Can AI get you from network monitoring to proactive observability?

How do we move from network observability to proactive monitoring? It has been a challenge for most network teams for decades. One of the problems network teams face is the vast volume of data they deal with and the lack of time and skills to interpret it.

Two decades ago, that data was generally contained, with the majority of traffic understood by network teams. Today, the explosion of cloud apps and remote working has made understanding traffic a significant challenge. It is not just the volume of data but the complexity of that data that makes the challenge hard to overcome.

Stephen Amstutz, head of strategy and innovation at Xalient (Image Credit: Xalient)
Stephen Amstutz, head of strategy and innovation at Xalient

So, where do we start? To find out, Enterprise Times talked with Stephen Amstutz, who’s the head of strategy and innovation at Xalient. Amstutz believes that the move to software-defined networking gives us a chance for greater observability of data. He talks about the gains from having greater granularity into how applications are consuming the bandwidth.

But this is not just about utilisation. Amstutz says, “Not only are we getting utilisation statistics, but we’re also getting all of the metadata that goes along with that, so we know what applications are being used and consumed, and we know what users are consuming those applications. We’re able to much more effectively understand how the network is being used.”

That understanding allows an organisation to set its Quality of Service metrics to prioritise key applications. It also highlights where legacy applications are still in use. A critical area when companies are moving to the cloud.

To hear more of what Amstutz has to say, listen to the podcast here: Can AI get you from network monitoring to proactive observability? – (enterprisetimes.co.uk)

Over the past decade, the shift from a traditional IT infrastructure to cloud-based computing has been rapid, with many companies embracing cloud migration. In the coming years, cloud services will dominate – they are already quickly overtaking on-premise in-house traditional IT systems as a reliable, scalable, cost-effective IT solution. Here we look at how cloud transformation can help address some of the challenges businesses face when entering the early stages of growth and scalability.

One of the most significant benefits of cloud transformation is the flexibility it offers businesses, particularly where hard-earned growth is just beginning to take off. Traditional IT infrastructures endure challenges that can be extremely costly in time and money as the company grows.

Let’s take an example; as the number of employees increases, so does the volume of traffic on the network and data usage. With a traditional IT infrastructure, the only alternative solution is to rent or purchase additional hardware, which can be costly in terms of the initial acquisition and ongoing maintenance costs. The on-demand space of cloud computing has virtually unlimited storage space and server resources, meaning it is infinitely scalable, so you can scale up or down depending on the level of demand.

Moreover, it is more cost-effective than traditional IT infrastructure due to payment methods for data storage services. With cloud-based services, you only pay for what is used – similar to how you’d pay your utility bills, and the decreased downtime means enhanced workplace performance and increased profits in the long run. Cloud also allows businesses to support a hybrid working environment, where applications are available from anywhere, and employees can be as productive from the train as they are at the office.

However, the move to the cloud isn’t without its challenges.

Infinite scale brings with it multiple security challenges. As each new virtual server or appliance is deployed, with potentially critical data stored, how do you ensure that access to that data is correctly managed? How do you ensure that the correct security policy is applied to every new cloud workload? With cloud applications inherently accessible from anywhere, how do you police an equally infinite security perimeter? How do you monitor performance and ensure user experience on a platform you no longer manage?

How can a cloud security platform help you transition to the cloud?

A cloud-native platform can scale with demand and is consumed by businesses in the same predictable model as any other SaaS or cloud product. It can provide all of the benefits one would expect from a cloud service; centralised management, resilient architecture, global coverage and consistent application of policy, whether the workload is on-premise, cloud or SaaS-delivered.

As with many cloud services, time to value is short, allowing you to deploy quickly and reap the benefits immediately, providing secure access to your cloud workloads from day one, and releasing your teams to concentrate on the task at hand – migrating everything else.

Internet Access secures access to the Internet, whether the user is on-premise or remote working, with policy managed and delivered centrally, but service provided using a distributed cloud model to maximise performance and user experience – secure your perimeter at cloud scale.

Cloud Security Posture Management can help you to understand how your cloud platforms have been (and should be) deployed to ensure that your move to the cloud isn’t exposing security flaws, and Private Access enables you to minimise your attack surface and move towards a Zero Trust architecture for access to your cloud applications.

A Digital Experience solution provides detailed information on the end-user experience, delivering support teams deep insight into cloud-delivered applications, so they can pinpoint issues quickly and resolve them as quickly as possible – ensure your users thoroughly enjoy the benefits of the cloud.

