Enterprise Insights

October Edition

Enterprise Requirements for Network Security

Welcome to the October Edition of Enterprise Insights from the EARG! Catch the highlights from our recent work and get behind-the-scenes insight into what we at NSS have been working on.

NSS Labs’ planning for group tests takes into consideration specific enterprise requirements for our different test domains (e.g., network security, endpoint security, breach security, or cloud security). These requirements encapsulate enterprise perceptions for technologies and are based on discussions with our clients and data obtained from our primary research projects. We typically split these enterprise requirements into functional, operational, and architectural requirements.

This month, we look at Q3 2019 enterprise requirements for network security, starting with the strategic planning assumptions (SPAs):

  • So long as data and applications are distributed and accessed by remote users or other services, there will be a need for network security products.
  • Data in motion requires segmentation and a mandatory minimum level of security (or the acceptance of risk).
  • The mobile workforce population is growing, yet many organizations retain fixed assets and users that require control and protection.
  • Requirements for and interests in automation are expanding; enterprises are turning their focus to understanding interoperability and the risks associated with automation.
  • Enterprises now have greater access to data that shows how security products are falling short of industry claims.
  • Flexibility and simplicity are driving security purchases, but enterprises are increasingly aware that these may come at the cost of increased risk.
  • Enterprises implementing Zero Trust will continue to use network security products (e.g., intrusion prevention systems) for segmentation, protection, and traffic visibility.
  • Adoption of SDN/SD-WAN appliances/services facilitates an operationally efficient architecture.
  • The expanding use case for SD-WAN is accelerating enterprise adoption of distributed computing workloads (cloud/multi-cloud).
  • On-premises IT architectures will become more like public cloud architectures, using infrastructure as code, etc.
  • While encryption provides confidentiality and preserves the integrity network traffic, it also increases the challenges associated with key management and content inspection, especially for public/private/hybrid cloud use cases.

Does this data align with what you are seeing? We want to know if it does—or does not. If you have edits or suggestions, we’d like to hear from you. Reach out, and we’ll set up a time to discuss: advisor@nsslabs.com.

Test Methodology Development

We welcome the opportunity to discuss our methodologies with practitioners familiar with any of the technologies covered—these practitioners do not need to be named seats on your NSS Labs subscription. Email us and let us know when you have a time for a short call: advisor@nsslabs.com.

Enterprise Intelligence Brief:

Next Generation Intrusion Prevention System

Learn More

Enterprise Intelligence Brief:

Cloud Access Security Broker

Learn More

Coming Soon: Enterprise Intelligence Briefs on SD-WAN, Breach Detection System, IT Security Architecture

Next Month: Functional requirements for network security products