Data security is an essential part of the day-to-day mission for any diligent business, but it is also a challenge because of the complexity of how we store, access, and use data while continuing to grow. Therefore, finding effective ways to secure it has been a priority, which has led to the development of data security posture management (DSPM) solutions.

What Value Does a DSPM Solution Provide?

DSPM solutions help organizations build a detailed view of their data environment and associated security risks across three key areas:

• Discovery and classification: This is the fundamental first step, as you can’t secure what you don’t know exists. Solutions look across cloud repositories—platform as a service (PaaS), infrastructure as a service (IaaS), and software as a service (SaaS)—as well as on-premises sources to discover and classify data, looking for sensitive information that could be misused.
• Access reviews: Monitoring who is using critical data, what they’re doing with it, and where they’re doing it from is the next step. It’s also important to track the ways in which sensitive data moves through and out of an organization. DSPM solutions review this information looking for misconfigurations, patterns, poorly configured repositories, and over-provisioned rights.
• Risk analysis: Once the above analysis is complete, DSPM solutions present a clear proposed security posture. They highlight risks, report on compliance against security frameworks, and offer guidance on how to lower these risks. Without insight into these areas, it’s impossible to apply robust data security.

This type of analysis can be done with native tools and skilled operations teams, but DSPM solutions bring all of these actions and insights into one tool, automating the effort and providing additional intelligence along the way—often more quickly and more accurately than a human.

How Will AI Impact the DSPM Market?

The original purchase drivers of data security tools were the introduction of GDPR, the European Union regulation, and a flurry of other data privacy legislation. Organizations needed to understand their data and where it presented regulatory risk, driving an increased adoption of discovery, classification, and security tools.

It’s likely that artificial intelligence (AI) will drive a new wave of DSPM adoption. AI learning models present a range of opportunities for businesses to mine their data for new insights, creativity, and efficiency, but they also present risks. Given the wrong access to data or even access to the wrong data, AI tools can introduce a range of security and commercial business risks. For example, if tools surface information to users that they would not normally be able to access or present inaccurate information to customers and partners, this could result in negative commercial and legal impacts.

Therefore, it’s essential for organizations to take steps to ensure that the data models that AI is using are both accurate and appropriate. How do they do that? They need insight into their data and to understand when and what information AI learning models are accessing and whether that data is still valid. AI usage should have us thinking about how to ensure the quality and security of our data. DSPM may just be the answer.

Are DSPM Solutions Worth the Investment?

The reality is “it depends.” It’s useful to realize that while DSPM solutions can definitely deliver value, they are complex and come with a cost that’s more than financial. Fully adopting the technology, as well as an effective DSPM process, requires operational and cultural change. These types of changes do not come easily, so it’s important that a strong use case exists before you begin looking at DSPM.

The most important thing you should consider before adoption is the business case. Data security is fundamentally a business problem, so adopting DSPM cannot be an IT project alone; it must be part of a business process.

The strongest business case for deployment comes from organizations in heavily regulated industries, such as finance, healthcare, critical infrastructure, and pharma. These usually demand compliance with strict regulations, and businesses must demonstrate their compliance to boards, regulators, and customers.

The next most common business case is companies for which data is the business, such as those involved in data exchange and brokering. They demand the most stringent controls because any failures in security could lead to business failure.

If you’re not in one of those types of organizations, it doesn’t mean that you shouldn’t adopt a DSPM solution, but you do need to consider your business case carefully and ensure there’s buy-in from senior management before you begin a DSPM project.

Stand Up Straight, and Get your Data Security Posture Right

A good data security posture is essential to all businesses. A DSPM tool will give you the insight, guidance, and controls you need and do it more quickly and effectively than pulling together information from several different tools and resources, improving your organization’s posture more quickly and saving on costs at the same time.

So, don’t slouch, sit up straight, and improve your data security posture.

Next Steps

To learn more, take a look at GigaOm’s DSPM Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating DSPM Solutions
• GigaOm Radar for DSPM

The post Everything Your Parents Told You About Posture Is True! Even For Data Security appeared first on Gigaom.

The question is: which one is right for your business?

Head-to-Head SSE vs. SASE

The key differences between SSE and SASE primarily revolve around their scope and focus within the IT security and network architecture landscape.

Target Audience

• SSE is particularly appealing to organizations that prioritize security over networking or have specific security needs that can be addressed without modifying their network architecture.
• SASE is aimed at organizations seeking a unified approach to managing both their network and security needs, especially those with complex, distributed environments.

Design Philosophy

• SSE is designed with a security-first approach, prioritizing cloud-centric security services to protect users and data regardless of location. It is particularly focused on securing access to the web, cloud services, and private applications.
• SASE is designed to provide both secure and optimized network access, addressing the needs of modern enterprises with distributed workforces and cloud-based resources. It aims to simplify and consolidate network and security infrastructure.

Scope and Focus

• SSE is a subset of SASE that focuses exclusively on security services. It integrates various security functions, such as cloud access security broker (CASB), firewall as a service (FWaaS), secure web gateway (SWG), zero-trust network access (ZTNA), and other security functions into a unified platform.
• SASE combines both networking and security services in a single, cloud-delivered service model. It includes the same security functions as SSE but also incorporates networking capabilities like SD-WAN, WAN optimization, and quality of service (QoS).

Connectivity

• SSE does not include SD-WAN or other networking functions, focusing instead on security aspects. It is ideal for organizations that either do not require advanced networking capabilities or have already invested in SD-WAN separately.
• SASE includes SD-WAN and other networking functions as part of its offering, providing a comprehensive solution for both connectivity and security. This makes it suitable for organizations looking to consolidate their network and security infrastructure into a single platform.

Implementation Considerations

• SSE can be a strategic choice for organizations looking to enhance their security posture without overhauling their existing network infrastructure. It allows for a phased approach to adopting cloud-based security services.
• SASE represents a more holistic transformation, requiring organizations to integrate their networking and security strategies. It is well-suited for enterprises undergoing digital transformation and seeking to streamline their IT operations.

