Decentralisation caused by growing adoption of cloud-based services has created new challenges for network security policies, the head of a fast-growing packet monitoring specialist has said while warning that network security can no longer be designed around the assumption of aggregated services and data demand.
Visibility has long been a crucial capability in networked environments and an increasingly variable security climate, given blind spots and made more complex by the explosion of cloud services, has accentuated the need for CSOs to translate this requirement into business terms as well.
Some of this need is being addressed through smarter applications but network architects are also turning to new ways of monitoring, capturing and analysing packets. Enter Savvius, a long-established network visibility and forensics provider that two years ago parlayed its former success as WildPackets into a new identity focused specifically on security visibility.
With annual growth sitting at around 24 percent and a revamped partner network rapidly driving its technology into new markets and customers, demonstrated strong demand for broad visibility tools is helping Savvius grow faster than the market in Australia and elsewhere, vice president of global sales Patrick Johnson told CSO Australia.
“It became obvious to me that as we started to grow the company into a midsized organisation, that getting into distribution and leveraged sales was something we needed to do,” he explained. “When I looked at places where we had under-coverage, Australia was a glaring spot on the map.”
Recent efforts to expand the company’s direct presence – which now includes an office on the Gold Coast and sales presences in Sydney and Melbourne to support the company’s local channel partners – reflect the company’s efforts to stake its claim in a growing market for security visibility tools.
Gartner, for one, identified network traffic analysis solutions as one of the top security technologies this year while detection and response was named as the top security priority for organisations struggling to deal with an ever-expanding range of variables.
“As enterprises shift toward balancing prevention with newer detection and response the approaches, CISOs are changing how they measure the success of their security strategy,” Gartner research director Lawrence Pingree noted in a statement.
“CISOs are keen to communicate the return on investment of their security strategy in terms of the business value associated with quick damage limitation, in addition to threat prevention and blocking.”
That suggests increasing relevance for Savvius and its multi-segment analysis technology, which has been designed to shoehorn the visibility capabilities of WildPackets into the distributed cloud world. Tools such as the upcoming Spotlight also provide low-level drilldown capabilities that have, Johnston said, made them appealing to large businesses and data centre operators.
“Most of the time network tools give you an aggregation of data and not an individual conversation,” he explained. With “hundreds of thousands of data flows being destroyed every minute, we update those on a subsecond basis and have actionable responses. If a user is having performance issues, we can find that user and find the conversation he was talking about.”
This was proving similarly useful in the security space, where visibility allows deep-dive analysis of potential security issues in real time. Gartner has previously noted that 60 percent of enterprises will implement appropriate cloud visibility and control tools – and will experience one-third fewer security failures as a result.
“You usually want to see the worst thing that are happening on your network,” said Johnston. “But you can’t fix it forever if you don’t know what the root cause is. We have figured out how to take the data we collect put it into a real-time monitoring capability, and put it to a network analyst or network operations centre and show them.”