Below the Surface – S1E2
TEPHANIE CAVIGLIANO [00:01:23] Hello and welcome to our second installment of Below the Surface. I’m your host, Stephanie Cavigliano, and here comes my co-host Darshna Kamani. Welcome, Darshna.
DARSHNA KAMANI [00:01:37] Thanks, Stephanie. And I believe it’s a happy birthday to you.
STEPHANIE CAVIGLIANO [00:01:42] Yes. Thank you. I celebrated a birthday over the weekend.
DARSHNA KAMANI [00:01:45] And did you have a good celebration?
STEPHANIE CAVIGLIANO [00:01:48] Yes, it was small this year, but that’s quite all right. I had my boyfriend and my best friend over. We had pizza and sweets. Which are, you know, all of my favourite things.
DARSHNA KAMANI [00:01:57] What more could you want than pizza and sweets? I’m in.
STEPHANIE CAVIGLIANO [00:02:01] Yeah, it was delicious. It was delicious day. That was right up my alley. So, yeah, thank you. It was lovely here in California, a little hot, but, you know, what else can you expect at the end of June right? I’m used to it.
DARSHNA KAMANI [00:02:12] You can definitely pull some of the heat over into the UK. We need some of that. It’s winter here today.
STEPHANIE CAVIGLIANO [00:02:20] Of course, you can have some. We have plenty to spare.
DARSHNA KAMANI [00:02:25] Perfect. So should we start with the show?
STEPHANIE CAVIGLIANO [00:02:28] All right, let’s get on with it. So last week we discussed email protection. We talked about their new e-book, the 13 “threat email prototype” that you need to know about right now. You can still download that for free on our website. But today, we’re going to shift gears a little bit. We’re gonna focus on another area of cyber security, securing the network.
DARSHNA KAMANI [00:02:49] We are indeed. And with some great insights, and equally great guests. But before we get started. Don’t forget to add comments or questions below and we’ll make sure to get to these later on. So let’s move on to today’s show. So if you saw our promos, we’re going to be joined by Tim Jefferson today. Due to unforeseen circumstances, he isn’t able to join us. However, “now we fear,” we wouldn’t want to let you down. So we invited Mike Goldgof to step in. Mike heads up product marketing, about Data Protection Network and Application Security Products and was pivotal in the research that we’re going to discuss today.
STEPHANIE CAVIGLIANO [00:03:28] Mike definitely has some great insights and that’s why we’ve invited him to join us today. He might even tell you it’s an upgrade. So Mike’s gonna come on and talk to us about another recent report recently released by Barracuda, where we surveyed global IT decision makers on their attitudes and opinions about SD-WAN adoption, along with data about acquisition preferences, variations by industry and a variety of other related issues. Welcome, Mike.
MIKE GOLDGOF [00:03:58] Thank you. It’s great to be on. Very exciting topic today. Looking forward to it.
DARSHNA KAMANI [00:04:03] I’d love to have your mike, so what do you think? Pizza or sweets or both?
MIKE GOLDGOF [00:04:08] Definitely both.
DARSHNA KAMANI [00:04:10] Both? Sweets on the pizza?
MIKE GOLDGOF [00:04:11] Yup. Yeah. Anyway, we can get it.
DARSHNA KAMANI [00:04:19] Okay. So before we get going on the research findings, we thought it would be good to go back in time a little and have a look at the elevation of network security over the last 20 years. I believe this may help set the scene around the research. So Mike, can you tell us what networks were like 20 years ago?
MIKE GOLDGOF [00:04:37] Sure. So they were basically campus and branch network. So you had headquarters with a big switch and firewall and you was connected to branch locations. And it was basically there to connect people so that they could communicate and also connect them to data.
STEPHANIE CAVIGLIANO [00:05:01] Mike, tell us why people started building data centres.
MIKE GOLDGOF [00:05:05] Yes. So what happened then was the growth of the Internet and with the growth of the Internet camw web applications. And so people built data centres to house their Web app servers, their data stores, things like that.
DARSHNA KAMANI [00:05:23] Okay. So we have data centres. So then where did software as a service come into this? How does that play into this network story?
MIKE GOLDGOF [00:05:31] Absolutely. So people wanted to access their applications and the Cloud and a bunch of providers started building software as a service application. Some of the examples are Office 65 or Salesforce. And eventually that also led to the emergence of the major cloud providers, say AWS., Microsoft Azure, Google Cloud, things like that.
STEPHANIE CAVIGLIANO [00:05:56] All right. So essentially, we’ve moved from data centres to software as a service or “SAF”, which is really just taking you really from a private data centre to one that somebody else owns, right? We have a little saying at Barracuda. Friends don’t let friends build data centres. So we’ve shifted to a “SaaS” model. It’s a lot easier in some respects to tell us what happened next, Mike.