In summary, the choice between SSE and SASE depends on an organization’s specific needs. SSE offers a focused, security-centric solution, while SASE provides a comprehensive, integrated approach to both networking and security.

Pros and Cons of SSE and SASE

While cloud-based security solutions like SSE and SASE have been gaining traction as organizations move toward more cloud-centric, flexible, and remote-friendly IT environments, each has pros and cons.

Pros of SSE and SASE

Enhanced Security

• SSE provides a unified platform for various security services like SWG, CASB, ZTNA, and FWaaS, which can improve an organization’s security posture by offering consistent protection across all users and data, regardless of location.
• SASE combines networking and security into a single cloud service, which can lead to better security outcomes due to integrated traffic inspection and security policy implementation.

Scalability and Flexibility

• Both SSE and SASE offer scalable security solutions that can adapt to changing business needs and accommodate growth without the need for significant infrastructure investment.

Simplified Management

• SSE simplifies the management of security services by consolidating them into a single platform, reducing complexity and operational expenses.
• SASE reduces the complexity of managing separate networking and security products by bringing them under one umbrella.

Improved Performance

• SSE can improve user experience by providing faster and more efficient connectivity to web, cloud, and private applications.
• SASE often leads to better network performance due to its built-in private backbone and optimization features.

Cost Savings

• Both SSE and SASE can lead to cost savings by minimizing the need for multiple security and networking products and reducing the overhead associated with maintaining traditional hardware.

Cons of SSE and SASE

Security Risks

• SSE may not account for the unique needs of application security for SaaS versus infrastructure as a service (IaaS), potentially leaving some attack surfaces unprotected.
• SASE adoption may involve trade-offs between security and usability, potentially increasing the attack surface if security policies are relaxed.

Performance Issues

• Some SSE solutions may introduce latency if they require backhauling data to a centralized point.
• SASE may have performance issues if not properly configured or if the network is not tuned to work with cloud-native technologies.

Implementation Challenges

• SSE can be complex to implement, especially for organizations with established centralized network security models.
• SASE may involve significant changes to traditional infrastructure, which can disrupt productivity and collaboration during the transition.

Data Privacy and Compliance

• SSE must ensure data privacy and compliance with country and regional industry regulations, which can be challenging for some providers.
• SASE may introduce new challenges in compliance and data management due to the distribution of corporate data across external connections and cloud providers.

Dependency on Cloud Providers

• Both SSE and SASE increase dependency on cloud providers, which can affect control over data and systems.

Vendor Lock-In

• SSE could further confuse some who initially believe it is something separate from SASE, leading to potential vendor lock-in.
• With SASE, there’s a risk of single provider lock-in, which may not be suitable for businesses requiring advanced IT security functionality.

While both SSE and SASE offer numerous benefits, they also present numerous challenges. Organizations must carefully weigh these factors to determine whether SSE or SASE aligns with their specific needs and strategic goals.

Key Considerations When Choosing Between SSE and SASE

When choosing between SSE and SASE, organizations must consider a variety of factors that align with their specific requirements, existing network infrastructure, and strategic objectives.

Organizational Security Needs

• SSE is ideal for organizations prioritizing security services embedded within their network architecture, especially those in sectors like finance, government, and healthcare, where stringent security is paramount.
• SASE is suitable for organizations seeking an all-encompassing solution that integrates networking and security services. It provides secure access across various locations and devices, tailored for a remote workforce.

Security vs. Network Priorities

• If security is the top priority, SSE provides a comprehensive set of security services for cloud applications and services.
• If network performance and scalability need to be improved, SASE may be the better option.

Support for Remote Workers and Branch Offices

• SSE is often integrated with on-premises infrastructure and may be better suited for organizations looking to strengthen network security at the edge.
• SASE is often a cloud-native solution with global points of presence, making it ideal for enterprises seeking to simplify network architecture, especially for remote users and branch offices.

Cloud-Native Solution vs. Network Infrastructure Security

• SSE is deployed near data origin and emphasizes strong load balancing and content caching with firewalls or intrusion prevention systems.
• SASE enables secure, anywhere access to cloud applications, integrating various network and security functions for a streamlined approach.

Existing Network Infrastructure

• Organizations with complex or legacy network infrastructures may find SASE a better choice, as it can provide a more gradual path to migration.
• For cloud-native organizations or those with simpler network needs, SSE may be more appropriate.

Vendor Architecture and SLAs

• Ensure the chosen SSE vendor has strong service-level agreements (SLAs) and a track record of inspecting inline traffic for large global enterprises.
• For SASE, a single-vendor approach can simplify management and enhance performance by optimizing the flow of traffic between users, applications, and the cloud.

Flexibility and Scalability

• SSE should be flexible and scalable to address enterprise needs without sacrificing function, stability, and protection.
• SASE should be adaptable to dynamic business needs and offer a roadmap that aligns with IT initiatives and business goals.

Budget Considerations

• SASE solutions are typically more expensive up front but can offer significant cost savings in the long run by eliminating the need for multiple security appliances and tools.
• SSE might be a more cost-effective option for organizations that do not require the full suite of networking services included in SASE.

Transition Path to SASE

• SSE can serve as a stepping stone in the transition from traditional on-premises security to cloud-based security architecture, providing a clear path to SASE when the organization is ready.

Consultation with Experts

• It is advisable to consult with network security experts to assess needs and requirements before recommending the best solution for the organization.

Next Steps

In summary, the choice between SSE and SASE depends on an organization’s specific needs. While SSE offers a focused, security-centric solution, SASE provides a comprehensive, integrated approach to both networking and security.

Take the time to make a thorough assessment of your organization’s needs before deciding which route to take. Once that’s done, you can create a vendor shortlist using our GigaOm Key Criteria and Radar reports for SSE and/or SASE.