Click here to find out how Xalient can help to deliver your transformation.

Written by Stephen Amstutz, Head of Strategy and Innovation, Xalient

In today’s world, the volume of data and network bandwidth requirements are growing relentlessly.  So much is happening in real-time as businesses adapt and advance to become more digital, which means the state of the network is constantly evolving. Meanwhile, users have high expectations around applications – quick loading times, look and feel visually advanced, with feature-rich content, video streaming, and multimedia capabilities – all of these devour network bandwidth. With millions of users accessing applications and mobile apps from multiple devices, most companies today generate seemingly unmanageable volumes of data and traffic on their networks.

Networks are dealing with unmanageable volumes of data

In this always-on environment, networks are completely overloaded, but organisations still need to deliver peak performance from their network to users with no degradation in service. But traffic volumes are growing, and this is bursting networks at peak hours, akin to the M25; no matter how many lanes are added to the motorway, there will always be congestion problems during the busiest periods.

As an example, we’re seeing increasing need for rail operator networks to handle video footage from body-worn cameras, in order to cut down on anti-social behaviour on trains and at stations.  However, this directly impacts the network, with daily uploads of hundreds of video files consuming bandwidth at a phenomenal rate, yet the operators still need to go about their day-to-day operations while countless hours of video footage are uploaded and processed.

This is a good example of where AI and ML can and is helping organisations take a proactive stance on capacity and analyse whether networks have breached certain thresholds. These technologies enable organisations to ‘learn’ seasonality and understand when there will be peak times, implementing dynamic thresholds based on the time of day, day of the week, etc., as a result.  AI helps to spot abnormal activity on the network, but now this traditional use of AI/ML is starting to advance from ‘monitoring’ to ‘observability’.

So, what is the difference between the two? 

Monitoring is more linear in approach. Monitoring informs organisations when thresholds or capacities are being hit, enabling organisations to determine whether networks need upgrading.  Whereas observability is more about the correlation of multiple aspects and context gathering and behavioural analysis.

For example, where an organisation might monitor 20 different aspects of an application for it to run more efficiently and effectively; observability will take those 20 different signals and analyse the data making diagnostics with various scenarios presented.  It will leverage the rich network telemetry and generate contextualised visualisations, automatically initiating predefined playbooks to minimise user disruptions and ensure quick restoration of service. This means the engineer isn’t waiting for a call from a customer reporting that an application is running slow. Likewise, the engineer doesn’t need to log in and run a host of tests, and painstakingly wade through hundreds of reports, but instead can quickly triage the problem.   It also means network engineers can proactively explore different dimensions of these anomalies rather than get bogged down in mundane, repetitive tasks.

This delivers clear benefits to the business by reducing the time teams spend manually sifting through and analysing realms of data and alerts.  It leads to faster debugging, more uptime, better performing services, more time for innovation, and ultimately happier network engineers, end-users and customers. Observability correlation of multiple activities enables applications to operate more efficiently and identify when a site’s operations are sub-optimal with this context delivered to the right engineer at the right time. This means a high volume of alerts is transformed into a small volume of actionable insights.

Machines over humans

Automating this process, and using a machine rather than a human, is far more accurate because machines don’t care how many datasets they must correlate. Machines build hierarchies, and when something in that hierarchy impacts something else, the machine spots certain behaviours and finds these faults. The more datasets that are added, the more of a picture this starts to build for engineers who can then determine whether any further action is required.

Let’s touch on another real-life example. We are currently in discussions with a large management company who own and manage petrol station forecourts. They have 40,000 petrol stations, and each forecourt has roughly 10 pumps, equating to 400,000 petrol pumps across the US.  Their current pain point is a lack of visibility into the petrol pumps and EV chargers connected to the network.  As a result, when a pump or charger is not working, they might only become aware of this following a customer complaint, which is far from ideal.

The network telemetry that we are able to gather, and that behaviour analysis, means we could provide business insights, not just network insights. We could see if a petrol pump stops creating traffic, which triggers a maintenance request to go and fix the pump. This isn’t a network problem, but the network traffic can be leveraged to look for the business problem. This is a use case for fuel pumps and EV chargers but imagine how many other network-connected devices there are in factories or production facilities worldwide that could be used in a similar way.

