Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Research: LAN Sprawl Leaves Network Controls At Risk
Because of "LAN sprawl," the majority of IT decision-makers surveyed acknowledge a need to improve security in their environments
July 28, 2009
6 Min Read
MILPITAS, Calif.--(BUSINESS WIRE)-- ConSentry Networks today announces the results of a new Loudhouse Research survey, which reveals the pressures IT decision makers face as organizations begin to open up their networks to cross-functional users, third-parties, more diverse applications, and a plethora of corporate, personal, and non-user IP devices in an effort to reap greater operational gains and lower expenses. This multi-dimensional growth—or "LAN sprawl"—places so many new demands on the network that the vast majority of IT decision-makers surveyed (72 percent) acknowledge a need to improve security in their environments. A Yankee Group report, also released today, contends that incorporating context into the LAN can help IT resolve the challenges associated with LAN sprawl.
The Loudhouse LAN Sprawl survey, conducted in June 2009, is based on 200 interviews with IT decision makers from mid-sized (250+employees) to large enterprises (1000+employees) across the US (100) and UK (100) regions. Key survey findings:
93 percent say that users are now more likely to require access to different parts of the network at different times for business reasons.
92 percent of respondents see an increase in the need to manage users with multiple profiles/IDs to support cross-functional needs of their organization.
66 percent say the proliferation of devices and applications make it harder to audit the networks.
Two-thirds of IT decision makers polled believe that decisions to innovate business processes are often made without considering the impact to the network.
IT decision makers cited several areas where they needed to improve the level of control as a result of these dynamics in their network environments. The majority of respondents highlighted the need for improved control over security (72 percent), access to specific areas/job functions (68 percent), access to specific applications (65 percent), general user access (64 percent), and ad-hoc network access (63 percent).
The Yankee Group report warns that IT is challenged to maintain control over access to critical assets in response to LAN sprawl. To reap the business benefits of open LAN environments, the report concludes, the network infrastructure must evolve to provide greater visibility and control.
When asked how IT managers could improve network control, Yankee Group's senior vice president Zeus Kerravala said, "As the mix of users, applications, and devices continues to diversify and grow, corporate assets are at increased risk, so the onus is on IT to build more sophisticated networks that provide context about what is connecting to the network. This context-awareness must also include understanding the relationships among users, applications, and devices and the impact that environmental factors such as location and time of day can have on these interactions. Without this level of visibility, IT will not have the means for controlling the LAN sprawl so prevalent in companies today."
Multi-Dimensional Growth Leads to LAN Sprawl The LAN Sprawl survey asked respondents to consider how their LAN had grown over the last two years and about anticipated growth in the coming two years. A key finding is that LANs have grown at fairly consistent rates across a wide range of axes and are expected to maintain this multi-dimensional growth over the next two years, as shown in the attached graphic and on the resource page.
Support for the virtualized workforce—the dynamic mix of permanent employees and ad-hoc workers including contractors, partners, suppliers and customers—is among the biggest causes of this widespread growth. In addition, the Loudhouse research found that LAN sprawl results from compounding effects, such as increased roles per user, rather than simply linear growth in user or application count.
"With an increasingly mobile workforce consisting of reporters and freelance writers from all across the country, the need for visibility and control over their access to the corporate network has become a business-critical issue for us," said Vikas Khorana, IT Director at the Stevens Media Group. "ConSentry has enabled us to keep pace with this growth by providing us the deeper-level traffic intelligence and awareness down to the identity, application, and device. As a result, we are able to operate more efficiently and securely while tapping into the benefits of a dynamic workforce."
Dynamic Work Environments Biggest Drivers of Change When considering the drivers for change to user access on their LANs, the answers from IT decision makers reflect the strategic need for enabling dynamic work environments, especially in the US. Among the top drivers cited by US respondents are to support cross-functional internal groups (62 percent), work with outsourced suppliers or customers (56 percent), enable auditors or short-term contractors to access the LAN (53 percent), and support cross-functional groups spanning internal and external users (48 percent).
Context Is Required to Control LAN Sprawl Faced with an increasingly dynamic environment, virtualized organizations, and limited financial resources, IT departments need to find a new approach to address LAN sprawl. ConSentry commissioned the Yankee Group report to examine this issue. The study concludes that to align business networks with business processes and maintain full visibility and control, the role of the network must evolve from that of a passive infrastructure to one of being the underlying orchestrator of services and the central point for providing policy enforcement.
To be the orchestrator, the network must have context—stateful knowledge of each flow including the end user's identity, organizational roles, devices, applications at Layer 7, and other environmental factors such as location and time of day. Only a network that is context-aware can control traffic and provide services based on higher level business rules efficiently to capitalize on the productivity potential of the virtualized workforce.
"A decade ago, everything that touched a corporate network was known and owned by that enterprise, but today's picture is very different," continues Kerravala. "Today companies are seeking to gain competitive advantage by bringing their entire supply-and-demand chains into the network and building dynamic alliances involving not only internal users, but external users, applications, and devices. IT needs an automatic, flexible way to identify users and give them the access they need to participate in the competitive game plan of the parent company. That means context awareness has to extend across the entire LAN, even as its boundaries continually expand and change."
For More Information Click here for the following additional resources:
LAN Sprawl Research: executive summary, survey data, final report
Yankee Group Report: The Era of the Virtualized Employee
LAN Sprawl Slide Show
Video Interview with Zeus Kerravala, Yankee Group's senior vice president
ConSentry's blog: En Garde: ConSentry Networks on the new LANscape
About ConSentry Networks ConSentry is the leader in context-driven switching, a new class of switches that marries business policy with L7 visibility of users, applications, and devices to make forwarding decisions on the LAN. ConSentry's LANShield switches and controllers provide an integrated and programmable architecture for managing access to corporate assets across the LAN today and in the future. This fuels the virtualized organization by protecting assets, simplifying operations and improving productivity. More than 250 enterprises worldwide rely on ConSentry solutions for unprecedented visibility and granular, flow-based control of network access, at LAN speeds.
You May Also Like
Your Everywhere Security guide: Four steps to stop cyberattacksFeb 27, 2024
Your Everywhere Security Guide: 4 Steps to Stop CyberattacksFeb 27, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
API Security: Protecting Your Application's Attack SurfaceFeb 29, 2024
Securing the Software Development Life Cycle from Start to FinishMar 06, 2024
Laptop with ransomware, and bitcoin in the palm of a man's hand to illustrate ransomwareCyberattacks & Data Breaches