The Business Value of Security Platforms for Digital Transformation

Cybersecurity is a robust market that continues to expand at a relentless pace. Much of this growth is the result of digital innovations that are transforming the networks that cybersecurity solutions protect. The traditional perimeter, whether at the edge of the network or the edge of the data center, is expanding exponentially with every new edge and edge device being added to the network.

That perimeter isn’t only getting larger. It’s also highly flexible, permitting more connections, applications, transactions and workflows to pass through than ever before. And in many cases, it’s in a state of flux. Things like virtualized networks and hyperscale data centers need to constantly adapt to dynamic business requirements.

Point Products Demise

In today’s world of digital transformation, point products are a dead end. Companies still sell the majority of security tools as one-off solutions to plug a hole somewhere in a network. (Usually it’s a traditional next-generation firewall (NGFW). They’re not part of a strategy, and they certainly don’t contribute to improving visibility and control within today’s expanding networks.

That’s not a model that’s going to survive the current radical digital transformation of the network. You could argue this selling model has made organizations less safe due to product and vendor sprawl. The inability of security teams to collect and correlate threat intelligence to establish visibility and control is another reason why. Expanding this reckless approach to the multicloud, private clouds and virtual network functions (VNFs), remote branch offices, mobile workers and IoT devices is a recipe for disaster. That’s especially so when it’s coupled with the growing cybersecurity skills gap.

Redefining the Security Platform

Security vendors have long extolled the virtues of selling integrated security platforms. They aim to address the bigger security challenge, rather than selling point products. But a lot of that messaging has been marketing hype. In reality, most security “platforms” have simply been a collection of loosely related tools wrapped in a sheet-metal or virtual box, and managed through a software shell that creates the illusion of interoperability. And security resellers know this.

Part of the challenge is that there haven’t been standards to clearly define what a security platform should deliver. It’s time to change that.

The reality is that selling a platform can provide all of the advantages that have been hyped by marketing teams. That functionality should include:

1. A platform needs to be broad. A true security platform needs to be deployable in virtually any environment and still provide seamless and consistent protection and policy enforcement. That means platforms need to be available in a variety of form factors, from traditional edge security, to ultra-high performance platforms built using custom security and networking processors to address issues such as hyperscale and big data, to virtualized solutions designed to run natively on any public cloud platform or with any hypervisor managing an internal virtual network.

But form factor isn’t enough. These platforms also need to be able to connect to maintain consistent enforcement for data and workflows that move across and between all of these networked environments. That requires the ability to translate protocols and policies on the fly between platforms, and also interact directly with the network to do things like enforce access controls and establish dynamic segmentation based on business requirements to maintain the protection data and resources once they’ve passed through perimeter controls.

2. Next, platforms need to be integrated. The tools deployed within a standard security platform – such as a firewall, IDS/IPS, web filtering, AV/AM, anti-DDoS and sandboxing – need to truly work together as a holistic system. That begins by building them using a common operating system. This allows them to see each other and share relevant threat intelligence when it needs additional inspection. They can also correlate data to refine their search for threats and work together when responding to an attack. It also allows a single system to fully manage them. It can establish and orchestrate universal policies, monitor and revise configurations. Another benefit: sharing threat intelligence simultaneously to all devices and providing a single source of truth for analysis and reporting.

Integration also needs to extend to third-party solutions. A true platform must use common standards and provide open APIs so third parties can collect and share information with the platform, build tools designed to function as part of the platform or create hooks for true interoperability between platforms from different vendors. The goal is to be able to create a consistent, unified security fabric that increases visibility and control.

3. Finally, a platform needs to be automated. It would take teams of security analysts to correlate data and discover sophisticated threats designed to evade detection, given the volume of security information being generated across distributed networks, And by the time they did, chances are the attackers have accomplished their objectives and moved on. Automation, including the addition of machine learning and true artificial intelligence, accelerates these processes to meet the demands of today’s digital business environments. Humans are excellent at high-order analysis, but detecting a threat, coordinating its analysis between several different tools and executing a simultaneous response across the entire network of deployed platforms requires automated systems that function at wire speeds.

Transformational Platform

A true security platform can transform your security business. Security resellers can reposition themselves as trusted advisers for the digital transformation by finding and selling true security platforms, rather than a series of one-off security devices. When you sell that point-product firewall, you have to go out and find the next opportunity. But when you sell a platform and demonstrate its potential, you become part of the team that designs security for the rollout of a company’s digital transformation strategy. That means not only selling more devices, but helping to train users and implementing these devices in new environments. It could be protecting a massive hyperscale data center or adding security to a DevOps container to secure the development of a critical business application.

True platforms are powerful tools that generate revenue, build trust and create residual income during the digital transformation. And they should replace point security products as the primary solution in your reseller toolkit.

Jon Bove is the vice president of channel sales at Fortinet. He and his team are responsible for strategizing, promoting and driving the channel sales strategy for partners in the U.S.  A 17-year veteran of the technology industry, Bove has held progressively responsible sales, sales leadership and channel leadership positions. Follow @Fortinet on Twitter or Bove on LinkedIn.