Getting actionable insight quickly

This is where our AIOps solution, Martina, predicts and remediates network faults and security breaches before they occur. Additionally, it helps to automate repetitive and mundane tasks while proactively taking a problem to an organisation in a contextualised and meaningful way instead of simply batting it across to the customer to solve. Martina discovers issues with recommendations around tackling the problem, ensuring that organisations always have high-performing resilient networks. In essence, it essentially makes the network invisible to users by providing customers with secure, reliable, and performant connectivity that works. It provides a single view of multiple data sources and easily configurable reporting so organisations can get insights quickly.

Executives and boards want their network teams to be proactive. They won’t tolerate poor network performance and want any service degradation, however slight, to be swiftly resolved.  This means that teams must act on anomalies, not thresholds, to understand behaviour to predict and act ahead of time. They need fast MTTD and MTTR because poor-performing networks and downtime impact brand reputation and ultimately cost money! This is where proactive AI/ML observability really comes into its own.

 

We are working with the Product and Process Innovation project (PIPA) as part of our MARTINA expansion. The PAPI project is part-funded by the European Regional Development Fund as part of the European Structural and Investment Funds Growth Programme 2014-2020, in partnership with the Northern Powerhouse, and delivered by the University of York.

 

How does Identity and Access fit into the Zero Trust Framework?

Identity and Access is a vital component of Zero Trust. It is crucial to securing business data, keeping customers confident and employees protected. Any high-level security model really breaks down into a trust issue: Who and what can I trust? – the employee, the devices, and the applications the employee is trying to connect to. In the middle is the network but today, the corporate backbone is the internet. Identity is the fundamental feature in controlling who has access to your company data, from where and using what device.

With Zero Trust, we assume everything on the internet holds risk, and that no user or application should be trusted regardless of whether the person or entity is “inside” or “outside” an organisation’s perimeter. Instead, we must continuously and rigorously verify anything and everything before granting access.

Most organisations have some sort of Identity solution – especially with cybercrime escalating, and a record-breaking number of data breaches of increasing sophistication and severity taking place year-on-year.

Organisations with less sophisticated tools, or who are not making full use of their solution i.e., only implementing a Multi-Factor Authentication (MFA) or just utilising basic credentials to access a VPN (Virtual Private Network), represent a significant percentage of victims targeted, especially during the pandemic. As a consequence, the Zero Trust model has quickly become a fundamental security requirement rather than a ‘nice-to-have’.

One would expect this to be high on the list of priorities for an organisation that has a vastly distributed workforce. The company may have accumulated many tools that do the same thing – VPN clients, Endpoint Detection and Response (EDR), Antivirus and Remote Access etc. -and, as a result, has identified a gap in their security posture and policy.  Xalient’s Identity and Access module consolidates and manages these tools so that the user at the start of the journey has the correct experience from the get-go. Furthermore, the framework utilises identity verification, authentication factors, authorisation controls, as well as other IDAM and cybersecurity capabilities to verify a user before any level of trust is awarded.

Organisations are looking for a secure solution for their applications, devices, and their users, which is why the Zero Trust model becomes a fundamental component, regardless of where they are located.

The shift to remote working

With remote and hybrid working now commonplace, there has been a mass migration away from the secure perimeter, which has put more emphasis on consumption of cloud services. The concept of trying to extend the secure perimeter to the location of the user and the application means businesses must be ready to implement Zero Trust for all types of users, not only employees but partners, contractors, and customers too.

At the same time, organisations need to harness the power of applications. They need to be highly productive with fast and easy access to the applications they need to do their job. This is not only essential but is fundamental to becoming a modern digitised business. To enable this environment, businesses need reliable network access from the edge to the core and security that is based on a Zero Trust framework to ensure robust, efficient, and secure access to essential business applications from wherever the employees and/or users are located.

What does Xalient’s Identity and Access Module Encompass?

As part of Xalient’s Zero Trust Framework, the Identity and Access module supports both remote and branch / on-prem cloud and cross-domain technology. The module is focused on providing solutions to the questions of trust, specifically user, device and location. We offer a consultative approach drawing on significant technology expertise and experience, with a world-class Managed Services offering. Our dedicated team are experienced with industry leading IDAM, EDR and NAC (Network Access Control) solution vendors, and have the skills required to design, build, and manage your global Identity and Access Management solution for you. Our certified consultants and administrators can advise on how you can ensure only the right people access your network, but also do so efficiently and securely, wherever they are in the world.

Written by Mark Cooke, Chief Operating Officer, Xalient 

Today’s enterprises conduct business and use digital technologies in ways that are evolving constantly.  This digital transformation is making traditional perimeter-based cybersecurity IT infrastructure redundant. The days when every user and every device that are sat inside the organisation’s premises or firewall can be automatically trusted, are over for good. 

