IT futurists have long predicted the eventual disappearance of the so-called perimeter, but the truth is that physical networks — and the solutions for securing them — are far from their last days.
And while the cloud has heralded the arrival of infrastructure-as-a-service (IaaS) and software-defined networks (SDN), at the end of the day, these services are delivered out of physical data centers, albeit distributed and dispersed across the globe. For traditional firms with on-premises IT infrastructures, network security continues to increase in complexity in order to keep up with ever-sophisticated cyber attackers.
Whether on premises or in the cloud, IT infrastructures are prone to the same security issues and are equally exposed to cyber threats. However, with today’s networks supporting a vastly greater number of users, devices, and Internet of Things (IoT) sensors, the enterprise attack surface’s composition has evolved significantly even when compared to just a few years ago.
Network Security Today
Today’s network security offerings range from traditional intrusion detection and prevention systems (IDPS) to next-generation firewalls (NGFW) and unified threat management (UTM) devices that serve multiple security functions in one appliance.
More recently, the network detection and response (NDR) category has emerged to describe solutions that utilize artificial intelligence (AI)/machine learning (ML) and other non-signature based methods to detect advanced threats lurking in the network.
These solutions are also designed to work well with other tools for streamlined remediation, threat hunting, and more.
Network Security Market
The network security market is anticipated to increase from $27.39 billion in 2021 to $60.38 billion in 2028, at a compound annual growth rate (CAGR) of 12.0% during the forecast period.
Drivers such as the global shift to working from home and the resulting spike in remote access have resulted in higher enterprise network traffic and number of varying devices — this in turn translates to more risk exposure to threats like ransomware and bothers.
Benefits of Network Security
Today’s enterprise networks tend to be a mix of on-premises, cloud (IaaS), and sensor/IoT networks at the edge. Now more than ever, comprehensive network security is critical to ensuring that excessive cyber risk exposure doesn’t impact the business. This means being able to collectively monitor and mitigate the cyber risk exposure of these heterogeneous network environments via a single pane of glass.
Additionally, the ML-powered insights provided by today’s network security solutions enable businesses to shore up their defenses against continuously evolving cyber threats.
Interestingly, many of today’s network security offerings are cloud-based and can therefore scale in real-time to the firm’s needs as well as secure IaaS environments natively. Several vendors use a similar deployment architecture consisting of network security devices deployed on premises or in the cloud, managed by a cloud-based security orchestration platform.
See more: Key Cybersecurity Trends 2021
Network Security Use Cases
The enterprise IT security market is fairly saturated with numerous players in many cases offering overlapping solutions.
IDPS and UTM are commonly bundled into a single device (i.e., the NGFW) these days, though a handful of vendors develop special intrusion detection (IDS) sensors for special use cases (e.g., for monitoring vessel networks).
The IoT and industrial control system (ICS) network monitoring space is experiencing a surge in demand — especially for use in environments like manufacturing facilities, energy stations, automotive assembly lines, and more.
With many of these industries undergoing digital transformation, the need for monitoring the supporting networks for threats is being addressed by a growing number of players. That said, the operational technology (OT) network security space is still relatively new, with room for new disruptors.
More than a few vendors market their solutions under the NDR category. These offerings focus on network traffic analysis use cases for the modern enterprise. More often, these centralized NDR platforms combine threat detection with security workflow automation, auto-remediation, threat hunting, and more.
Network Security Providers
The following are 10 leading vendors that provide solutions for network security, from UTMs and smart firewalls to AI-powered network anomaly detection and NDR solutions.
ExtraHop provides continuous network monitoring through its Reveal(x) EDR platform. It’s cloud-based solution features auto-discovery and auto-classification capabilities for real-time visibility into IT infrastructures both on-premise and virtualized/cloud-based.
A leader in network security, Fortinet has developed its flagship FortiGate NGFW with advanced UTM capabilities in a unified smart firewall device, enabling customers to more easily monitor/protect their networks via a single pane-of-glass.
An established name in network security, Sophos offers a NGFW with enterprise-grade firewall capabilities as well as advanced features for protecting against modern cyber threats such as advanced malware, drive-by downloads, botnets, and more.
Tenable is perhaps most well-known for its Nessus vulnerability scanner; however, its solutions for enterprise network visibility are also popular for detecting, identifying, and mitigating threats across an organization’s entire IT computing fabric — be it on premises, in the cloud, or in an industrial/operational technology (OT) environment.
A leader in OT network security, Claroty has developed a platform that provides industrial enterprises with comprehensive network visibility, monitoring, and threat detection. Its solution was designed to monitor both standard IT networks as well as OT environments with industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems present.
Vectra’s platform monitors both on-premise and cloud-based networks with AI-powered capabilities for advanced threat detection and risk awareness. By using machine learning (ML) to enrich the network metadata collected, organizations can perform more contextual, accurate assessments regarding their network risk.
The Fidelis Network is an NDR platform that provides monitoring for both individual endpoints as well as entire networks. Like Vectra (and many others), the solution uses AI/ML for enriching network metadata in network security analytics and threat hunting use cases.
VMware is most well-known as the leader in the virtual machine space, but it also offers a range of enterprise cybersecurity solutions. Its NSX platform (previously Lastline Defender) was designed to detect advanced network threats and security incidents in both on-premise and cloud networks
While Forescout offers a range of traditional enterprise network monitoring tools, the company has positioned itself as a security provider for the “enterprise of things” — or enterprise networks supporting a combination of IT, OT, and IoT devices.
Darktrace’s AI-powered cybersecurity suite enables enterprises to automatically detect network anomalies and advanced threats — malicious signals that may be difficult to recognize using standard network monitoring tools and IDPS solutions.
Network security continues to evolve as organizations become more heterogeneous in their IT environments.
From the cloud to the edge, modern enterprises require solutions that are both streamlined for centralized management yet flexible enough to monitor any type of network deployment, be it virtualized/cloud-based or on premises, traditional computing or IoT sensor-based.
And as malicious actors continue to evolve in their capabilities, network security controls must also be highly adaptable. To this end, today’s leading AI/ML-powered NDR platforms are redefining the next generation of network security solutions.