MIKE GOLDGOF [00:06:19] Yes. So then came the digital transformation. Things got really interesting. What happened there was the value started to shift very quickly from physical assets to digital assets. You had more and more customers that started to compete based on how quickly they can build these applications and turn them on. And so that really changed things around. And this is where the you know, things like, you know, agile development, dev ops processes became key because that all, you know, sort of leveraged the speed. And and this is where the the advantages of public Cloud really became very apparent because, you know, as you said, friends don’t let friends build data centres. Part of the reason is that it takes a long time to order servers, put software on them, turn them on. It takes months and now with the public Cloud, you could do things in days or even hours in terms of what used to take so long in the data centre. So that’s kind of the evolution.
DARSHNA KAMANI [00:07:32] Fantastic. So plenty of advantages there. And the diagram that you should be able to see on the screen saying and shows enterprise public Cloud access. Can you explain what’s shown by the dotted line?
MIKE GOLDGOF [00:07:44] Yeah, absolutely. So what you’re seeing here is basically that campus and branch network that you started with, but with the addition of the data centre down the bottom, and if you’ve got the public Cloud on top. So this is kind of a hybrid situation. So you’ve got some apps running in the data centre. But, you know, more and more in public Cloud. And so what was that dotted line is showing, it’s very important is what’s called a direct Internet breakouts. So because if you’re sitting on a branch or you’re running Office 365, let’s say you don’t want to be calling all the traffic through the data centre. You want to connect directly. In fact, Microsoft recommends that you do that for best performance. So that’s kind of what’s going on here. You basically, people are changing now, changing the network to fit the application consumption pattern, if you will.
STEPHANIE CAVIGLIANO [00:08:42] Okay. So we’re seeing a definite evolution of the network here that we’ve hear here within the past couple of decades. But what are we thinking about for the future? How are we seeing that?
MIKE GOLDGOF [00:08:53] Right. So in the future, we see the public cloud is becoming quickly becoming the new normal. And so, in addition to the public Cloud, in addition to infrastructure as a service, you are starting to see now network services such as “virtual WAN”, that’s “Azure virtual WAN”. So you’re now starting to see network as a service as well and so, you know, this is very key because, you know, it again, adds to that agility. Being able to build fast, innovate quickly while leveraging this whole global infrastructure where you can have applications in different regions. And, you know, a key challenge to customers today is to figure out how to evolve their networks to fit this new reality.
DARSHNA KAMANI [00:09:48] Okay. Thank you for that background. And some future vision that’s been really helpful. So shall we dive into the research? Barracuda Commission “fence” and board to carry out research on our behalf and a variety of topics around public Cloud security. Back in February, when we published the initial results in the report entitled Future Shock, the Cloud is the New Network. What we found out in this report is organisations are moving infrastructure’s public Cloud. Security is the top concern restricting an even faster adoption of public Cloud and secure SD-W.. One is the solution of choice to secure access to public Cloud. So since secure SD-Wan is a key solution to secure access to the Cloud. We ask more questions about these deployments. The findings were recently published in a follow up report entitled Secure a SD-Wan the Launch Pad into Cloud, which you can find on the Barracuda website. So let’s delve into these findings, mike.
MIKE GOLDGOF [00:10:47] Yes, absolutely. Some very interesting and unique insights from 750 I.T. decision makers that we went out with a survey to across the globe.
STEPHANIE CAVIGLIANO [00:11:02] Okay, Mike. So let’s start, how about with the Cloud? How quickly are people moving there?
MIKE GOLDGOF [00:11:08] Yeah, so the data showing that 45% of the organisation’s infrastructure is already in public Cloud. You know, so it’s moving quickly. And what it’s showing is that it’s going to get to 75% within 5 years. And it’s you know, U.S. is a little ahead. But it’s very consistent amongst the regions. This is definitely happening and it’s happening fast. And, you know, it’s not surprising to me that that’s happening so fast because of the advantages public Cloud I just talked about this awesome compute power that you get, you know, the ability to quickly deploy applications, things like that.
DARSHNA KAMANI [00:11:52] And to me, Mike I’m sure in the current situation we are rolling that the adoption of public Cloud will probably increase even more quickly than we’re expecting in the next 5 years or so. There’s a lot of benefit to moving, you know, an organisations infrastructure to the Cloud, like you mentioned. However, from the research that we found that we conducted, 70% say security concerns which restrict that organisation’s abduction of a child. Can you tell us why security is such a big area?