For decades, the enduring principle in corporate IT policy was the ‘castle and moat’ approach to securing user access to applications. Everything that needed to be accessed securely sat inside the castle and once the drawbridge was up and the castle was protected by its moat (or firewall), nothing unknown could get in or out, and everyone could trust each other.  However, over the last 10 years applications and workloads have moved to the cloud, and users are increasingly accessing them remotely via the internet. This means that traffic is going from a user that was sitting inside the castle to an application that now sits outside. The network is no longer a secured enterprise network. Instead, it is the unsecured internet and the solutions employed to keep attackers out are no longer effective. 

Megatrends  

In addition to the technological changes in the way enterprises operate today, there have also been massive global macro-economic shifts that have fundamentally changed the way companies hire staff and engage with customers around the world. This globalisation of business and trade is an unstoppable trend and has been accelerated by the pandemic, with employees potentially working anywhere. The result is that organisations have been looking carefully at how they solve the problem of allowing employees – wherever they are located physically – to access mission-critical applications securely. 

In the pre-Covid era, remote work was not uncommon, but now that working from home has become widespread, security technologies and processes based purely on established geographic location are becoming irrelevant.  Overnight in some countries, tens of thousands of workers have gone from the office to being at home where they are sharing broadband connections with family, friends, and gamers.  With a remote workforce, the use of potentially unsecured Wi-Fi networks and devices increases security risks exponentially. 

Not only are employees’ work from home setups and environments not as secure as the office, but the broadband connections are weaker too. This means their experience of trying to access office applications is suboptimal. Their Wi-Fi router may not have been configured for WPA-2; their IoT devices on the home network, like baby monitors or smart thermostats, are running a hodge-podge of security protocols, if any; and all this is being managed through a corporate VPN that is slowing traffic down even more. It’s not difficult for a threat actor to work out that an organisation is using a centralised firewall and then launch a DDoS attack that threatens to take down the business. 

Zero Trust verification 

In this environment more and more enterprises are now adopting a Zero Trust approach. Zero Trust is a security concept centred on the belief that organisations should not automatically trust anything inside or outside its perimeter and instead must verify anything and everything trying to connect to its systems before granting access. Without an overarching system like a Zero Trust framework, employees working in a secure environment can no longer be verified — or controlled. Zero Trust employs least-privilege and “always-verify” principles, offering complete visibility within the network, whether in data centres or the cloud. 

CIOs, CISOs and other corporate executives are increasingly implementing Zero Trust as the technologies that support it move into the mainstream; as the pressure to protect enterprise systems and data grows significantly; and as attacks become more sophisticated. By removing the centralised approach to policy enforcement and moving towards more of a distributed SaaS model where security is delivered via the cloud – coupled with encryption and SD-WAN technology – identifying the user and providing access to the applications they want becomes far more effective and cost-efficient compared to MPLS.  This approach enables distributed teams to collaborate and talk to each other without requiring centralised locations and security postures that mandate VPNs, with associated costs and poor performance issues. 

Challenge and benefits 

It is undoubtedly a challenge for most large enterprises with established IT teams that have worked on a ‘trust but verify’ basis using corporate firewalls and VPNs, to change direction and move towards a Zero Trust basis, but in our view adopting this approach does bring other benefits. In a Zero Trust environment, security controls are deployed with the assumption that the network is already compromised. No unauthorised processes or applications are allowed to execute, and authentication is required for access to data. 

With no network perimeter for the enterprise to manage, users can be anywhere and on any device. The devices that workers use are less likely to be ones assigned by the employer. Employer-owned laptops and phones are traditionally managed, patched, and kept up to date with security tools and policies. However, with everyone working remotely, employees may forget basic cyber hygiene skills and start to use their own devices to access work networks or apps. They could be using their work laptops to shop online between Zoom calls. Even if zero trust security can’t force employees working at home to use work devices only for work, it can control the potential for a security breach because of the fundamental “trust nobody; verify everything” rule that enforces access controls at every point within the network. 

If the enterprise moves to a managed cloud or even hybrid cloud platform and all policy is managed from a single point across the whole organisation, CISOs can customise and improve the user experience by only giving employees access to the applications they need to work with, thus reducing latency on remote connections.  From a user perspective they get the quickest access to the apps they need the most. 