These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating SSE Solutions
• GigaOm Radar for SSE
• GigaOm Key Criteria for Evaluating SASE Solutions
• GigaOm Radar for SASE

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post SSE vs. SASE: Which One is Right for Your Business? appeared first on Gigaom.

The Value Proposition of De-Verticalization

The strategic logic for de-verticalization is illustrated by the trend which began in the 1990s of outsourcing facilities’ maintenance and janitorial services.

A company that specializes in–let’s say–underwriting insurance policies must dedicate its mindshare and resources to that function if it expects to compete at the top of its field. While it may have had talented janitors with the necessary equipment on staff, and while clean facilities are certainly important, facilities maintenance is a cost center that does not provide a strategic return on what matters most to an insurance company. Wouldn’t it make more sense for both insurance and janitorial experts to dedicate themselves separately to being the best at what they do and avail those services to a broader market?

This is even more true for a data center. The era of verticalized technology infrastructure seems largely behind us. Though it’s a source of nostalgia for us geeks who were at home among the whir of the server rack fans, it’s easy enough to see why shareholders might have viewed it differently. Infrastructure was a cost center within IT, while IT as a whole is increasingly seen as a cost center.

The idea of de-verticalization was first pitched as something that would save money and allow us to work more efficiently. The more efficient part was intuitive, but there was immediate skepticism that budgets would actually shed expenses as hoped. At the very least it would be a long haul.

The Road to Performance and Cost Optimization

We find ourselves now somewhere in the middle of that long haul. The efficiencies certainly have come to pass. Having the build script deploy a new service to a Kubernetes cluster on the cloud is certainly nicer than waiting weeks or months for a VM to be approved, provisioned, and set up. But while the cloud saves the company money in the aggregate, it doesn’t show up as cheaper at the unit level. So, it’s at that level where anything that can be shed from the budget will be a win to celebrate.

This is a good position to be in. Opportunities for optimization abound under a fortuitous new circumstance: the things that technologists care about, like performance and power, dovetail precisely with the things that finance cares about, like cost. With the cloud, they are two sides of the same coin at an almost microscopic level. This trend will only accelerate.

To the extent that providers of computational resources (whether public cloud, hypervisors, containers, or any self-hosted combination) have effectively monetized these resources on a granular level and made them available a la carte, performance optimization and cost optimization sit at different ends of a single dimension. Enhancing a system’s performance or efficiency will reduce resource consumption costs. However, cost reduction is limited by the degree to which trade-offs with performance are tolerable and clearly demarcated. Cloud resource optimization tools help organizations strike the ideal balance between the two.

Choosing the Right Cloud Resource Optimization Solution

With that premise in mind, selecting the right cloud resource optimization solution should start by considering how your organization wants to approach the problem. This decision is informed by overall company philosophy and culture, what specific problems or goals are driving the initiative, and an anticipation of where overlapping capabilities may fulfill future business needs.

If the intent is to solve existing performance issues or to ensure continued high availability at future scale while knowing (and having the data to illustrate) you are paying no more than is necessary, focus on solutions that lean heavily into performance-oriented optimization. This is especially the case for companies that are developing software technology as part of their core business.

If the intent is to rein in spiraling costs or even to score some budgeting wins without jeopardizing application performance, expand your consideration to solutions that offer a broader FinOps focus. Tools with a FinOps focus tend to emphasize informing engineers of cost impacts, and may even make some performance tuning suggestions, but they are overall less prescriptive from an implementation standpoint. Certain organizations may find this approach most effective even if they are approaching the problem from a performance point of view.

Now that many organizations have successfully migrated large portions of their application portfolio to the cloud, the remaining work is largely a matter of cleaning up and keeping the topology tidy. Why not trust that job to a tool that is purpose-made for optimizing cloud resources?

Next Steps

To learn more, take a look at GigaOm’s cloud resource optimization Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating Cloud Resource Optimization Solutions
• GigaOm Radar for Cloud Resource Optimization

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post Save Money and Increase Performance on the Cloud appeared first on Gigaom.

Microsegmentation is a Multiple-Entity Construct

In absolute terms, when you define a microsegment, you dictate the policies applied to a single entity, such that it allows some traffic or requests while blocking others. However, traffic always flows between two entities, so both endpoints must be considered.

On one end, you have the entity you want to isolate—let’s say a container. On the other, you have all the other entities that will communicate with the container you want to isolate. It’s worth noting that these requests are likely bidirectional, but for the sake of simplicity, we will assume ingress traffic only.

When looking to isolate a container, sophisticated policies (other than allow/block) need to consider requests from a wide range of entities, which include other containers, virtual machines, developers and administrators, function as a service (FaaS)-based microservices, external APIs, monolithic applications, IoT devices, and OT devices.

The underlying technologies that can define policies between containers and all these other types of entities include container networking interfaces for container-to-container communication, service meshes for service-to-container communication, ingress controllers for cloud or data center workload-to-container communication, secure shell for administrator-to-container communication, and so on.

It quickly becomes obvious that defining these policies involves a lot of components that span across disciplines. Some solutions choose to deploy agents as a single point for managing policies, but organizations increasingly favor agentless solutions.

When working with a microsegmentation solution, the day-to-day activities of defining and managing these policies will not involve directly working with all these technologies because they abstract all these aspects and provide an intuitive GUI.

The reason I am highlighting this is to evaluate a solution. Depending on the types of assets you need protected, the supported entities are by far the most important evaluation aspect. If you want to protect IoT devices, but a solution does not support that, it should be immediately excluded.

Microsegmentation is Not Just Network-Based

Those with a networking background, myself included, borrow the segmentation concept from firewall-defined network segments. It’s both useful and relevant, and you can see this concept being carried over in distributed firewall solutions provided by the likes of Aviatrix, VMware, and Nutanix.

