Transcript
This transcript was autogenerated. To make changes, submit a PR.
Hello everybody.
Welcome to Con 42 SRE Conference.
I'm Shania Prasad, a senior product manager at Cisco Systems, and I'm really
excited to be here and present to you all.
The topic for today is building resilient digital infrastructures,
integrating networking and security for agile secure operations.
So let's get right into it.
We are combining networking and security in a smart, flexible way
so that businesses can run securely and adapt quickly to change instead
of treating these as separate silos, for example, a network team and a
security team working independently, they're being brought together so
everything works smoothly and securely.
Here we've dug deep into some statistics to understand why this
is important and what returns an organization can expect to get.
Organizations that take this approach of a unified networking and security
can see a 15% reduction in breach costs.
That is because integrated systems help detect and respond faster, minimizing both
financial loss and reputational damage.
They can also achieve faster containment.
For example, let's say ransomware starts spreading inside a network.
An integrated setup can automatically segment the threat, threat, alert
the right teams and block lateral movements all in a fraction of
time compared to silo tools.
And they can also experience better incidents.
Management teams can work cross-functionally with better
visibility, governance, compliance.
No more chasing data across dis disconnected systems.
In short, integration is not just about efficiency.
It directly improves your ability to respond to threats, protect
your business, and stay agile.
With that, let's talk about a lot of these key convergence technologies that
are coming together in the industry such as software defined networking,
secure Access, service Edge, or sass, e and zero trust architecture.
These three technologies are reshaping how we build secure agile infrastructure.
Software-defined networking brings programmability into the network,
making it easier to scale, automate, and adapt as business needs change.
It's like moving from static roadmaps to real time traffic control, SSE on
the other hand, and brings networking and security together in the cloud.
It's how companies can protect their users and applications at the edge without
back howling all their traffic or adding complexity for security inspection.
Zero.
Trust architecture is something that you may all have heard a lot of it.
It changes the security model entirely.
Nobody is trusted by default.
Every user device request name, it has to be verified each and every time.
And their posture is being tracked consistently and new policies are new.
Policies are applied every single time the posture changes together.
These will form the backbone of a modern converged infrastructure,
one that is secure, flexible, and built for the way that we work today.
With this, let's start looking at some market trends.
Where technologies are gaining a lot of traction.
This chart is highlighting the projected growth of the security service edge
market over the next five years, and the trend is clear demand is accelerating.
What is driving this?
The shift to hybrid work, increased resilience on cloud applications,
the need to secure users and data outside the traditional parameter
is all driving this change.
Organizations are looking for integrated cloud delivered security that scales, and
SSE is right at the center of that demand.
As the market nearly triples between now and 2028, it's clear this isn't just a
passing trend, it's a strategic shift.
And vendors who can deliver this convergence across networking and
security are best positioned to lead.
Great.
Now let's move in to understand a little more about this entire process and how the
silos are, uh, formed in the first place.
This pyramid here illustrates the journey from siloed operations to two integration.
Why does this matter for security and operational effectiveness at the base?
As you can see, we have siloed operations.
When networking and security are managed by separate teams, they have
different tools, different goals, and often they have limited communication.
This is where many organizations start, and it's where the friction, blind spots,
and delayed responses tend to live.
The first step in all of this is adopting common tools, bringing teams into shared
platforms so they can at least work on the same data and use consistent technologies.
It is not full integration yet, but it builds a foundation.
Next step is where organizations begin aligning processes, harmonizing workflows,
handoffs, and incidents response.
This removes the guesswork and finger pointing that slow teams
down when time matters the most.
At the top of the pyramid, we reach integrated teams where networking and
security professionals are not just coexisting, but collaborating as one.
This is where we see the greatest gains in agility, risk reduction, and performance.
Security becomes proactive.
Networking becomes intelligence.
And together they create a much stronger defense posture.
So the message here is simple.
True security convergence isn't about the tools, it's about people and processes.
And the higher you climb, the stronger and more resilient your operations become.
So now let's start with understanding the operational benefits.
To begin with, we can talk about enhanced performance.
When security is directly built into your network, traffic can flow
more effectively and efficiently.
There's no unnecessary detours.
There are fewer bottlenecks and there's faster application access.
Users get a better experience without compromising on the protection.
Next there is faster response.
Integrated systems can detect threats in real time and act immediately, whether
that means isolating a device, blocking traffic, triggering alerts, you name it.
The days of slow manual handoffs between teams are gone.
Next is cost efficiency.
When you consolidate tools and unify processes, you're reducing redundancy.
Not just in licensing costs, but in overheads, in training, in
operational complexity, and so on.
You are doing more with fewer moving parts.
The final thing I wanna talk about here is stronger protection.
A unified approach closes the gaps that attackers can often exploit.
You get consistent policies, broader visibility and seamless convergence across
users, devices, and location, whether they're on-prem, remote, or in the cloud.
So these aren't just technical improvements that actually business
enablers, performance, speed, savings, security all together.
When.
They come together improving the whole system, the silos start to come down.
In this slide, we're gonna talk about AI and how that is
covering this entire system.
As threats grow more complex and more faster, traditional security
models are not able to keep up.
This is where AI powered convergence steps in turning reactive operations
into proactive, intelligent defense.
It starts with threat detection.
AI constantly scans network traffic and behavior patterns to spot anomalies,
things as humans might miss, but that.
Will stand out any day, right, because it's, it's done by a machine and it's
trained on millions of data points.
From there, we move to analysis.
Machine learning engines evaluate these anomalies, filtering noise from risk.
They reduce false positives and give security teams clarity.
They're not drowning in alerts.
They're focusing on threats that matter.
Then comes response.