More cost effective than MPLS 

Another benefit for CISOs is a reduction in Capex when compared to MPLS networking. Historically, businesses have made huge investments in centralising firewalls and maintaining all the software and hardware required to support their security policies. This expense all moves away as cloud security becomes driven through the SaaS platform and on-demand pricing. 

SD-WAN is a core component of Zero Trust and also makes management of it easy, allowing IT to avoid complex network-security architectures, and removing the convoluted connections between appliances and users, while providing the highest security through a cloud-delivered model. Instead of appliances, all traffic is securely connected through a cloud-delivered service, whatever the connection type – mobile, satellite or home broadband. And because the intelligence of the network is software-driven and orchestrated centrally, it can manage the user’s journey through an insecure internet to the location of the application and compresses other applications to make it a vastly more efficient and less costly experience. Moreover, crucially for the enterprise, not only is this all done in a secure way using encryption which enables integrity between the user and the application, but SD-WAN delivers more agility and choice than legacy MPLS. 

Without a doubt in 2022 security will be high on the C-Suite agenda.  With intensifying trade disputes, an escalating threat landscape, a highly distributed workforce, supply chains stretched to breaking point by the pandemic, and extra pressure exerted by the ongoing effects of Brexit and other escalating geo-political issues, having a secure, productive, agile and cost -effective security framework in place will be paramount. 

 

You did it. You bought Zscaler and now the cloud transformation journey is before you. Now what?  More specifically, when you look back a year from now, how successful will you measure the progress and, more importantly, how well positioned are you for the years to come? Kevin Peterson, Xalient’s Senior Cyber Security Strategist and former Director of Security & Network Transformation at Zscaler guides you through Xalient’s Best Practice Guide to your successful Zscaler deployment… 

If you have a rather large deployment, then chances are you also paid up for Zscaler’s Deployment Advisory Services (DAS). While that’s the obvious next step, it’s really only the very beginning. Where you go beyond the DAS threshold will define just how great your success story will be. To help shed some light on what that can look like and how you might be one of the showcase installations, here’s how Xalient, a top Zscaler partner, covers the entire Zscaler deployment journey.  

Top Tip: Even if you don’t use Xalient for your implementation, there’s no harm in mapping this as best you can to your own capabilities.

The 3 Phases

Phase 1: Zscaler’s Deployment Advisory 

Whether you call it baselining, onboarding, or orientation (all are fitting), this first phase is all about helping you reach, at the very least, the Minimally Viable Product (MVP) in the shortest time possible. Most will estimate this to be about 25% of their core needs, which is actually a good estimate. The goal is to get you comfortably nudged into that sweet MVP spot of where you want to be in the early stages of your deployment, as dictated by which level of DAS you purchased. It’s as simple as that.  

“To DAS or not to DAS?” is not even a question here. If Zscaler and/or one of their elite deployment partners recommends that you add this to your installation, find the budget for it and do it. You won’t regret it. I personally haven’t seen a project fail when DAS has been at the forefront, in fact, the best major implementations I can recall, have been in tight partnership and alignment with the relevant playbooks.  

To be extra clear, it’s safe to say you will NEVER hear anyone at Xalient say you should forego a well-positioned DAS recommendation and replace it with a similar advisory service. But what you will hear and see from our leadership position is that having an overlay professional services consultant (aka Zscaler coach – managed by Xalient) can provide exponential value in the form of much faster, and thorough implementations.

 

“‘Advisors’ sit in the stands and actively push down advice/recommendations onto the field of play. Good advice, no doubt. But is that the same as being the accountable coach that must be there until the game is won?”

 

Xalient Best Practice: Ask your Zscaler sales rep and the deployment partner to agree that DAS is a fit for this new installation (or major upgrade) and then supplement it with a more comprehensive professional services coaching engagement. The next phase will show why it matters.

 

Phase 2: Growth 25%-75% 

As the baseline orientation and onboarding comes to an end, the big rollout is upon us. It’s time to ramp up to 75% of the deployment in partnership with your Xalient Professional Services Coach. Right now, you probably have 2 questions on your mind: 

1) How is 75% calculated and measured?  

Honestly, even for the best of us it’s somewhat arbitrary. It could be based solely on the percentage of licenses or blended with a checklist of features to be implemented. But before things even start, everyone knows what the target looks like. The next question explains why it doesn’t really matter that much.   

2) Why just 75%?  

Our goal is to get your organization rolled out as fast as possible so that we can move on to the next great customer. As projects near the end of completion, things tend to slow down as people start to get reassigned to other projects. This ends up hurting for a number of reasons, such as not taking full advantage of the knowledgeable resources in the first 3/4 of the deployment. By forcing our core involvement into the first 3/4, we are pushing you to be ready earlier. That’s what the business wants. 