But there are two more ways of isolating entities besides using network constructs:

1. Using identity-based policy enforcement. This offers controls that are independent of network constructs such as IPs. Access can be governed using attributes such as operating system type, patch status, VM name, Active Directory groups, and cloud-native identities like labels, tags, and namespaces. Solutions can also assign labels or categorize entities natively to remove dependencies on third-party labeling systems.
2. Using process-based policy enforcement. For example, the microsegmentation solutions can monitor the running processes on every entity, capturing detailed context for each process and its associated libraries. Process and library hashes can be assessed against a threat data feed to identify malicious code execution and detect variation from known good processes. Processes can include applications, services, daemons, or scripts, and details such as process name, path, arguments, user context, and parent processes. If a malicious process is detected, the entity is then isolated from communicating with the rest of the network.

At the end of the day, you can’t cut off communications without involving the network, but the microsegmentation policy itself does not have to be dependent on networking constructs, such as 5-tuples.

Next Steps

When evaluating microsegmentation solutions, I recommend you approach them as highly sophisticated designers of security policies. Most often, an entity can be isolated just by blocking ports. So, the effectiveness of the solution will depend on whether it can support all the entities you need to protect and how easy it is to manage all the policy permutations.

To learn more, take a look at GigaOm’s microsegmentation Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating Microsegmentation Solutions
• GigaOm Radar for Microsegmentation

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post There’s Nothing Micro About Microsegmentation appeared first on Gigaom.

Discovering XDR: Past and Present

My previous stint in developing an XDR prototype was imbued with the vision of creating a unified platform that could offer a panoramic view of security threats, moving beyond siloed defenses. Fast forward to my recent exploration, and it’s clear that the industry has taken this vision and run with it—molding XDR into a comprehensive solution that integrates across security layers to offer unparalleled visibility and control.

The research process was akin to piecing together a vast jigsaw puzzle. Through a blend of reading industry white papers, diving deep into knowledge-base articles, and drawing from my background, I charted the evolution of XDR from a promising prototype to a mature cybersecurity solution. This deep dive not only broadened my understanding but also reignited my enthusiasm for the potential of integrated defense mechanisms against today’s sophisticated cyberthreats.

The Adoption Challenge: Beyond Integration

The most formidable challenge that emerged in adopting XDR solutions is integration complexity—a barrier we had anticipated in the early development days and has only intensified. Organizations today face the Herculean task of intertwining their diversified security tools with an XDR platform, where each tool speaks a different digital language and adheres to distinct protocols.

However, the adoption challenges extend beyond the technical realm. There’s a strategic dissonance in aligning an organization’s security objectives with the capabilities of XDR platforms. This alignment is crucial, yet often elusive, as it demands a top-down reevaluation of security priorities, processes, and personnel readiness. Organizations must not only reconcile their current security infrastructure with an XDR system but also ensure their teams are adept at leveraging this integration to its fullest potential.

Surprises and Insights

The resurgence of AI and machine learning within XDR solutions echoed the early ambitions of prototype development. The sophistication of these technologies in predicting and mitigating threats in real time was a revelation, showcasing how far the maturation of XDR has come. Furthermore, the vibrant ecosystem of partnerships and integrations underscored XDR’s shift from a standalone solution to a collaborative security framework, a pivot that resonates deeply with the interconnected nature of digital threats today.

Reflecting on the Evolution

Since venturing into XDR prototype development, the sector’s evolution has been marked by a nuanced understanding of adoption complexities and an expansion in threat coverage. The emphasis on refining integration strategies and enhancing customization signifies a market that’s not just growing but maturing—ready to tackle the diversifying threat landscape with innovative solutions.

The journey back into the XDR landscape, juxtaposed against my early experiences, was a testament to the sector’s dynamism. As adopters navigate the complexities of integrating XDR into their security arsenals, the path ahead is illuminated by the promise of a more resilient, unified defense mechanism against cyber adversaries. The evolution of XDR from an emerging prototype to a cornerstone of modern cybersecurity strategies mirrors the sector’s readiness to confront the future—a future where the digital well-being of organizations is shielded by the robust, integrated, and intuitive capabilities of XDR platforms.

Next Steps

To learn more, take a look at GigaOm’s XDR Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating XDR Solutions
• GigaOm Radar for XDR

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post The Quest for Extended Detection and Response (XDR): Unraveling Cybersecurity’s Next Generation appeared first on Gigaom.

However, a trending misconception in the realm of networking is the notion that all NOSs are essentially the same, offering similar features, performance, and capabilities. This myth stems from a fundamental misunderstanding of the diverse requirements of different network types and the specialized functionalities that various NOSs are designed to provide.

In this blog, we’ll explore why this perception is flawed.

Diverse Network Requirements

Networks vary significantly in scale, complexity, and purpose. As a result, the choice of a NOS depends on various factors, including the network architecture (peer-to-peer versus client-server), the scale of the network, and specific requirements such as security, resource management, and user administration.

For example, a data center network, designed to manage high volumes of traffic and ensure reliable data storage and access, has vastly different requirements from a small office network, which may prioritize ease of use and minimal setup. Similarly, core networks, which form the backbone of the internet, demand high performance and robustness, in contrast with edge networks that require low latency and are often tailored for specific IoT applications.

Moreover, different NOSs offer varying levels of customization and scalability, catering to organizations’ specific needs. For example, some use cases, such as peering, require a NOS to support the full internet routing table (also known as the full border gateway protocol, or BGP, table) of over 1 million entries—including rapidly relearning the table and rerouting traffic in the event of a link or node failure—to ensure comprehensive connectivity and optimal routing decisions across the global internet based on various metrics such as the shortest path, least number of autonomous system (AS) hops, or other policy-based decisions. This can lead to improved performance and lower latency for end users but isn’t essential for a data center network with only a few segments.

