There’s no question security should be at the top of ever business leader’s list of priorities. Over the past decade, we’ve seen the rate of cyber attacks increase dramatically, along with their cost to businesses. In fact, the cost to businesses is expected to double from $3 trillion in 2015 to $6 trillion by 2021. That would rank cyber crime collectively as the third largest country in the world by GDP.
It shouldn’t surprise anyone that cyber attacks have also significantly increased in 2020, as cyber criminals have tried to exploit the massive shift to remote workforce, which could easily have exposed networks and applications and IT teams have tried to manage new environments – in many cases working remotely themselves. Indeed, since the start of the global pandemic, the FBI, Interpol and other organizations have reported massive spikes in cyber attacks. The FBI says it has received as many as 4,000 cyber attack reports a day.
The current environment only underscores the importance of security, which is becoming an increasingly complex undertaking that most IT teams aren’t capable of managing on their own. That’s one of main reasons many companies are outsourcing their security to specialists whose only job is to protect their customers’ networks. At the same time, it allows IT teams to focus on their core competencies, including making sure workers have the tools and resources they need to perform their jobs effectively.
This presents a huge opportunity for MSPs and MSSPs, who can leverage their security expertise and existing relationships with businesses to manage their network security on top of other services are already delivering – or it can open the door to relationships with new customers. But, to make the model work, MSPs need flexible solutions that allow them to easily scale network firewalls to account for the traffic fluctuations that large remote workforces create. The problem is that traditional solutions – especially hardware-based firewalls – don’t provide the flexibility or agility businesses need to protect networks in a cost effective way.
What’s the solution? I had a chance to speak with Corsa Security’s Chief Product Officer about what she’s been seeing with the massive increase in remote working and the impact on network security. She also explained why a virtual Firewall-as-a-Service approach can deliver the flexibility and scalability providers need to protect their customers’ networks, so they can take advantage of the growing demand for managed network security.
Erik Linask: We know the security landscape has changed significantly in recent years. What are the biggest changes you’ve seen?
Carolyn Raab: It’s clear that network teams are struggling to scale their network security. With network traffic increasing, the proliferation of IoT devices and the move to multi-cloud environments, enterprises face an ever-expanding threat surface when it comes to cybersecurity. At the same time, SSL/TLS adoption is growing at an exponential rate, with at least 75% of traffic on the Internet encrypted. While encryption is a good thing for security, network and security architects are faced with the daunting challenge of inspecting this encrypted traffic, while maintaining performance on these much higher capacity networks.
EL: This has been a crazy year, to say the least. How has the pandemic impacted your own business, and how has it impacted your customers?
CR: The current realities of the COVID-19 global pandemic has forced many enterprises to adopt new network operations practices. Security and network architects need to be able to respond to changes in network traffic dynamics, increases in encrypted traffic, unsecured devices and rapidly growing cyber attacks. They need to be able to quickly scale traffic inspection so they get 100% SSL/TLS visibility, turn on advanced NGFW features that may have previously been disabled due to performance issues, and bring up new firewall capacity. It’s impossible to do that at the push of a button using the traditional, hardware-centric approach to network security; it’s too costly and time consuming to install a new firewall to cope with the sudden surge in capacity and inspection. In some regions, that may not even be possible during COVID-19 restrictions. So, our approach to automatically scaling network security through virtualization of the network firewall is even more timely given the pandemic.
EL: How do recent trends like remote working, increased video consumption, and 5G – the common factor being they are all driving greater network traffic – impact security?
CR: All of these trends are driving a significant increase in the amount of encrypted traffic and changes to the traffic mix. As a result, it’s impossible for anyone to accurately predict the exact amount of traffic, traffic mix, or number of users on any given day. That’s why security professionals need the agility to scale traffic inspection at the push of a button and at a moment’s notice. The current situation highlights the need to move to virtualization and deploy a platform which allows us to elastically add virtual firewall capacity rather than being forced to upgrade specialized, single-purpose hardware. A turnkey approach to virtualization provides the automation, flexibility and scalability we need when things change suddenly.
EL: As MSPs look to increase their revenue opportunities and value to customers, why should they be adding network security to their portfolios?
CR: It’s no secret that current firewall architectures are complicated, do not scale and lock you in. This is why enterprises no longer want to own and manage their own physical firewalls. MSSPs can capitalize on this opportunity by enabling a virtualized Firewall as a Service that replaces physical firewalls. Managed network firewall services are one of the key security services already offered by some MSSPs but, given the rapidly changing threat landscape, they need to find a new way to make this service quicker to deploy, more flexible and profitable. MSSPs need to offer an automated virtual firewall that a customer support team can spin up services the same day.