Xalient Best Practice: Avoid ‘staff augmentation’ approaches. You can go and ask an army of recruiters to help you find a Zscaler engineer to join your team and it likely won’t deliver the results you are after. Many organizations think they want the default “contractor”, when what they really need is a program built for speed, depth-of-knowledge, and accuracy. When done right, everyone succeeds faster. And the scalability and resilience offered by a service offering is exponentially more capable than any single person.

 

Phase 3: 75% – Infinity 

This is where it really gets fun! You have been highly successful up to this point and Xalient has you ready to take it across the goal line…yourself. And you absolutely should want that personal and professional satisfaction.  

But you are also, quite understandably, nervous at the prospect of losing your daily coaching. Have no fear, there are 3 key choices you can make at this point to assure your future success.  

Decision Time 

  1. Take over and Xalient exits (we are totally fine with this, of course)
  2. Execute a more detailed SOW for the 75-100% completion window (special use cases – you/we will know it when we see it — like deciding that you really do want to go with Tunnel 2.0 after all, or need some additional help with just reaching SSL inspection goals)
  3. Migrate to Managed Services

Xalient Best Practice: All customers are destined for a managed service. It could be your own in-house model, outsourced, or a combination of the two. Just don’t think you have to take it all on yourself, as there’s a lot of value in having SLA-driven and backed services to keep things on track. Just find and adopt your best managed services model as soon as possible.  

 

Takeaways 

DON’T look to for “staff augmentation”, but rather a team of solution experts that can be both hands-on and outstanding coaches.  

DON’T “lose the plot” to your transformation success story (you worked too hard to throw it away a year or two down the road — for any reason) 

DO look to managed services for peak over-the-horizon success, continuity, and growth. 

 

 

About the Author:

Kevin Peterson is Xalient’s Senior Cyber Security Strategist. With over three decades of global information security and analyst experience, ranging from leading roles in the Fortune 10 (McKesson) to some of the most game-changing tech companies (Microsoft, Juniper Networks, Zscaler). At Zscaler he served as their Director of Security & Network Transformation, where he was also a founding member of their top global Solution Architects team. Since 2013, his focus has been 100% targeted at coaching the largest and most transformational global cloud security programs in order to deliver the success stories for others to follow, thereby shaping the exponentially more capable next generation. 

By Kevin Peterson, Senior Cybersecurity Strategist, Xalient

Remote and hybrid working patterns have extended the corporate world into every home and user device, and as the global pandemic recedes, this is a trend that is here for the long term. In fact, it is hard to overstate the pace and extent of digital transformation undergone by the enterprise environment in the past two years. As 2022 unfolds, the daily working experience for employees looks very different to the way it looked before the pandemic.

Why “the network” has become irrelevant

Now that the hybrid environment has evolved employees can be anywhere; in the office, at home, on a train or in a coffee shop. From a security point of view, locking down the enterprise perimeter and securing network access is no longer what matters; to some extent the network has become almost irrelevant, instead the focus is now around securing applications.  At the same time, organisations need to harness the power of applications, they need to be highly productive with fast and easy access to the applications they need to do their job. This is not only essential, it is foundational to becoming a modern digitised business.  To enable this environment, businesses need reliable network access from the edge to the core and security based on a Zero Trust model to ensure robust, efficient and secure access to essential business applications from wherever employees are located.

As enterprises have accelerated their digital transformation initiatives the number of possible attack vectors has grown, as digital systems need to have multiple access points for customers, partners, and employees, and this has created a vastly expanded attack surface.  As a result, cybercrime has escalated, and a record-breaking number of data breaches of increasing sophistication and severity are taking place year-on-year.

Operating on a Zero Trust basis

The stark reality is that this new hybrid workforce brings an increasing level of risk.  With work happening at home, the office, and almost anywhere, and cyberattacks surging, security must be the same no matter who, what, when, where and how business applications are being accessed. Now that the security control organisations once had has quite literally left the building, this makes it critical that each and every connection operates on a Zero Trust basis.  Cybersecurity leaders have historically called this “default deny”, which it still is. Only now, thanks to cloud platforms that tie user and device identity into the equation, the controls to make it a reality are both scalable and elegant.