With integrated systems, AI can take immediate action, whether that's isolating
a device, blocking, suspicious activity, or escalating to human for review, the
key is speed, minutes, or even seconds can make a huge difference in the impact.
And finally, adaptation.
AI doesn't just react, it actually learns.
Every incident makes a system smarter, turning detection models
and response playbooks automatically.
The more data that it sees, the better it gets at defending your environment.
So this isn't just automation, it's intelligence at scale.
AI is bridging the gap between networking and security, accelerating
detection, reducing the manual effort required, and also improving
resilience with every single incident.
As we talk about the benefits of convergence, it's equally important to
acknowledge the real world challenges that any organization might face
when they're trying to implement it.
First, there is a skills gap.
There is a clear shortage of professionals with expertise across
both networking and security.
Only 24% of IT professionals are proficient in both the domains.
This makes it very difficult to design, deploy.
Manage converge solutions without upskilling or bringing in outside help.
Bridging that gap requires training, investments and closer
collaboration across teams.
Second challenge can be legacy systems.
Most organizations are still running on outdated infrastructure that
was not built for integration.
These environments lack compatibility with modern security frameworks,
making convergence very difficult, and it's like retrofitting a jet
engine into a propeller plane.
Moving forward means serious investment, not just in tech, but
in rethinking architectures and third organizational resistance.
Even with the right tools and people, culture can be a blocker.
Networking and security teams often operate in silos, as I mentioned
earlier, each with their own priorities, tools and ways of working.
Merging them requires more than just a technical plan.
It takes change management, execute a sponsorship and a shared
vision of what success looks like.
The good news though is that these challenges are solvable,
but only when they're addressed head on with clear strategy.
That includes people, processes, and program alignment.
Let's now move into understanding Cloud native security integration.
Securing cloud environments is not just about lifting and shifting existing tools.
It requires a fundamentally new approach, one that is built into the cloud, cloud
fabric from day one, and that's what we're gonna talk about in this slide.
First, we're gonna talk about identity, identity-based access.
A distributed world users are everywhere.
Working from home on mobile across SaaS and cloud platforms.
The parameter is no longer physical.
It's identity that matters.
That means policies must follow the user and not the device or the data center.
Identity becomes the control plane for security.
Next, distributed security devices.
In a cloud native environment, traffic doesn't just pass through
a central gateway anymore.
Security must be embedded at every single access point across users, devices,
workloads, APIs, you name it, whether it is east-west traffic within the cloud,
or access from external endpoints.
Protection has to be everywhere and all the time.
Lastly, but not least, the cloud network architecture itself.
Security cannot be bolted as an afterthought.
It has to be part of the initial infrastructure design integrated
into the way that the services are deployed, connected and scaled.
This includes microsegmentation, service meshes, and cloud native firewalls
all embedded into the way that the network operates in the first place.
The key takeaway here is that Cloud Native security integration is
proactive, scalable, and user centric.
It's all about building security in and not just bolting it on or
adding it on, so that protection becomes how the cloud works and not a
separate process running alongside it.
Lemme try to give a real life example.
Um, just to make this a little more clearer.
So we'll take an example from the financial services sector.
Let's say that a global bank was facing a growing number of attacks across
its distributed network, and this is a challenge that only became more common
with hybrid work and cloud adaptation.
Now their biggest bottleneck wasn't just the threats themselves, it
was the response to the threats.
The security and networking teams were siloed.
They were working in parallel, but they were not working together.
And that disconnect caused delays in threat detection and
response, increasing the risk.
To fix this, the bank rolled out a SAS E framework, combining networking and
security into a single architecture.
And they also paired that with integrated SD-WAN to optimize
networking and control at their edge.
But technology wasn't enough.
They also stood up a joint network operations center, bringing together
both teams under a unified model.
The impact of this was immediate and measurable.
They saw an immediate reduction in the threat detection time
from hours previously to minutes.
Now, they cut a huge budget annually in operational costs by eliminating redundant
tools, streamlining their workflows, and also improvised performance.
They also got a boost in network efficiency.
Users got faster and more reliable access without really compromising on security.
This, as you can see, is a clear example of what convergence looks like
in practice and why just a technical upgrade is not enough, but a it.
It's also a business enabler.
Finally, I just want to leave you all with a few thoughts.
When it comes to converging networking, security success depends on having
a clear, actionable roadmap.
And this is what I'm gonna talk about in this slide.
It starts with assessment, evaluating whether your current state, your
architecture, your tools, and your organization silos are present.
Uncovering where the gaps are and where integration can drive the most value.
Many organizations find that they have overlapping tools, fragmented
policies, and misaligned teams.
This is their chance to reset the whole foundation.
From there on, you can move into STR strategy development, and this is
where you define the future state, a unified framework that brings both
security and networking together.
Again, it's not just about the technology.
It means defining the governance roles and responsibilities so everyone knows how
they need to operate in this new model.
Next comes the pilot implementation.
Now, this is a very critical phase.
Rather than roll out everything at once, you test integrated
solutions in smaller controlled environments, you validate that.
That performance is actually improving.
Risk is decreasing, and operations are getting simpler.
Then you gather feedback and fine tune your system before a broader rollout.
Last but not the least, you move to a full deployment in your organization.
At this point, you scale the proven solution across the enterprise.
But you don't just stop there.
You establish a continuous improvement loop because threats are going to keep
evolving and you so will the business.
So ongoing refinement will keep you ahead of both.
The key takeaway here, and my ending note here is that transformation does
not have to be risky or overwhelming.
Start small, measure the outcomes and expand it with confidence.
Thank you so much all of you for being here.
It was my pleasure to present to all of you and I'd love to hear
as well what your thoughts on.
Thank you so much again.