Another factor is the need for the NOS to support different services based on the use case. Fixed edge networks must be able to support multiple services, such as quality of service (QoS) for maintaining the performance of latency-sensitive applications such as VoIP, video conferencing, and streaming services, internet protocol television (IPTV) for multicast streaming of high-quality video content with minimal latency, and carrier-grade network address translation (CGNAT) for ISPs to optimize existing IPv4 infrastructure and delay the investment required for IPv6 deployment. While QoS and IPTV need to be carried through to the aggregation network, CGNAT only needs to be done once at the edge, affecting the choice of NOS for each use case.

Features and Optimizations Vary by Type of Network

To meet these varied requirements, each NOS is developed with specific features and optimizations. For example, a NOS designed for data center operations might focus on virtualization capabilities and high-speed data processing, while a NOS for edge computing would prioritize low-latency data processing and lightweight deployment.

Data Center Networks

• Function: Data center networks are designed to house and provide connectivity for servers and storage systems that host applications and data.
• NOS features: NOSs for data centers are optimized for high-density server environments, virtualization, and storage networking. They often include features for data center bridging, overlay networks, and support for software-defined networking (SDN).

Core Networks

• Function: Core networks serve as the high-capacity backbone for data transmission across different regions or between different network layers.
• NOS features: Core network NOSs are designed for high throughput and reliability, with advanced routing protocols, high-speed packet forwarding, and support for large-scale network topologies.

Aggregation Networks

• Function: Aggregation networks collect traffic from access networks before it is sent to the core network, managing traffic from multiple sources.
• NOS features: NOSs for aggregation networks typically include capabilities for traffic management, QoS, and support for medium to high data throughput.

Peering Networks

• Function: Peering networks facilitate the exchange of traffic between different ISPs or large networks, often to reduce transit costs and improve performance.
• NOS features: NOSs in peering networks often have features for BGP routing, traffic filtering, and security controls to manage the exchange of routes and data with other networks.

Access Networks

• Function: Access networks connect end-user devices to the network, serving as the entry point for users to access network services.
• NOS features: Access network NOSs are designed for managing a large number of end-user connections, providing features like DHCP, DNS, and user authentication.

Fixed-Edge Networks

• Function: Fixed-edge networks are designed to deliver content and services with minimal latency by being closer to the end users.
• NOS features: Fixed-edge network NOSs may include features for local data processing, IoT support, and integration with edge computing platforms optimized for low latency.

Mobile-Edge Networks

• Function: Mobile-edge networks are part of the mobile telecommunications infrastructure, designed to bring computing resources closer to mobile users and devices.
• NOS features: Mobile-edge NOSs are optimized for the mobile environment, supporting features like mobile backhaul, real-time analytics, and seamless integration with mobile network functions.

Cloud Networks

• Function: Cloud networks provide scalable and flexible networking capabilities for cloud services, supporting a wide range of applications and services.
• NOS features: Cloud network NOSs are built for virtualized environments, offering features that support multitenancy, cloud orchestration, and dynamic resource allocation.

Tailored NOS Features

Since each type of network has distinct requirements and challenges, the NOS deployed must be specifically tailored to meet those needs. For example, a data center NOS must handle the high-density and virtualization demands of modern data centers, while a core network NOS focuses on high-speed, reliable data transport. Aggregation and peering network NOSs manage traffic flows and routing exchanges, respectively. Access network NOSs ensure connectivity for end users, and edge network NOSs (both fixed and mobile) are optimized for delivering services with low latency. Cloud network NOSs are designed to operate in virtualized cloud environments, providing the flexibility and scalability required for cloud services.

Security needs and compliance requirements can also dictate the choice of NOS. Certain environments may require specialized security features or compliance with specific standards, influencing the selection of a NOS that can adequately meet these demands. In addition, open source NOSs allow users to modify and adapt the software to unique requirements, which is particularly beneficial for specialized or evolving network environments.

Choosing the Right NOS for Your Business

The misbelief that all NOS are created equal overlooks the nuanced and diverse landscape of network technologies and requirements. Understanding the specific features, capabilities, and optimizations of different NOSs is crucial for selecting the right system to support an organization’s unique network infrastructure and objectives.

GigaOm has just released the 2024 NOS Radar reports across three market segments—mobile network operators and network service providers (MNOs and NSPs), communication service providers and managed service providers (CSPs and MSPs), and large enterprises and small-to-medium businesses (SMBs)—based on technical features and business criteria tailored to each market segment. While many of the solutions appear on each Radar, choosing the right NOS for the network is not as simple as picking one of the Leaders or Challengers. Just because one NOS is positioned as a Leader doesn’t necessarily mean that it’s right for you. Even adjacent NOSs may focus on entirely different networks.

By debunking the myth that all NOSs are created equal, organizations can make informed decisions that enhance their network’s performance, security, and efficiency.

Next Steps

To learn more, take a look at GigaOm’s NOS Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating Network Operating Systems
• GigaOm Radar for Network Operating Systems: MNOs and NSPs
• GigaOm Radar for Network Operating Systems: CSPs and MSPs
• GigaOm Radar for Network Operating Systems: Large Enterprises and SMBs

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post Debunking Myths: All Network Operating Systems are NOT Created Equal appeared first on Gigaom.

However, it’s not without its challenges.

NetDevOps, Automation, and Orchestration—What’s What?

NetDevOps, network automation, and network orchestration are interconnected concepts within the realm of modern network management, each playing a distinct role in how networks are designed, operated, and maintained. While network automation deals with automating individual network tasks, network orchestration coordinates these automated tasks across the entire network for more efficient management. NetDevOps, on the other hand, is a broader approach that incorporates both automation and orchestration principles, along with DevOps practices, to enhance network agility, efficiency, and collaboration between network and development teams.

