Converged Security The Next Big Thing For CISOs

by Sohini Bagchi    May 02, 2016


With more and more connected devices coming into play, security concerns are increasing. Creating a secure environment for multiple devices to operate in is the need of the hour. In a recent interaction with CXOtoday, Sanjai Gangadharan, Regional Director, SAARC, A10 Networks (who heads the India business) explains why converged security solution will be the next big thing in the enterprise and states the main differentiators of A10’s new converged firewall solution. 

- The number of cyber-attacks in organizations is on the rise. India is said to being highly prone to security risks. What are the new breeds of cyber risks the enterprise space needs to look out for?

Indian companies are quite well informed in their views on cybersecurity, and have a good understanding of the challenges and solutions that needs to be put in place. Previously, Indian companies may not have been very proactive in implementing measures to prevent cyber-attacks. Today, with the digitization of businesses and with IT driving mission critical business functions, security has become a priority. Trends like encryption, IoT, mobility and cloud have created more mediums through which cyber attacks can be launched.  Therefore it is not surprising that we are poised to pose more attacks and security vulnerabilities in 2016.

The wide spread use of Web applications, especially mobile applications, pose a significant risk to enterprises. Approximately 75 percent of the mobile applications scanned exhibited at least one critical or high-severity security vulnerability.

At the same time, with the continued rapid growth in the Internet of Things (IoT), we expect to see an increase in both the number and severity of active exploits of connected devices. Analysts predict that there will be over 5 billion connected “things” by the end of 2016, and as the number of devices leveraging personal information grows, we’ll start hearing about exploits targeting consumer-oriented IoT devices.

Cloud services will also increase attack surface and burden perimeter security. With applications hosted in the cloud, malicious users can now attack apps from any location and any device. The adoption of cloud-based services will inevitably increase the load on secure web gateways and perimeter firewalls. Since much of this traffic is encrypted, businesses must ensure that their security devices can keep up with demand.

Malware has evolved to a revenue-generating activity for attackers. The attack targets shifted notably in line with evolving enterprise trends and focused heavily on monetization. Malware is rapidly affecting mobile devices due to the high number of connected devices. It is also increasingly affecting ATMs where in both the hardware and software gets breached.

Over the past few years, SSL encryption has become all the rage for both application owners and hackers and for good reason. Encryption improves security by providing data confidentiality and integrity.  Increasing SSL usage poses a problem when organizations wish to inspect traffic for malicious content such as malware, viruses or targeted phishing attacks. Many products that secure web, email and file transactions cannot inspect encrypted traffic or cannot keep pace with growing SSL encryption demands, resulting in blind spots in corporate defenses.

- Cyber-attacks are growing at a very fast pace and the IT enterprise sector is spending more than before to secure their data from these risks. What is A10’s stand on this situation and how are they catering to the current security needs of their customers?

Emerging trends like mobility, virtualization and cloud adoption have certainly complicated IT security resulting in corporates spending a lot more than before. According to Gartner, security spending continues to grow in 2016, projected to reach $1.23 billion in India and security services are expected to increase to 60 percent by 2019. Yet, the rate of cyber-attacks is at a constant rise. In fact, Prime Minister Narendra Modi has described cyber-related threats as a global risk to bloodless war. Data breaches continue and cybersecurity incidents grow exponentially in frequency, size, and cost.

Being the next generation ADC and security solutions provider, A10 Networks is ahead of the curve with its efficient and cutting edge enterprise security solutions. A10 Networks’ application networking, load balancing and DDoS protection solutions accelerate and secure data center applications and networks of the world’s largest enterprises, service providers, and hyper scale web providers. A10 offerings are built on the Advanced Core Operating System (ACOS). ACOS application networking platform maximises the performance of the most expensive system resources, processors and memory in order to deliver the highest performance.

- What was the idea behind creating a converged security solution? What is its unique value proposition?

With more and more connected devices coming into play, security concerns are increasing. Creating a secure environment for multiple devices to operate in is the need of the hour.  Some of the new market drivers which led us to design a converged firewall are increased adoption of mobility, rise in security breaches, SSL traffic and increased usage of Cloud. Thunder CFW provides superior value by combining advanced security solutions such as Data Centre Firewall, Gi/SGi Firewall, Secure Web Gateway and IPsec VPN with A10’s best-in-class products like ADC, CGN and SSL Insight to provide a converged security platform for both service providers and enterprises.

- How is a converged security solution different from the other solutions?

Converged security solution helps in reducing the data center footprint and lowers cost by consolidating networking and security. The main differentiators of A10’s Thunder CFW are convergence, performance and programmability.

Thunder CFW provides three converged security and application networking solutions in one platform: Data Centre Firewall plus ADC, Gi/SGi Firewall plus CGN, and a SWG combining SSL Insight plus Proxy and URL filtering.

Exceptionally high performance in a compact form factor, delivering up to 220 Gbps throughput, up to 268 million concurrent connections and up to 5 million connections per second in a one-rack appliance. A 100% programmable converged security platform with standards-compliant RESTful APIs.

Comparing to alternative vendors where customers need to buy two separate solutions if they need to load balance data centre servers, A10’s CFW offers a converged firewall, IPsec VPN, and server load balancing that helps facilitate consolidation and cost savings without affecting network performance in the data centre. At the same time, Thunder CFW can also decrypt encrypted traffic for inline security devices such as firewalls and intrusion prevention devices, and advanced threat protection (ATP) platforms, while most SWGs are not able to.

- What are the benefits of Thunder Converged Firewall?

Thunder Convergent Firewall (CFW) incorporates a Data Centre Firewall, a Gi/SGi Firewall, IPsec VPN, and a Secure Web Gateway on a single platform. Thunder CFW is the first converged security solution for service providers, cloud providers and large enterprises, with benefits including:

- The high-performance firewall with integrated distributed denial of service (DDoS) and Carrier Grade NAT (CGN) protects mobile carriers’ LTE infrastructure from increased security risk posed by advent of Internet of things (IoT) and 5G data services

- The firewall with integrated DDoS protection and Server Load Balancing (SLB) protects data center applications and infrastructure from network, Web application and multi-vector DDoS threats

- It has the ability to classify more than 13 billion URLs into 83 categories to provide outstanding scale and accuracy. It also provides superior decryption capabilities

- It provides data privacy when traffic is transported between data centres

- Thunder CFW enables Secure Web Gateway customers to decrypt SSL traffic once and provide visibility to multiple security devices

- It also expands security efficacy and extends the life of the existing security infrastructure

- A10 Network’s roadmap for India in 2016, in terms of products and technology, and channel?

A10’s CGN solution is widely accepted by telecom companies worldwide and we are leaders in this space. We would further like to consolidate our position in this space as the transition happens from 3G to LTE in 2016. We are also continuing to focus on the company’s security solutions like DDoS mitigation, SSL traffic inspection as enterprises are placing increasing emphasis on IT security to protect their corporate defences. At the same time, we are investing in advancing skillsets of our channel ecosystem to further expand our reach in the security market.