Why IT Complexity should drive IT Purchase Strategy

By Evan Schuman, Security Writer

When executives are strategizing their IT purchase plans, they may pigeonhole their companies into buckets, such as enterprise or SMB. But those classifications are typically based on annual revenue or, far less often, the number of employees. Is that really the right metric for IT strategies?

There are lots of enterprises with relatively straight-forward IT operations (especially those with lots of franchisees) and plenty of SMBs with multinational customers, large IIoT manufacturing issues and a complicated supply chain deployment. Isn’t IT complexity for the business a better basis for an IT purchase strategy than revenue or headcount?

Take, for example, some of the network applications from Infoblox. They deliver DNS, DHCP, IPAM and security with multi-cloud visibility and control. They specifically use DNS-layer protection to accelerate cyberthreat detection and response.

How can any of that possibly be shoehorned into enterprise versus SMB? How many SMBs have networks with insufficient visibility? How many are opening their networks to partners across the world–each of whom has very different security controls? Cyberthieves love to attack smaller companies, on the rationale that their defenses are weaker.

Given all of that, how can a DNS visibility tool–one that also enhances other security devices–be applicable to only $25 billion companies? It doesn’t make any sense.

It is hard to overemphasize the importance of network visibility when dealing with cybersecurity and compliance. The favorite technique of the bad guys is to infiltrate the network (ideally through a little-noticed backdoor), have the malware lay dormant for months and then activate it during an ideal moment. In other words, the planted malware is like a network cockroach. It loves to hide in the dark. Light is its enemy. Visibility equals light.

DNS monitoring tools watch everything and will detect issues that otherwise successfully hide. Unless the company has no network at all, it’s about as close to a universally needed tool as possible.

Business networks and complexity have always co-existed. But in recent years, the complexity has increased by an order of magnitude, thanks mostly to a vast increase in remote sites, work from anywhere (WFA), IoT/IIoT, cloud and mobile. This has resulted in a variety of technology changes, which forced new IT investments. But those investments were overwhelmingly made where visible problems happened.

Consider, for example, the massive increases in VPN deployed in the first months when Covid hit. Problems immediately materialized (lack of responsiveness, extreme slowness of data transfers, etc.) and additional bandwidth was purchased, and VPN alternatives were investigated.

The problem? That increase in network complexity also increased places where both malware and network inefficiencies could hide. By its very nature, elements that are well hidden are not going to be noticed. When Infoblox activates its network monitoring software for new customers, IT for the first time sees all of the hidden issues. Until then, IT and Security literally don’t know what they are missing.

Beyond the inability to detect many of the problems, IT also suffers from various misperceptions and bad information out there. Such as:

My Windows Server DNS capabilities are sufficient.

When DNS and DHCP are running on Windows Server, the performance can be negatively impacted by other server processes (e.g., print, file, email). System maintenance for updates or to patch vulnerabilities can disrupt DNS and DHCP services. Since DNS, DHCP and IPAM are not tightly integrated, the system can be undermined by innocuous human error. It also requires on-site administration, which may not scale over many distributed locations.

Far more critically, Infoblox provides DNS Layer security that Microsoft Active Directory does not. This enables a shift left security posture with early threat detection and response that offloads routers, firewalls, and endpoint security tools.

Why not use apps or packages from the SD-WAN vendor?

Moving between point solution interfaces for critical services is time-consuming and error-prone. It also requires multiple learning curves, update cycles, and processes. Integrated core networking (i.e., DNS, DHCP, and IPAM) services provide centralized visibility, management, and control to streamline the management of distributed environments. Plus, by layering on DNS-based security to the same cloud-managed interface, users get a comprehensive vantage point for integrated command and control.

Why not use ISP-based DNS for the branch office?

ISP DNS often lacks external service monitoring and visibility—blinding an organization to the nature of outages and their resolution. Integrated data center and distributed enterprise services are essential for consistent visibility, automation, control, and security. The big-picture difference is that Infoblox networking software is explicitly designed for network management, cybersecurity and compliance. Using OS or add-on software is simply not going to deliver the power and efficiency that function-designed software does.

Comments (0)
Add Comment