Challenges to NetDevOps Success

Networking teams face several challenges when implementing NetDevOps, which can hinder the transition from traditional network management practices to more agile and automated operations. These challenges include:

1. Automation and tool integration: Automating network operations and integrating various tools into a cohesive NetDevOps pipeline can be complex. Teams often struggle with selecting the right tools, standardizing data formats, and creating seamless workflows that span across different network domains and technologies.
2. Tool limitations and scalability: Relying on a limited set of tools or niche solutions can restrict the growth and scalability of NetDevOps initiatives. Scaling network infrastructure with paid models can also become prohibitively expensive.
3. Unstandardized data: Without standardized data, creating effective automation and NetDevOps processes is challenging. Teams may face issues with redundant data sets, lack of trust in network data, and difficulties in managing the complexities of a network with multiple moving parts.
4. Integration with existing processes: Integrating NetDevOps practices with existing network management and IT processes can be challenging. Organizations must ensure that new workflows and automation strategies align with their current operational models and business objectives.
5. Lack of expertise: Implementing a NetDevOps approach requires expertise in both networking and software development. Network engineers who traditionally focused on hardware and CLI-based configurations must now acquire new skills in software development, automation tools, and APIs. This transition can be challenging due to the steep learning curve and the need to balance ongoing network operations with professional development.
6. Cultural and organizational changes: The shift to NetDevOps requires significant cultural changes within organizations. Teams must move away from siloed operations to a more collaborative approach that integrates network operations with software development practices. This cultural shift can be difficult to achieve and requires buy-in from all levels of the organization.
7. Resistance to change: Network operations personnel may resist the shift to NetDevOps due to fear of the unknown, potential job displacement, or concerns about the reliability of automated processes. Overcoming this resistance is crucial for successful implementation.

Out of all of these challenges, the last one, resistance to change, is the most critical because the success of NetDevOps hinges not just on the adoption of new technologies and processes but, more importantly, on the willingness of individuals and teams to embrace these changes.

10 Steps for Overcoming Resistance and Creating Resilience

Overcoming cultural resistance to NetDevOps involves a multifaceted approach that addresses the concerns and habits of teams accustomed to traditional network management practices. Here are some strategies to facilitate this transition:

1. Management buy-in and leadership support: Secure support from top leadership to drive the cultural shift. Leaders should actively promote the adoption of NetDevOps practices and allocate resources for training and implementation.
2. Clear and consistent communication: Explain the benefits of NetDevOps, including how it can improve network reliability, security, and efficiency. Highlight success stories and case studies to illustrate its positive impact.
3. Highlight the role of network engineers in NetDevOps: Emphasize the crucial role that network engineers play in the NetDevOps ecosystem, transitioning from manual configurations to coding and automation, thereby elevating their strategic importance.
4. Training and professional development: Invest in training programs to upskill network engineers, software developers, and operations teams in DevOps principles, tools, and processes. Encourage certifications and continuous learning to build confidence in the new approach.
5. Promote collaboration across teams: Foster a culture of collaboration by organizing cross-functional teams and encouraging open communication. Use tools and platforms that facilitate collaboration and visibility across network and development teams.
6. Embrace automation gradually: Introduce automation in stages, beginning with repetitive and low-risk tasks. As teams become more comfortable with automation, expand its use to more complex network operations.
7. Pilot projects and phased implementation: Start with small, manageable pilot projects that allow teams to experience the NetDevOps process and see tangible benefits. Gradually expand the scope as confidence and competence grow.
8. Create a feedback loop: Implement a feedback mechanism where team members can share their experiences, concerns, and suggestions regarding the NetDevOps transition. Use this feedback to adjust strategies and address specific challenges.
9. Celebrate successes and recognize contributions: Acknowledge and reward teams and individuals who successfully adopt NetDevOps practices. Celebrating small wins can motivate others and reinforce the value of the new approach.
10. Foster a culture of continuous improvement: Encourage experimentation, learn from failures, and continuously seek ways to improve network operations and collaboration. This cultural shift is essential for the sustained success of NetDevOps.

By addressing cultural resistance through these 10 steps, organizations can successfully transition to a NetDevOps model, creating a more agile, efficient, and resilient network aligned with business goals.

The Bottom Line

NetDevOps is an essential approach for organizations seeking to manage network infrastructure and configurations more efficiently and effectively. By adopting NetDevOps principles and best practices, you can automate and scale network operations, improve collaboration between network and development teams, and ensure network changes are aligned with application requirements and business goals.

Take the first step toward planning your NetDevOps project today! Assess your current state, set clear goals, and develop a roadmap for implementation. Evaluate tools that align with your objectives and integrate well with your existing environment, including open-source options to avoid vendor lock-in. With the right preparation, collaboration, and tools, your organization can successfully adopt NetDevOps and reap the benefits of a more agile and resilient network infrastructure.

Next Steps

To learn more, take a look at GigaOm’s NetDevOps Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating NetDevOps Solutions
• GigaOm Radar for NetDevOps

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post From Resistance to Resilience: A Strategic Approach to NetDevOps Integration appeared first on Gigaom.

What Is the Ruling?

The new SEC ruling requires disclosure following an incident at a publicly traded company. This should come as no surprise to any organization already dealing with data protection legislation, such as the GDPR in Europe or California’s CCPA. The final rule has two requirements for public companies:

• Disclosure of material cybersecurity incidents within four business days after the company determines the incident is material.
• Disclosure annually of information about the company’s cybersecurity risk management, strategy, and governance.

The first requirement is similar to what GDPR enforces, that breaches must be reported within a set time (72 hours for GDPR, 96 for SEC). To do this, you need to know when the breach happened, what was contained in the breach, who it impacted, and so on. And keep in mind that the 96 hours begins not when a breach is first discovered, but when it is determined to be material.

The second part of the SEC ruling relates to annual reporting of what risks a company has and how they are being addressed. This doesn’t create impossible hurdles—for example, it’s not a requirement to have a security expert on the board. However, it does confirm a level of expectation: companies need to be able to show how expertise has come into play and is acted on at board level.

