The three challenges of network tool sprawl and how to solve them

October 30, 2020

It’s easy to see how network tool sprawl gets started. The needs and challenges facing security and networking groups are immense. Network speeds have steadily increased, and there are always new demands and uses. Network conditions and requirements change weekly, if not daily. Security threats increase in number and approach. At the same time, technological advancement rapidly brings new solutions to the market that are beneficial in addressing networking and security needs.

Adding or changing tools or solutions becomes essential. Existing tools may have difficulty scaling to network growth and changes, and mismatches of network speeds and interfaces create difficult challenges. Many organizations contend with a jungle of cabling and connectors to get components connected in the right way, and managing this becomes increasingly difficult. This dynamic produces three distinct problems: the sizable work involved in approving each for deployment, the limitations in infrastructure to accommodate solutions and the potential conflicts solutions pose to each other or the network if not operating in logical sequence.

A particularly time-consuming and, perhaps, vexing challenge to SecOps is the process to get a new solution approved for network deployment. Adding security solutions to the network has the ability to introduce new points of failure, possibly limit scalability and potentially affect overall network performance and capacity. Keeping the network a “fine oiled machine” is critical for real-time business, and NetOps pays close attention to anything that could undermine its high-performance operation.

One problem endemic to the vetting of a new network security solution is the lack of clearly established requirements, specifications or even approvals for network solutions. Many times, the wheel gets invented nearly every time in terms of what gets evaluated and the criteria for approval. While obviously reducing the agility of security teams to deploy solutions geared to the latest threats or newest breakthroughs, the process also is time and resource consuming for NetOps. Establishing and maintaining principles for deployments, specifications and processes for review and approval and clear overall procedures and approval chains could help streamline this problem.

In addition, the use of new networking technology can help establish a flexible deployment hub for governing new solutions to protect network performance, scalability and availability. Such a feature helps to reduce a great deal of concerns, since the deployment hub can essentially vouch for the new hardware or software solutions and prevent them from adversely affecting the network. Part of the issue behind traditionally extensive review and approval processes for new network deployments is one of fear and trust. This needs to be met with specifically articulated standards and requirements, and it can be helped with a policy- and logic-driven deployment hub.

A second challenge with network tool sprawl is a limitation of physical resources. Most organizations have limited network SPAN or TAP capacity on switches located in the appropriate part of the network. In addition, there is generally a lack of rack space to host additional hardware solutions needing access to network traffic. Cabling and correctly matching interfaces and speeds is another issue to contend with. A good solution to this problem is two-fold. First, use of tool chaining should enable a nearly unlimited number of solutions access to network traffic. Of course, this exacerbates problems brought by tool sprawl. Second, an ability to virtually host multiple software solutions on a single hardware platform addresses the problem of limited rack space. Third, flexibility to accommodate different network and component speeds and interfaces makes physical connections far less complex and time-consuming.

So then there is the issue endemic to tool sprawl: complexity and potential chaos. One problem to address is the operational flow of traffic processing or inspection. Another is conditional logic that creates a bypass, shutdown or alternative approach is a solution becomes unavailable for any reason. For instance, if a firewall fails, how should traffic be treated? If protection or monitoring of data center traffic fails, what should happen? Should an in-line solution fail open or closed, or can some kind of failover be employed? If failover is used, what should happen with existing connections? Is maintaining state essential? These are all important questions to consider, and organizations should establish the detailed requirements and policies for them. In addition, technology needs to help ensure that policies and logic are maintained as new solutions are deployed.

Tool sprawl has traditionally had a negative connotation for good reason, and, certainly, has been responsible for real problems, but with the proper planning and established guidelines it does not have to be necessarily taxing. Technology that can help uphold these specifications can greatly reduce the work in both the review and operation of new solutions. The goal is to produce a win-win for NetOps and SecOps: ease, flexibility and agility of deploying important new solutions, greater certainty and assurance of protecting network performance, availability and scale. Now, both can be achieved.

Zeev Draer serves as VP of Corporate Strategy for Niagara Networks. Zeev is responsible for marketing and technology innovation at Niagara Networks. Zeev brings over 20 years of experience in senior roles in the high-tech industry, with a unique mix of technology, sales and B2B digital marketing knowledge. He is a long-time contributor to technology forums and broadly active in making technology outlook presentations at industry events.

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

The three challenges of network tool sprawl and how to solve them

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

The three challenges of network tool sprawl and how to solve them

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.