What we mean by Zero Trust is that organisations effectively eliminate implicit trust from their IT systems, and this is replaced or embodied by the maxim ‘never trust, always verify’. In practice this means only trust those who have appropriate authority to access.  Zero Trust recognises that internal and external threats are pervasive, and the de facto elimination of the traditional network perimeter requires a different security approach. Every device, user, network, and application flow should be checked to remove excessive access privileges and any other potential threat vectors.

Nevertheless, working with a remote workforce isn’t a new concept.  There are plenty of visionary enterprise organisations that have been thinking about this issue for a long time, but sophisticated solutions haven’t always been available. In the past, enterprises relied on Virtual Private Networks (VPNs) to help, albeit minimally, solve user trust issues, but now the time is right to re-think enterprise security models in light of the modern security solutions that are available which can be implemented easily and cost-effectively.

Rewind to the security backstory

Ultimately, any high-level security model really breaks down into a trust issue: Who and what can I trust? – the employee, the devices, and the applications the employee is trying to connect to. In the middle is the network but today, more often than not, the network is the internet.  Think about it.  Employees sit in coffee shops and log onto public browsers to access their email.

So now what organisations are looking for is a secure solution for their applications, devices, and users.

Every trusted or ‘would-be trusted’ end-user computing device has security software installed on it by the enterprise IT department. That software makes sure the device and the user who is on the device is validated, so the device becomes the proxy to talk to the applications on the corporate network. So now the challenge lies in securing the application itself.

Today’s cloud infrastructure connects the user directly to the application, so there is no need to have the user connect via an enterprise server or network. The client is always treated as an outsider, even while sitting in a corporate office. The servers never even see the client’s real IP address (because they don’t need to) and even data centre firewalls are of far less value as the Zero Trust model, and expertly applied policies and controls, are now exponentially better.

Death to the VPN!

In this new construct the VPN dies, thanks to Zero Trust Network Access (ZTNA), and networks become simplified with lower operational running costs, thanks to SD-WAN.

So, does the old client VPN truly die? Yes, it does! The reason is that we are now only concerned with what we trust: the user, their device, and the destination. Notice that “the network” isn’t part of that. Why? Because we don’t trust users or their devices any more on the corporate network than we do on public networks. So even when connected to a LAN port on the desk, they have the same seamless security posture and always-on application (not network, but application) access that they would if there were on public WiFi.

Just as film is no longer used for taking pictures, VPNs are no longer the future for application access. Everyone now sees that the real need is not for users to access networks, but rather just to access the applications as though they are all cloud accessible. That’s the Zero Trust-based future for us all.

New thinking

Most enterprises realise that it is time to enhance remote access strategies and eliminate sole reliance on perimeter-based protection, with employees instead connecting from a Zero Trust standpoint. However, most organisations will find that their Zero Trust journey is not an overnight accomplishment – particularly if they have legacy systems or mindsets that don’t transition well to this model.  That said, many companies are moving all or part of their workloads to cloud and, thus, greenfield environments. Those are the perfect places to start that journey and larger organisations, with complex IT environments and legacy systems, might see the road to Zero Trust as a multiphase, multiyear initiative.

This is where organisations can work with partners, like Xalient, to assist with implementing security controls and Zero Trust models in the cloud utilising our Xalient Zero Trust Framework. This framework provides a firm security foundation to underpin digital transformation initiatives, helping organisations take their first steps towards becoming a Zero Trust connected enterprise. It does this by addressing common areas of compromise between a user or device and the application or data source being accessed or consumed. And it does it wherever the users, devices, data and applications are located.

In today’s hybrid environment, implementing a Zero Trust approach enables organisations to start to really drive down the risk factors while ensuring the enterprise is future-proofed for 21st century business. With cyber threats only set to escalate, this peace of mind is essential.

 

We’re probably all a bit tired of hearing these two words together, and yet Digital Transformation is still a hot topic. Most successful organisations have spent the past 10 years finding ways to reimagine their traditional ways of working, strategically digitizing processes, products and people to provide efficiencies in response to what has been continuous, and rapid, change. But there is one thing about change we can rely on – its constant. Organisations are always needing to transform, so what happens when transforming is no longer transformational? When transformation is business as usual. A new normal. An expectation.

After surveying over 2000 CIO’s,  a recent report from Gartner suggested that if enterprises wanted to thrive amid constant disruption, they would need to embrace composability.

 

The main objective of composability is to make the user experience seamless by having workflows jump between applications without requiring the user to manually travel between apps—taking an entire tech stack and making it a singular, fluid work environment.

