks to vastly different objectives and/or impact on the other when completing necessary tasks. Security has been the office of “umm, no,” while “uptime!” was networking’s only refrain.
If we take a step back, there’s no reason why this relationship can’t coexist in a more natural, mutually beneficial way.
That’s exactly what we did with the premier episode of The Connected Security Lounge, a new Juniper webinar series I’m proud to be hosting.
Over the last five-plus years at Juniper, we’ve been weaving together networking and security capabilities. After all, security depends on networking, and threat actors can’t succeed in exfiltrating anything without leveraging the infrastructure itself.
A clash of different agendas
If we think about the dynamics that existed between these two teams over the last couple of decades, networking was always about whether the network is up, performing as well and as fast as it possibly can. If the network’s slow, you can be sure somebody will come knocking on that organization’s door. Sure, they understand that only good, required data should be permitted, but ensuring maximum uptime has been their top priority.
Over on the security side, they have been the office of “no” because new apps require new ports to be opened and a series of testing requirements to make sure the right traffic traverses through the environment in the right way. They need to be able to see the bad things in order to block them effectively and know that they’re only blocking malicious activity versus anything benign (even mission-critical).
The thing is, these agendas are highly complementary, because when the two are working well together and the security team checks in with the networking team from a performance and experience perspective, outcomes are improved.
Recognizing significant, inherent benefits
When you look at more nuanced threats, like those we are experiencing today on a recurring basis in large volumes, you have to look inside the application. For example, is it messaging within Facebook? Or perhaps it’s one of the other sub applications in Google? Knowing what that sub app is and the content of that sub app is required for security to do its job well. These data points would be highly beneficial to the networking ops team to improve user experience and really benefit the organization by providing keen insights.
When looking at the networking team’s responsibility in terms of delivering experience from a pure throughput perspective, the same is true. With specific types of threats, if it’s in the environment and there’s an experiential impact, the network team may be the first to recognize this volume of threat events. Without visibility into what’s transpiring, all they’ll see is that the link or the connection is being congested.
The point being that there is data that, if made available between security and networking organizations in collaboration—and actionable insights are gleaned from it—would make both teams quickly recognize the benefits of working more closely together.
Getting everyone on the same page
To bridge this divide and ultimately drive more positive outcomes, security should provide some degree or measure of visibility—even if that’s “read only access”—to the network team and conversely from the network team to the security team. Most organizations have considerable operational benefits to be obtained that can ultimately help reduce their operational costs.
For example, in the case of bring-your-own devices, having internal visibility, shared operational roles, required responsibilities, and roll-up objectives would encourage collaborative engagement between the teams. This includes setting goals for networking and security folks to partner up and work through respective disciplines to better understand each other’s roles. In addition, they would get exposure to and understanding of the operational tools they already have but maybe aren’t using to maximum effect.
Uncovering operational efficiencies
Bringing these two teams together and fostering a more collaborative dynamic can mend both the real and perceived divides that exist, benefiting and accelerating the operational outcomes for an organization. It can provide discipline diversity and shared experiences because sometimes the best folks that we need in the security operations center or the ops team are former networking people.
Ultimately, when both teams recognize the shared operational objectives, as well as the tools and datasets that are available, real operational efficiencies can not only be observed, but also acted upon. At the end of the day, it’s pretty remarkable to see what can be gained from this collaborative engagement.
—
For a deeper exploration of this topic, I encourage you to cozy up next to your computer screen and feel the warm glow of our premier episode of The Connected Security Lounge, a new Juniper webinar series exploring the intersection of two topics dear to my heart: security and networking.
