For example, years ago, a new service request required a hole to be punched in a single firewall. But, today’s multi-layer approach means that ACLs and rule changes not only affect firewalls, but also integrated routers and switches. When multiple vendors are thrown into the mix, the challenges rapidly start to skyrocket.
The complexity of today’s networks is a challenge, but it is also leading to a new dynamic in IT organisations: a blurring of the boundaries.
Blurring the boundaries
The roles of those responsible for protecting an organisation’s IT network infrastructure have, historically, been clearly defined, with security teams managing the firewalls and network teams managing the routers and switches. But as networks are becoming bigger, broader, and more complex, security teams and networking teams are collaborating, passing tasks from one team to the other.
Collaboration is a good thing. But, the downside is that security teams or networking teams individually are not likely to have the specified knowledge or experience necessary to carry out these “blended” tasks. Involving networking teams in changing rules and ACLs, for example, can take a considerable amount of time and involve a significant risk of error. This risk is further increased when you consider that the networking team is highly unlikely to be familiar with the various subtleties and nuances in syntax used by different vendors.
Security teams, on the other hand, often set internal policies governing best practices that will impact the network team. Challenges and frustration can grow if the network team does not have the expertise or time to implement the actions required of it, and the security team might not be given the auditing information it needs to verify that these actions have been carried out correctly. In addition, due to a potential lack of knowledge, the networking team might be unable to deliver the proof points needed by the security team.
Frustration and challenges
So not only can this situation cause companies costly delays and put networks at risk, it has introduced new tensions for the teams concerned, changing their internal relationships.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.