The Edge is Dead… Long Live the Edge!
“The reports of my death have been greatly exaggerated.” – Mark Twain
If you’ve had an ear to the cybersecurity ground, you know that all things cloud, hybrid cloud, and SD-WAN are certainly the focus right now, particularly in enterprises. However, for smaller organizations like SMBs and municipalities, it can be a little different. In addition, the challenge for organizations with committed on-prem assets is knowing when and if to use these cloud resources, and how.
When the cloud is not an option
While there are advantages to moving network resources to a (theoretically) safer, more ethereal beyond, there are a couple reasons why it’s not always practical:
First and most obviously, cost can be prohibitive, and it knocks a lot of smaller businesses out of the running. Simply put, a lot of SMBs just can’t afford the move, even if it makes sense strategically. I know one CIO that recently found it more cost-effective to physically dig up the ground and install fiber to their existing data centers rather than implement a dedicated SD-WAN solution.
Second, many organizations have systems that simply can’t be moved to the cloud. Legacy architecture remains, and an on-premises presence must persist (think critical infrastructure). This means full-blown cloud options are not a possibility for these utilities. It’s hard to move a whole water plant to the cloud, especially as OT infrastructure requires connectivity to physical resources. Same goes for a public library or a Police Station.
Consequently, many organizations soldier on with legacy resources, which rely on a legacy physical perimeter that is subject to legacy vulnerabilities.
Same Edge, New Problems
While the cloud has created its own unique security issues, the traditional edge has some new challenges, too.
The edge is still vulnerable to traditional scans and exploits, so traditional tools like IPS/IDS and Threat Intelligence Gateways are still necessary in a defense-in-depth strategy.
That said, best-of-breed next-gen firewalls that take on those roles face real challenges on the modern edge. The performance of these “do-it-all” devices can suffer when they’re required to handle deep packet inspection, VPNs, and quasi-SD-WAN functionality, all while juggling routing and complicated network segmentation. (And let’s not forget to mention some major vulnerabilities discovered recently.)
And the edge is still prone to misconfiguration and human error. Because you have human interaction with these complicated firewalls – you’re managing VPNs, you’re managing new sorts of hybrid cloud connections, etc. – you inadvertently end up doing things like punching holes in the firewall that don’t need to be there, forgetting those holes are there, and then dealing with the inevitable unfortunate consequences.
The Outpost: Bridging the Gap
Simply put, the barrage of new threats combined with the requirements of the modern edge is overwhelming your firewall. You need help sifting signal from noise and your team could use a couple of extra hands.
Look to the Outpost. It boosts the performance of modern next-gen firewalls by reducing their traffic load by 70 to 90 percent, and bridges the security gap between where you are and where you need to be if the cloud isn’t in the cards right now – or possibly ever.
By positioning itself beyond the network’s edge (and beyond the firewall itself), the Outpost leverages:
- Autonomous threat defense that works for you, so you and your team can focus on the work at hand
- Network Cloaking to turn your network dark to outside attackers
- A Threat Intelligence Gateway (TIG) that blocks known threats at the door
- Enterprise IPS to provide further automatic detection and protection
- Customized Threat Feeds that can be configured by country, ASN, or domain
- … but wait, there’s more!
If you’re interested in learning more about how the Outpost can secure your network’s edge, contact one of our experts and get your questions answered by a human.
Ted has worked with network security and web technologies for almost 30 years, beginning his career as a full-stack web engineer and transitioning to network security. He now guides Nomic and its supporting initiatives, including CINS Active Threat Intelligence.