MIKE GOLDGOF [00:12:21] This is a really interesting topic, because early on when the public Cloud providers were just growing, there was this sentiment that maybe, you know, is it really secure in the Cloud? And by now we’ve we’ve seen that the actual infrastructure that the cloud providers provide is very secure. But many organisations don’t yet know how to secure their own applications and the Cloud and the wrong data, how to build it secure.
STEPHANIE CAVIGLIANO [00:12:55] So not worry is really understandable, especially considering that from the research we saw that 75% of our respondents had actually been the target of a cyber attack. But it seems to me that that would imply that security should be seen as an enabler rather than a barrier. So is SD-WAN deployment the answer? The research shows us that 74% have deployed or are considering deploying SD-WAN within the next 12 months. Are you surprised by this, Mike?
MIKE GOLDGOF [00:13:24] It is a little surprising how many have already deployed, given that it’s really still a new technology, relatively new technology. But, you know, it makes sense considering that people are deploying out apps and public Cloud with their consumption behaviour is switching to software as a service applications more and more. And in basically, their existing network is just not a good fit for this new architecture. And SD-WAN has been proven, a viable alternative and it brings major benefits, performance, security costs, savings. It’s definitely exciting to see how quickly the uptake has been growing.
DARSHNA KAMANI [00:14:16] Definitely exciting. From the research we found that it varies greatly by industry. Do you have any specific examples might that come to find when peopIe have implemented a SD-WAN.
MIKE GOLDGOF [00:14:27] Yeah, well, first off, if you download our report, you will see the information on 10 different industries and that, you know, I mentioned unique. It’s pretty unique to see the actual SD-WAN deployment patterns. And later, we’ll see, it’s not just, you know, how quickly it’s happening, but maybe some of the motivations behind it. But in terms of industries, yes. I mean, if you look at public sector, for example, where budgets are very limited and sometimes, you know, they’re behind the new technologies, you see only 70% have already deployed SD-WAN. But then you see financial services in there are 35%. Then, of course, you know, some of the drivers there as they’re dealing with money, they’re dealing with, you know, private information. And, you know, they’re hence targeted by cyber criminals. But I think the one interesting thing to see here is financial services happens to be some of the most risk averse organisations out there. And just the fact that they have deployed on such scale already is a great validation for, you know, as SD-WAN technology. So things are definitely going to be different in the Cloud and organisations face challenges when it comes to securely accessing the public Cloud. Now, if we think about in the data centre, a firewall is typically used to set really strict policy on who can access certain information. Now, our research found that 42 percent found that lack of control over who has access in the public cloud is one of their biggest challenges. So can these sort of mediate this or accomplish this with SD-WAN?
MIKE GOLDGOF [00:16:17] Yes, definitely. But what you need is more of an all in one SD-WAN solution that includes security with granular policies. Those ganual policies is what’s going to allow for access to public Cloud and secure access. And this is where the challenges come in today, because a lot of customers are trying to combine technologies from different vendors to different technologies with firewall and this SD-WAN and combined them correctly so they can achieve the same level of security that they’re looking for.
DARSHNA KAMANI [00:16:54] And then to add to this, the second biggest challenge that was cited is “back calling” traffic. Why is that challenge?
MIKE GOLDGOF [00:17:02] Yeah. So see, what happens is that people try to use their existing networks without modifying them or modify, you know, or minimise the modifications because they’re afraid to change their security policies or to restructure the way that things are access. And so what they end up doing is they still have the big firewall in their data centre. And what they’re doing. All of the traffic, you know, whether it’s Office 365 or a Web application in public Cloud, they’re still taking the traffic back holding it through the data centre where they apply policy, security policy. And then they forward it over to the branch. And that is, you know, kind of leading to a lot of frustrations with some of the migration’s who are people. For example, they move through from exchange to Office 365 all of a sudden, you know, there they’ve got latency, they’re experiencing it a branch. They’ve got, you know, increased network costs. And that is all because, you know, so to Jefferson, our SVP actually calls this architectural anti-pattern, which you’ve got here is that your network does not fit the way that people are accessing and consuming applications. And this is what this is a kind of this particular challenge is. How do you restructure a network? So the things are operating optimally.
STEPHANIE CAVIGLIANO [00:18:44] So it definitely seems as SD-WAN is going to be the right, the most efficient, most secure solution when moving to the cloud. However, what we found out in our research is that there is an overwhelming preference to acquire this type of security and deployment through a public Cloud provider. So where does this leave security vendors like Barracuda?