What are Material Cybersecurity Incidents?

Given the reference to “material” incidents, the SEC ruling includes a discussion of what materiality means: simply put, if your business feels it’s important enough to take action on, then it’s important enough to disclose. This does beg the question of how the ruling might be gamed, but we don’t advise ignoring a breach just to avoid potential disclosure.

In terms of applicable security topics to help companies implement a solution to handle the ruling, this aligns with our research on proactive detection and response (XDR and NDR), as well as event collation and insights (SIEM) and automated response (SOAR). SIEM vendors, I reckon, would need very little effort to deliver on this, as they already focus on compliance with many standards. SIEM also links to operational areas, such as incident management.

What Needs to be Disclosed in the Annual Reporting?

The ruling doesn’t constrain how security is done, but it does need the mechanisms used to be reported. The final rule focuses on disclosing management’s role in assessing and managing material risks from cybersecurity threats, for example.

In research terms, this relates to topics such as data security posture management (DSPM), as well as other posture management areas. It also touches on governance, compliance, and risk management, which is hardly surprising. Yes, indeed, it would be beneficial to all if overlaps were reduced between top-down governance approaches and middle-out security tooling.

What Are the Real-World Impacts?

Overall, the SEC ruling looks to balance security feasibility with action—the goal is to reduce risk any which way, and if tools can replace skills (or vice versa), the SEC will not mind. While the ruling overlaps with GDPR in terms of requirements, it is aimed at different audiences. The SEC ruling’s aim is to enable a consistent view for investors, likely so they can feed into their own investment risk planning. It therefore feels less bureaucratic than GDPR and potentially easier to follow and enforce.

Not that public organizations have any choice, in either case. Given how hard the SEC came down following the SolarWinds attack, these aren’t regulations any CISO will want to ignore.

The post Navigating the SEC Cybersecurity Ruling appeared first on Gigaom.

This is where disaster recovery (DR) and business continuity (BC) come in, ensuring your operations keep humming along even amid chaos. And with the growing popularity of as-a-service solutions, you can now access these critical services without the hefty upfront investment or extensive expertise needed for traditional in-house implementations.

But 2024 brings a twist: artificial intelligence (AI) is rapidly weaving itself into the fabric of DR and BC planning. Let’s explore how this dynamic duo is changing the game.

AI: The Secret Weapon in Your DR/BC Arsenal

Imagine a system that anticipates disruptions before they happen, automatically executes pre-defined recovery processes, and learns from each incident to optimize future responses. That’s the power of AI in DR and BC. Here are some key ways it’s making a difference:

• Predictive analytics: AI algorithms can analyze vast datasets to identify potential vulnerabilities and predict failures with uncanny accuracy. This allows proactive steps like resource scaling or data backups, minimizing downtime and impact.
• Automated recovery: Forget complex manuals and frantic troubleshooting. AI can automate key recovery tasks, like restoring systems or rerouting traffic, ensuring a swift and efficient response.
• Continuous learning: Every incident becomes a learning opportunity. AI constantly analyzes past events to refine its understanding of threats and optimize recovery strategies for future situations.

Finding the Right Partner: DR/BCaaS Vendors

The DR/BCaaS landscape is brimming with solutions. Here are some of the leading players with innovative AI-powered offerings:

• Cloud service providers (CSPs): Major players like Amazon Web Services (AWS), Microsoft Azure, and IBM offer comprehensive DR/BC solutions, leveraging their vast infrastructure and AI capabilities. Their solutions are scalable, secure, and often seamlessly integrate with existing cloud services.
• Managed service providers (MSPs): Offering a more personalized touch, MSPs like Datto, Veeam, and Sungard AS provide tailored DR/BC solutions coupled with expert support and guidance. Their AI-powered tools automate tasks and provide valuable insights.
• Niche specialists: Companies like Acronis focus on specific areas like cybersecurity, offering AI-driven threat detection and incident response solutions that seamlessly integrate with DR and BC plans.

Choosing the right vendor depends on your specific needs, budget, and technical expertise. Look for providers with robust AI capabilities, proven track records, and transparent pricing models.

Embracing the Future: DR/BCaaS in 2024 and Beyond

The future of DR/BCaaS is collaborative, automated, and predictive. AI will play a central role, constantly evolving and learning to safeguard your business against ever-evolving threats. Remember, investing in a DR/BC solution isn’t a frivolous expense, it’s an insurance policy against unforeseen risks. With the right as-a-service solution, you can weather any storm with confidence, ensuring your BC and resilience in the face of the unknown.

Additional Tips:

• Regularly test your DR/BC plans to ensure they are effective.
• Communicate your plans clearly to all stakeholders.
• Stay updated on the latest threats and trends in DR and BC.

By embracing DR/BCaaS and harnessing the power of AI, you can confidently navigate the uncertainty of the future and ensure your business thrives, no matter what comes your way.

Next Steps

To learn more, take a look at GigaOm’s DR/BCaaS Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating DR/BCaaS Solutions
• GigaOm Radar for DR/BCaaS

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post Weathering the Storm: Disaster Recovery and Business Continuity as a Service (DR/BCaaS) in 2024 appeared first on Gigaom.

Edge Flavors Differ

The diversity of edge devices, ranging from low-power, small form factor multicore devices to those with embedded GPUs, underscores a tremendous opportunity to unlock new network capabilities and services. Edge computing addresses the need for real-time processing, reduced latency, and enhanced security in various applications, from autonomous vehicles to smart cities and industrial IoT.

In my research, it became evident that the demand for edge connectivity and computing is being addressed by a diverse market of projects, approaches, and solutions, all with different philosophies about how to tame the space and deliver compelling outcomes for their users. What’s clear is a palpable need for a standardized approach to managing and orchestrating applications on widely scattered devices effectively.

