Outlining the Ingredients for a Successful Edge Security Strategy

As companies continue their digital transformation journeys, they are moving more IT resources out of the data center and closer to end users, making security even more critical and complicated. In fact, 77% of organizations associate edge computing with security concerns. [1]

It’s a given that security must be integrated and embedded with network, compute and storage systems to be most effective. But that’s a challenge in an edge computing ecosystem.

“Instead of securing a majority of resources in a handful of core locations, the distributed nature of edge computing means that infrastructure, data, and applications could be spread across hundreds or thousands of locations,” says Dave McCarthy, a research director with IDC’s worldwide infrastructure practice focusing on edge strategies, in CSOonline.com.

Additionally, the sheer number of devices connected to edge computing facilities, such as for Internet of Things applications, creates “a big security challenge and a lucrative target for attackers,” says John Pescatore, director of emerging security trends at the SANS Institute.

But vendors such as Lumen are stepping up with solutions, including specialized firewalls, security platforms and security solutions for edge applications. Cloud-based managed services tailored for the edge are also emerging, including Secure Access Service Edge (SASE) offerings. Artificial intelligence (AI) and machine learning (ML) technologies likewise have a role to play, with their ability to find threats in a mountain of data.

Firewalls and platforms designed for the edge

Firewalls remain crucial to any sound security strategy, including for the edge. But installing firewalls at each edge location is a challenge given the number of locations and lack of IT personnel at most of them.

An alternative is a web application firewall (WAF), which is a cloud-based solution that protects web applications against attacks such as SQL injection and cross-site scripting. Numerous capabilities can be integrated with a WAF to provide protection at multiple layers of the OSI model.

Lumen, for example, takes a modular, best-in-breed approach to WAFs, offering components from various partners, all delivered via a common orchestration and automation platform. Options include bot risk management (BRM) and Web Application and API Protection (WAAP) service modules from Lumen partners such as ThreatX, Wallarm and PerimeterX.  Lumen’s distributed denial of service (DDOS) protection offering can also be integrated, collectively providing protection for applications and assets from Layer 3, 4 and 7 attacks.

The strategy of delivering security services via a single platform that integrates offerings from multiple providers is important because companies tend to use numerous security products, which creates complexity and increases response time. More than 4 out of 5 (81%) of the 2,800 security leaders surveyed for the Cisco 2020 CISO Benchmark Report said it was very or somewhat challenging to manage multi-vendor security environments.

Managed services and SASE

Employing managed security services is another way to reduce complexity because the service provider takes on much of the burden. Cloud-based services are also a good fit for edge locations, because companies don’t need to have security infrastructure and software at each physical site.

Perhaps even better for edge locations is the idea of combining software-defined wide-area network services (SD-WAN) with managed security services, an approach that Gartner dubbed SASE (pronounced “sassy”). The idea is to enable companies to provide secure access from any device to applications hosted in the cloud or locally at an edge facility ­– with no need for security appliances on site.

According to a report quoted at CSOonline.com, Gartner expects the SASE market to catch on quickly. “By 2025, over 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch, and edge access,” CSOonline.com says.

In addition to reducing complexity, another driver for SASE is that it streamlines traffic flows. Currently, it’s common for traffic from edge locations to be routed through a branch office or VPN gateway to a security appliance. SASE eliminates that requirement, with traffic instead going directly to the SASE provider’s network, which is typically built for high-performance and low latency. Lumen’s SASE offering, for example, can offer latency of 5ms or less.

AI and ML offer additional protection

Increasingly, managed security offerings also take advantage of AI and ML technologies to detect malicious traffic and threats. AI/ML offerings can sift through network traffic in real time and identify threats by detecting when traffic patterns veer from an established norm.

Lumen has an additional advantage in this regard because it has visibility into the traffic traveling across its global internet backbone that includes more than 3.5 million miles of high-capacity, ultra-low-loss fiber in North America, and serving customers in  60+ countries around the world. In part based on this capability, Frost & Sullivan recognized Lumen as the sole winner of its 2021 New Product Innovation Award in the Global Holistic Web Protection Industry.

“Lumen has a unique visibility of the global internet backbone; because of this visibility the company can see threats that other platforms cannot,” Frost & Sullivan says. “Lumen can see and stop threats in real time. This visibility enables Lumen to harness threat intelligence, enriched using Black Lotus Labs, the company’s threat research division.”

Black Lotus Labs monitors some 195 billion NetFlow sessions each day. Relying in part on its AI and ML capabilities, it continues to monitor two of the most predominate IoT botnet DDoS threats, Gafgyt and Mirai.

Bringing performance and security to the edge

To reach their digital transformation goals, companies need to have robust edge computing capabilities. With its SASE offerings, Lumen can at once deliver both the performance edge applications require and the security they demand.

“The Lumen platform offers customers a web protection internet backbone with built-in, informed, automatic, and tailored security,” Frost & Sullivan says. “The Lumen platform is meant to assist and enable businesses to identify and mitigate various cybersecurity threats stemming from what Lumen refers to as the 4^th Industrial Revolution.”

To learn more about how Lumen can help you deliver performance and security at the edge, visit: www.lumen.com/edge

1 IDG 2020 State of the Network Survey