MIKE GOLDGOF [00:19:06] Yeah, this is really interesting because what surveys showing is that while people are indicating the preference to acquire “Via” Cloud provider, they’re also finding that Cloud providers do not have sufficient offerings as it relates to security. And, you know, again, you know, all of the major cloud provider, A.W., US, Microsoft, Azure, Google Cloud have proven that their platforms are actually very secure. It is all about, you know, how does an enterprise take their applications and their data deploy in public Cloud securely? So it’s not surprising that people want to get it from their Cloud provider because they’re seeing thousands of controls that the Cloud providers have in their own platform for security. But it is the challenge of how you take these controls and apply to your own applications in the Cloud and your own data. And so this is some of where third party security vendors come in. But in order to make that work, they have to take their platform and fully integrate it into the Cloud service provider.
DARSHNA KAMANI [00:20:28] Which to me makes total sense. And I understand why no organisation should use that part of vendors. So then why do organisations want to acquire SD-WAN this way?
MIKE GOLDGOF [00:20:41] Right. So we’ve asked that question. And, you know, we’ve got responses, simplicity of adoption was top. But, you know, there was there was cause, there was, you know, the ability get full solution. We got the 5 top responses that were all very important, which is sort of a kind of an unsatisfying answer. But it turns out that once you dig in there and you start looking at the information by industry, things are very, very different. So the example I’d like to use is retail for retail. Simplicity of adoption is by far the most important factor. And it’s not surprising because retail organisations are highly distributed. They’ve got these stores all over the place. And, you know, they had Web application deployed for a long time. Now they’re moving them into the Cloud. They’re go into SaaS. And so, you know, for them, at these locations, thousands of locations, they don’t have access to a lot of I.T. or security expertise. And so the simplicity of adoption is very, very key for them to deploy easily to scale easily managed this is highly scalable solutions.
STEPHANIE CAVIGLIANO [00:22:09] Right. I want to keep it simple, for sure. So, Mike, thanks so much for taking us through some of the research and some of the key takeaways from Barracuda’s report on SD-WAN adoption. Let’s shift a little bit. I want to hear your thoughts on Barracuda’s public Cloud vision and how we can support for innovation?
MIKE GOLDGOF [00:22:28] Right, absolutely. So what we’re seeing is most of our customers have already moved or are moving their applications to public Cloud. And, you know, in addition, I mentioned that before, in addition to having infrastructure as a service to the Cloud providers are starting to offer network services. So there’s like this network as a service that’s emerging. And a key challenge and then key need for customers is to combine security in networking as they start to utilise these new services. And, you know, so you’re in a situation where, you know, you are building everything in public Cloud, you know, you need secure access. Public Cloud really has become the new data centre. There is no perimeter anymore, no central location. You’ve got applications that are everywhere in regions optimised for the consumption patterns. And so you need to do is you need to build a highly dynamic, secure access pattern to be able to leverage these things. And at Barracuda, we build a technology for as the when it’s very mature, we call it TINAR or Transport Independent Network Architecture. We’ve had it for over 10 years. And so what we see and what we have working on very hard here is combining that with full integration into the public Cloud platforms to really allow customers to programmatically build their SD-WAN using native Cloud platforms. And, you know, we we have worked on a number of services as part of as SD-WAN that provides that easy to use, that simplicity. We have a unique zero touch service that allows deployment across hundreds and even thousands of sites that automates our orchestration into that environment to allow customers to build SD-WAN easily and securely. So I’m really excited about aligning our new technologies with the customer needs as they continue to migrate into the new accelerated public Cloud migrations. And what I’d like to do is I’d like to end by teasing you with an exciting announcement that’s coming by the end of July. So stay tuned and watch the space.
DARSHNA KAMANI [00:25:26] Definitely. Thank you, Mike. Stay tuned to watch this space, we’ll have Mike, “backeld up to what that” exciting announcement is. It’s been great talking to you, Mike. Unfortunately, that is all we have time for today. Thank you for joining us on below the surface and providing some amazing insights.
MIKE GOLDGOF [00:25:44] Thank you very much.
STEPHANIE CAVIGLIANO [00:25:46] You know, Mike, that was a heck of a tease. I’m dying to know what the announcement is. I got to say, so I’ll stay tuned.
DARSHNA KAMANI [00:25:52] That’s July.
STEPHANIE CAVIGLIANO [00:25:53] That’s a really great insight. Thanks so much, Mike.
MIKE GOLDGOF [00:25:57] Thanks for having me. Take care now.
STEPHANIE CAVIGLIANO [00:26:01] All right, everyone. Don’t forget to go to Barracuda.com for all of the insights from this report. You can download your copy right now.
DARSHNA KAMANI [00:26:10] Thanks, Stephanie. And don’t forget to follow Barracuda on LinkedIn for the next installment of Below the Surface. Until next time. Have a safe journey.