Kubernetes to the Rescue

Kubernetes has emerged as a cornerstone in the realm of distributed computing, offering a robust platform for managing containerized applications across various environments. Its core principles, including containerization, scalability, and fault tolerance, make it an ideal choice for managing complex, distributed applications. Adapting these principles to the edge computing environment, however, presents special challenges, such as network variability, resource constraints, and the need for localized data processing.

Kubernetes addresses these challenges through features like lightweight distributions and edge-specific extensions, enabling efficient deployment and management of applications at the edge.

Additionally, Kubernetes plays a pivotal role in bridging the gap between developers and operators, offering a common development and deployment toolchain. By providing a consistent API abstraction, Kubernetes facilitates seamless collaboration, allowing developers to focus on building applications while operators manage the underlying infrastructure. This collaboration is crucial in the edge computing context, where the deployment and management of applications across a vast number of distributed edge devices require tight integration between development and operations.

Common Use Cases for Deployment

With common deployment in sectors like healthcare, manufacturing, and telecommunications, the adoption of Kubernetes for edge computing is set to increase. This will be driven by the need for real-time data processing and the benefits of deploying containerized workloads on edge devices. One of the key use cases driving the current wave of interest for edge is the use of AI inference at the edge.

The benefits of using Kubernetes at the edge include not only improved business agility but also the ability to rapidly deploy and scale applications in response to changing demands. The AI-enabled edge is a prime example of how edge Kubernetes can be the toolchain to enable business agility from development to staging to production all the way out to remote locations.

With growing interest and investment, new architectures that facilitate efficient data processing and management at the edge will emerge. These constructs will address the inherent challenges of network variability, resource constraints, and the need for localized data processing. Edge devices often have limited resources, so lightweight Kubernetes distributions like K3s, MicroK8s, and Microshift are becoming more popular. These distributions are designed to address the challenges of deploying Kubernetes in resource-constrained environments and are expected to gain further traction. As deployments grow in complexity, managing and securing edge Kubernetes environments will become a priority. Organizations will invest in tools and practices to ensure the security, compliance, and manageability of their edge deployments.

How to Choose the Right Kubernetes for Edge Computing Solution for Your Business

When preparing for the adoption and deployment of Kubernetes at the edge, organizations should take several steps to ensure a smooth process. Although data containers have been around in some form or fashion since the 1970s, modern computing and its use of Kubernetes orchestration is still early in its lifecycle and lacking maturity. Even with its status as the popular standard for distributed computing, the use of Kubernetes in industry has still not hit adoption parity with virtualized computing and networking.

Business Requirements
Enterprises should first consider the scale of their operations and whether Kubernetes is the right fit for their edge use case. Deployment of Kubernetes at the edge must be weighed against the organization’s appetite to manage the technology’s complexity. It’s become evident that Kubernetes on its own is not enough to enable operations at the edge. Access to a skilled and experienced workforce is a prerequisite for its successful use, but due to its complexity, enterprises need engineers with more than just a basic knowledge of Kubernetes.

Solution Capabilities
Additionally, when evaluating successful use cases of edge Kuberentes deployments, six key features stand out as critical ingredients:

• Ecosystem integrations
• Flexible customizations
• Robust connectivity
• Automated platform deployment
• Modern app deployment mechanisms
• Remote manageability

How a solution performs against these criteria is an important consideration to take into account when buying or building an enterprise-grade edge Kubernetes capability.

Vendor Ecosystem
Lastly, the ability of ecosystem vendors and service providers to manage complexity should be seriously considered when evaluating Kubernetes as the enabling technology for edge use cases. Enterprises should take stock of their current infrastructure and determine whether their edge computing needs align with the capabilities of Kubernetes. Small-to-medium businesses (SMBs) may benefit from partnering with vendors or consultants who specialize in Kubernetes deployments.

Best Practices for a Successful Implementation
Organizations looking to adopt or expand their use of Kubernetes at the edge should focus on three key considerations:

• Evaluate and choose the right Kubernetes distribution: Select a Kubernetes distribution that fits the specific needs and constraints of your edge computing environment.
• Embrace multicloud and hybrid strategies: Leverage Kubernetes’ portability to integrate edge computing with your existing cloud and on-premises infrastructure, enabling a cohesive and flexible IT environment.
• Stay abreast of emerging trends: Monitor the latest developments in the edge Kubernetes sector, including innovations in lightweight distributions, AI/ML integration, and security practices. Edge Kubernetes is at the forefront of modern edge computing. By participating in communities and forums, companies get the unique opportunity to share knowledge, learn from peers, and shape the future of the space.

The integration of Kubernetes into edge computing represents a significant advance in managing the complexity and diversity of edge devices. By leveraging Kubernetes, organizations can harness the full potential of edge computing, driving innovation and efficiency across various applications. The standardized approach offered by Kubernetes simplifies the deployment and management of applications at the edge, enabling businesses to respond more quickly to market changes and capitalize on new business opportunities.

Next Steps

The role of Kubernetes in enabling edge computing will undoubtedly continue to be a key area of focus for developers, operators, and industry leaders alike. The edge Kubernetes sector is poised for significant growth and innovation in the near term. By preparing for these changes and embracing emerging technologies, organizations can leverage Kubernetes at the edge to drive operational efficiency, innovation, and competitive advantage for their business.

To learn more, take a look at GigaOm’s Kubernetes for edge computing Key Criteria and Radar reports. These reports provide a comprehensive overview of the market, outline the criteria you’ll want to consider in a purchase decision, and evaluate how a number of vendors perform against those decision criteria.

• GigaOm Key Criteria for Evaluating Kubernetes for Edge Computing Solutions
• GigaOm Radar for Kubernetes for Edge Computing

If you’re not yet a GigaOm subscriber, you can access the research using a free trial.

The post Unlocking the Future of Edge Computing: The Pivotal Role of Kubernetes in Navigating the Next Network Frontier appeared first on Gigaom.