A comprehensive security and monitoring architecture requires a variety of tools, including NGFW, IPS, IDS, Forensics, DLP, Application Performance, Network Performance and other inline or out-of-band appliances. Still, all these protection systems are only as effective as the network traffic they see. In fact, the breadth of visibility to network traffic directly impacts the effectiveness of any security architecture. For pervasive visibility and security, the network traffic should be acquired from as many of the devices and applications present in the data center and span physical, virtual and SDN/NFV environments, as well as private and public clouds. But pervasive reach and static visibility alone are not sufficient to address the most salient of the current challenges such as:
- Emergence of new blind spots and threat vectors require dynamic changes in the visibility infrastructure in order to first detect and then eliminate those blind spots
- Key Performance Indicators (KPIs) and Key Capacity Indicators (KCIs) are always being adjusted and fine tuned for optimal monitoring
SecOps and NetOps administrators need a framework for increased automation so that the visibility infrastructure can respond dynamically to events or situations that diminish network access. These capabilities are the building blocks for modern IT.