Sergey Nivens - Fotolia
The role of network operations professionals is becoming more and more intertwined with network security operations, with 85% of network teams now involved in security investigations.
More than a quarter of network professionals spend 10 hours a week on security issues, according to a survey conducted by JDSU unit Networking Instruments. The networking monitoring vendor polled more than 300 network engineers, IT directors and CIOs from organizations worldwide, said Brad Reinboldt, senior product manager. "Beyond actual investigating, they are playing a real-time role in terms of implementing various preventative measures," he said.
Indeed, 65% of respondents said they are actively involved in ways to prevent attacks; 58% said they are focused on investigating attacks and 50% said they spend part of their time validating security tool configurations.
The correlation between networking and security strategy
While this year's survey emphasized the need for network teams to start enabling security initiatives, this isn't the first time Reinboldt has seen this result. "Each year we've done this survey, there is a high number of responses of network teams needing to work with security," said Reinboldt. Why? "Because the network grounds it all," he said. "The network is really where the rubber hits the pavement. Everything runs its course through the network. So if everything isn't working in those pipes, you're going to have problems."
Reinboldt said network performance management (NPM) tools -- such as ones marketed by Network Instruments and other vendors -- can help organizations cobble together a security strategy.
Monitoring tools anchored by deep packet inspection and analysis can help flag and thus prevent attacks and it's the networking team who is best trained to perform this function. But Reinboldt said organizations need to use these products in conjunction with security tools already in place. "It's not the first line of defense, but it's an integral part," said Reinboldt of the use of monitoring platforms. "These days you kind of have to assume that there will be a breach. So the question becomes mitigation. What steps do you have in place to put the fire out once it begins inside the house? It's mostly about applications and NPM."
Separating network operations from network security operations
Even as more network operations staffers spend more time on security issues, it remains unlikely organizations would spend the time or money to create dedicated network security operations teams, Reinboldt said. While it would make sense, he said, "The reality is that it would be costly."
"Having a team of individuals can be problematic. A separate organization would be ideal. The analogy is like Jurassic Park with the velociraptor looking around the perimeter for weaknesses. You need to have your network staff aware of their area. They have to have an eye toward the network security. You need to be working cross-functionally."
Other major survey highlights: 40 GbE, 100 GbE make strides
The Network Instruments survey included other highlights, among them the predicted adoption of 40 Gigabit Ethernet (GbE) and 100 GbE within the data center. According to the survey, the adoption of faster Ethernet speeds has nearly doubled within the past year, with 40 GbE and 100 GbE deployments greatly outpacing the 25 GbE standard. Reinboldt attributes this adoption rate to price points.
"It's interesting. It speaks to how dynamic the industry is," said Reinboldt. "One hundred Gigabit Ethernet is a little spendy, but 40 serves as a step between. It's a pseudo dead end; you have to jump to 100 GbE after you do 40." Reinboldt said 25 GbE is more nascent, but it also serves as a bridge between 10 GbE and 100 GbE. Bottom line: "We know where gigabit Ethernet is going. It's going to 100. But the price is still high and some organizations can't swing that just yet."