EL: Explain virtual firewalls. How does virtualization help protect against a constantly evolving threat landscape?
CR: Virtual firewalls are the deployment of choice in the data center fabric, whether private or public, and have evolved to feature parity with their physical appliance counterparts. These same virtual firewalls can be a particularly attractive option for enterprise security teams to scale inspection and build out their threat protection for their north-south traffic. With virtual firewalls, network architects can take advantage of horizontal scale and virtualization to build firewall arrays and create enough inspection power to handle whatever traffic inspection needs are required. As firewall capacity needs change, virtualization lets you add new firewalls at the click of a mouse without having to make large changes to existing networks.
EL: You recently announced an automated virtual FWaaS solution. How does that benefit service providers?
CR: We have expanded our Corsa Security platform to automate Firewall-as-a-Service (FWaaS) so MSSPs can replace their customers’ physical firewalls with virtual ones. With our solution, you can simplify the virtualization of hardware firewalls with push button provisioning and configuration migration using our centralized Corsa Security Orchestrator. Since the platform supports multi-tenancy, MSSPs can offer specific services and capacity to individual customers in minutes and quickly scale their service offerings. The platform minimizes the need for DevOps skills, offers a low cost of entry and a pay-as-you-grow model, so MSSPs can reduce their network operations expenses for better ROI.
EL: You’ve built the virtual firewall solution on a SASE framework. Why?
CR: When MSSPs try to virtualize network firewalls for their customers, they discover that a build-your-own virtual firewall platform can take a lot more time, DevOps resources and money than most anticipate. That’s why MSSPs need a new approach to their hosted firewall service that can automatically replace those physical firewalls with virtual ones. Delivering FWaaS as part of a SASE framework makes it easier for MSSPs to manage the security of their customer’s network, set uniform policies, quickly make changes, and increase threat protection. Using a SASE framework allows MSSPs to offer a new kind of FWaaS today and additional SASE services in the future.
EL: If providers are virtualizing firewalls, that can be a huge provisioning and management headache. How do you overcome that?
CR: By fully integrating with firewall licensing and policy management from your preferred firewall vendor, the Corsa Security Orchestrator gives you push-button configuration migration and zero touch network security operations. Presented in a simple intuitive UI, this single pane of glass gives you rapid new service delivery and unprecedented levels of control for bringing up new customers and instant insight, including platform status, VM utilization, system alerts and more.
EL: For most companies, budgets are tighter than ever right now, yet security should never be an afterthought. How can virtualization help contain costs without negatively impacting security?
CR: When it comes to network security, there is a clear solution which enables you to contain costs by leaving behind legacy hardware and leveraging a flexible, budget-friendly platform. A virtualized network security platform allows you to elastically scale traffic inspection and threat protection to meet increasing bandwidth demand. Our Corsa Security platform is delivered with a pay-as-you-grow, monthly subscription model for ultimate financial gain. This translates to greatly improved Total Cost of Ownership (TCO) compared to the CAPEX of installing new hardware each time you run out of inspection capacity. Our solution usually represents a savings of 40% or more for a 3-year TCO.
EL: Why is interoperability between security vendors important?
CR: At Corsa Security, we recognize that the world of network security covers many elements and continues to expand. We don’t believe that any one vendor or organization can address all the security issues for large enterprises and service providers. That’s why our approach to scaling network security is open, collaborative and vendor agnostic. Our proven interoperability with Palo Alto Networks and Fortinet means our customers can rest assured that this best in breed approach will deliver what they need without compromise. Our platform is built on open, extensible APIs that make it very easy to integrate with other security functions and existing software platforms in our customers’ network/security operations centers.
EL: What do you see happening in the security space in the coming years?
CR: Security will be top of mind for enterprises for many years to come. Cyberattacks are on the rise and, as hackers become more sophisticated, the cost of these attacks continues to grow. At the same time, all the trends we talked about from 5G to IoT and the cloud to remote working, will put additional pressure on network and security architects to adapt. To date, network security has been one of the few areas to not capitalize on virtualization. I see a huge shift in the next couple of years where security teams will widely deploy virtual firewalls throughout the network to ensure scalable threat protection.
EL: Any final thoughts?
CR: Because enterprises want to outsource the complexity of network security, MSSPs have a golden opportunity to provide security expertise that is difficult to find and security services that offer best of breed protection. But, how they offer these services needs to be different instead of just replicating what the enterprise already does with physical firewalls. They need to learn from the success of the public cloud and leverage virtualization with a cloud-centric deployment model and pricing. A revolutionary new firewall as a service that can be offered with increased speed, agility, and simplicity is precisely what enterprises need and want.
Edited by Erik Linask