Business professionals outside of IT demand business agility. It’s the current buzzword and has a nice ring… business agility! If you’re in IT, however, you’ve likely come to loathe the word. It’s very meaning conflicts with your need for tight security in the face of growing threats. Business agility requires quick and responsive implementation of whatever is needed to take advantage of business opportunity today, now, right away! But that runs headlong into the management of network access and security policies. Automation and orchestration are the keys to overcoming this conflict, but the inherent flaws of IP networking are the fly in the ointment, the roadblock to agility.
The 2017 Network World’s State of the Network report cited protection from data breaches and leaks as the top network security challenge across both enterprises and small to medium-sized business IT decision makers. The main reason network security in this area is so challenging is the lack of automation coupled with understaffed IT security personnel.
Another part of the problem is that IP addressing is being used to an extent that is magnitudes beyond what its inventors intended. A Washington Post article – A Flaw in the Design – points out the Internet’s founders “saw the promise but didn’t foresee users attacking one another.” At the end of the day, nobody foresaw the need for cybersecurity. By implementing the TCP/IP protocol to make it easy to find computer devices, it became easy for malicious users to attack devices—they could use IP addressing not only to locate and identify another device but also to spoof their own addresses to make it difficult to deflect an attack.
As industry analyst Zeus Kerravala states in the Network World article – Tempered Networks Makes it HIP to Connect the Unconnectable:
Since it’s impossible to give every device its own unique IP address, the clever folks at networking companies came up with an assortment of workarounds, such as being able to NAT (network address translation) non-routable, private addresses. And as we’ve added more dynamic environments, such as private and public cloud, defining policy based on addresses or ranges has become unsustainable.
In 2015, the IETF ratified a new addressing standard as an open networking security protocol designed to overcome the inherent flaws of TCP/IP addressing: The Host Identity Protocol (HIP). Implemented commercially with our Identity-Defined Networking (IDN) products and solutions, HIP makes it possible to create secure network overlays based on cryptographic namespace identities easily.
The IDN orchestration engine – Conductor – makes it possible to create hub-and-spoke or highly distributed mesh networks without the traditional network challenges. The result is an end-to-end or peer-to-peer encrypted network that can be spun up in as little as three steps, even for traditionally non-routable endpoints.
The simplicity of IDN means that IT teams can now deliver business agility to meet the demands of their business and IT operations team. Like today, now, right away!