When an organization is trying to get out ahead of the market and truly innovate, they have no choice but to find new language to describe what they have developed. Often, however, it’s not the company that invented the technology that gets the credit, but the one that coins the phrase that gets adopted by the marketplace. An excellent case in point is the term “next-generation firewall” (NGFW). Of course, the technology behind this category of device had been around for a long time.
For example, there was, and still is, very little difference between an NGFW and a UTM (unified threat management) device. But someone coined the term, grabbed a lot of media attention and market share, and to keep up, a whole new class of security technology was off to the races.
The same is now true for two ideas currently competing for space in the marketplace. They are the security platform and the security fabric. Each claims to be the next generation of network security and, on the surface, both seem to try to solve the problems of expanding network environments, increasingly sophisticated threats and the need for different security technologies to work together to more effectively protect the network. But in reality, they are very different. Let’s take a look at these two different approaches and see what they actually mean.
Fabric vs. Platform
Many platform security vendors position themselves as having an end-to-end solution. One of the challenges of security platforms, however, is that they start with a specific security element and then bolt on other security tools on an as-needed basis. This leads to some challenges with scale, visibility, gaps in security, and cost.
A security fabric approach, however, can incorporate a variety of technologies, including specially engineered hardware designed for today’s escalating traffic demands; virtualized solutions that are available on demand; single, purpose-built devices for those places in the network where you only require certain types of inspection; and offloading surges in traffic onto other devices.
When we look at visibility, because platforms are made up of predefined bundles of technologies deployed in a single location, they often have blind spots. The reality is that most platforms have different dashboards and methods for collecting data that limit real-time visibility because threat information and policy orchestration still need to be managed by hand.
A security fabric approach leverages all deployed security devices, even those from third-party vendors, into an integrated whole. Open standards and application programming interfaces (APIs) mean that data can be easily collected, shared and correlated, and automated policy changes and responses to threats can be synchronized between devices across the distributed network ecosystem.
And finally, a platform-based approach means that, regardless of which technologies you want to deploy, you have to purchase hardware designed to accommodate all of them, which isn’t cheap. It also means that you are either paying for processing power that is lying dormant when a particular function isn’t needed, or for processing power that drops to its knees during traffic spikes and surges.
By blending together next-generation detection and response systems, intelligent network segmentation and single-pane-of-glass orchestration, a security fabric is able to see and respond to today’s most sophisticated threats, while dynamically adapting to evolving network architectures. It enables solutions to actively collect and share threat information to improve visibility and intelligence and enhance situational awareness. It automatically distributes mitigation instructions to broaden and deepen a synchronized attack response from end to end.