Computer futurists have long predicted the eventual demise of the so-called perimeter, but the truth is that physical networks – and the solutions to secure them – are far from their last days.
And while the cloud has heralded the arrival of infrastructure as a service (IaaS) and software-defined networks (SDN), ultimately these services are delivered from physical data centers, though distributed and scattered across the globe. For traditional businesses with on-premises IT infrastructures, network security continues to become more complex in order to cope with increasingly sophisticated cyber attackers.
Whether on-premises or in the cloud, IT infrastructures are subject to the same security concerns and are also vulnerable to cyber threats. However, with today’s networks supporting a much larger number of Internet of Things (IoT) users, devices, and sensors, the makeup of the enterprise’s attack surface has changed dramatically. , even compared to just a few years ago.
Network security today
Today’s network security offerings range from traditional Intrusion Detection and Prevention Systems (IDPS) to Next Generation Firewalls (NGFW) and Unified Threat Management (UTM) devices that perform multiple security functions. security in a single appliance.
More recently, the network detection and response (NDR) A category has emerged to describe solutions that use artificial intelligence (AI) / machine learning (ML) and other non-signature-based methods to detect advanced threats lurking in the network.
These solutions are also designed to work well with other tools for simplified remediation, threat hunting, and more.
Network security market
The network security market is should increase from $ 27.39 billion in 2021 to $ 60.38 billion in 2028, at a compound annual growth rate (CAGR) of 12.0% over the forecast period.
Factors such as the global shift to working from home and the resulting spike in remote access have led to an increase in the company’s network traffic and the number of different devices, which in turn translates into an increase in the number of different devices. greater exposure to the risk of threats such as ransomware and disruption.
Benefits of network security
Enterprise networks today tend to be a mix of on-premises, cloud (IaaS), and sensor / IoT networks at the edge. Now more than ever, comprehensive network security is essential to ensure that excessive exposure to cyber risks does not affect the business. This means being able to collectively monitor and mitigate the cyber risk exposure of these heterogeneous network environments through a single pane of glass.
In addition, the ML-based information provided by today’s network security solutions enable businesses to strengthen their defenses against evolving cyber threats.
Interestingly, many of today’s network security offerings are cloud-based and therefore can scale in real time to business needs as well as natively secure IaaS environments. Several vendors use a similar deployment architecture consisting of network security appliances deployed on premise or in the cloud, managed by a cloud-based security orchestration platform.
Network security use cases
The enterprise IT security market is quite saturated with many players offering overlapping solutions in many cases.
IDPS and UTM are typically bundled together in a single device (i.e. NGFW) these days, although a handful of vendors are developing special Intrusion Detection Sensors (IDS) for specific use cases. individuals (for example, to monitor vessel networks).
IoT and industrial control system (ICS) The network monitoring space is experiencing an increase in demand, especially for use in environments such as manufacturing facilities, power stations, automotive assembly lines, etc.
With many of these industries undergoing digital transformation, the need to monitor support networks for threats is being recognized by a growing number of players. That said, the operational technology (OT) network security space is still relatively new, with room for new disruptors.
More than a few vendors market their solutions in the NDR category. These offerings focus on the use cases of network traffic analysis for the modern enterprise. More often than not, these centralized NDR platforms combine threat detection with security workflow automation, automatic remediation, threat hunting, and more.
Network security providers
Here are the top 10 vendors that provide network security solutions, UTMs and smart firewalls to AI powered network anomaly detection and NDR solutions.
ExtraHop provides continuous network monitoring through its EDR Reveal (x) platform. Its cloud-based solution offers automatic discovery and classification capabilities for real-time visibility of both on-premises and virtualized / cloud-based IT infrastructures.
A leader in network security, Fortinet has developed its flagship product FortiGate NGFW with advanced UTM capabilities in a unified intelligent firewall, making it easier for customers to monitor / protect their networks through a single window.
An established name in network security, Sophos offers an NGFW with enterprise grade firewall capabilities as well as advanced features for protection against modern cyber threats such as advanced malware, drive-thru downloads, botnets, and more.
Tenable is perhaps best known for its Nessus vulnerability scanner; However, its solutions for corporate network visibility are also popular for detecting, identifying and mitigating threats across the entire IT fabric of an organization, whether on-premises, in the cloud, or in an enterprise environment. industrial / operational technology (OT).
A leader in OT network security, Claroty has developed a platform that provides industrial companies with comprehensive visibility, monitoring and threat detection on the network. Its solution was designed to monitor both standard computer networks as well as OT environments with Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems.
Vectra’s platform monitors both on-premises and cloud-based networks with AI-powered capabilities for advanced threat detection and risk awareness. By using machine learning (ML) to enrich the collected network metadata, organizations can perform more contextual and accurate assessments of their network’s risk.
The Fidelis network is an NDR platform that provides monitoring of individual endpoints as well as entire networks. Like Vectra (and many others), the solution uses AI / ML to enrich network metadata in the use cases of network security analysis and threat hunting.
VMware is best known as the leader in virtual machines, but it also offers a range of cybersecurity solutions for businesses. Its NSX (formerly Lastline Defender) platform was designed to detect advanced network threats and security incidents in on-premises networks and in the cloud.
While Forescout offers a range of traditional corporate network monitoring tools, the company has positioned itself as a security provider for “enterprise of things” – or corporate networks supporting a combination of IT, OT and IoT devices.
Darktrace’s AI-powered cybersecurity suite enables businesses to automatically detect network anomalies and advanced threats, malicious signals that can be difficult to recognize using standard network monitoring tools and solutions IDPS.
Network security continues to evolve as organizations become more heterogeneous in their IT environments.
From cloud to edge, modern businesses need solutions that are both streamlined for centralized management and flexible enough to monitor any type of network deployment, whether virtualized / cloud-based or on-premises, traditional IT or based on IoT sensors.
And as malicious actors continue to evolve in their capabilities, network security controls must also be highly adaptable. To this end, leading AI / ML-based NDR platforms are redefining the next generation of network security solutions.
See more : Best Threat Intelligence Platforms for 2021