Composability removes the need to deploy and oversee separate workload-specific environments. The very nature of this software methodology allows companies to create and reconfigure systems without having to move physical assets. Based on the various workload needs of an application, companies can set up computing, storage, and networking resources on-demand.’

Walkme

 

You may see it as another industry buzzword, and maybe it is, but a composable business strategy can deliver organisations an agile model, across processes, technology and people. It allows organisations to adapt and ultimately accelerate what’s working – and stopping what isn’t.

Consider all the journeys across an organisation from user to application, consumer to purchase, machine to data. Many are made up of autonomous steps, tech stacks and people all weaved and orchestrated to deliver an end result. There are hundreds of these journeys, all underpinned by the orgnanisations technology, processes and people. If something in the chain isn’t working (think of the popular game show The Weakest Link), it’s critical the organization can adapt and change quickly, addressing only the weakest link, ensuring the whole journey is as efficient as possible. This orchestrated modularity allows us to recognise the sum of the parts whilst considering the role each component plays. This is exactly why Xalient has developed a modular based, Zero Trust framework.

Xalient’s Zero Trust Framework is built on the premise that the journey from user to application is underpinned by a number of autonomous technology components including:

  • Identity and Access – recognising and authenticating user and device identities.
  • Secure Transport – connecting users and devices to apps and data over a flexible, affordable, high-performance, encrypted network, via constantly optimised traffic pathways.
  • Secure Service Edge – deploying a secure web gateway to the cloud, bringing users and devices closer to applications, whilst maintaining the user and device security posture and app experience, regardless of location.
  • Applications and Data – segmenting apps and workloads to protect against cross-infection, in the event of viruses, and ensures users only have access to the apps and data they need.

However in the user to application Zero Trust journey these modular assets are orchestrated to deliver a seamless experience, and is an example of a composable end-to-end journey. It enables the right tech stack to be engaged to solve specific challenges, however the end-to-end integration of each module delivers the end-to-end seamless experience within an overall Zero Trust strategy.

In our next blogs we’ll take a deeper dive into each of these autonomous components and the part they play in that Zero Trust Journey. In the mean-time why not find out about our June Summit where you can learn from some of the World’s leading brands including Kelloggs, WSP and Sunbelt, and their Digital Transformation journeys – find out more here.

Written by Jeff Gray, Vice-President, Americas, Xalient

If businesses want to win in the 21st century, then harnessing the power of the network across the entire organisation is essential because digital is the new front door for every enterprise. Customer and workforce demands on the network are evolving faster than the pace of traditional businesses and the Covid-19 pandemic has only accelerated this change. The digital winners of tomorrow don’t think in terms of building solutions that merely solve today’s challenges. Their eyes are set on being ready for challenges that are yet to materialise. They build for change.

To thrive, companies need a different level of adaptability and creativity to handle competition, manage new threats and embrace new technologies. Yet the network is often overlooked. Like the forgotten but essential plumbing in a vast mansion which is being renovated for the future, the renovation will include modern new features and facilities to enhance the experience of living there for years to come. However, unless the owners also upgrade the plumbing to create more capacity and resilience, most of these new features won’t function effectively.

Digital innovation drives business growth

Today’s successful businesses need to have a strong innovation culture running through the organisation. The phrase ‘digital transformation’ is not just an aspirational goal, it is critical to business success. That’s because essential business processes and interactions with customers, partners, and employees, increasingly depend on tailored innovative digital solutions.

The path to achieving digitisation and business growth begins with the cloud, helping organisations connect teams, people, data, and processes, in new ways to embrace the possibilities enabled by modern technologies. The cloud has changed more than the way IT is implemented and managed; it is changing the very fabric of business.

To enable this, businesses need robust network access from the edge to the core, using software-defined networking, security, and communications technologies to ensure reliable and secure access to core business applications from wherever employees or customers are located.

2020/2021 were turbulent years, resulting in a shift to remote and flexible working to accommodate challenges posed by the pandemic. Changing working environments shone a spotlight on enterprise-grade networks, and the importance of embedding intuitive, AI-driven network infrastructure into their operations.

Connecting the secure, cloud-orientated enterprise

The impact of COVID-19, along with a change in thinking over the last few years about how the internet can perform as the new corporate backbone, is influencing how businesses deploy and manage their enterprise-grade networks, as well as the tools required to do so.

In the past, traditional Multi-Protocol Label Switching (MPLS) networks were a popular way to ensure reliable connections for real-time applications. MPLS was designed for organisations that had multiple remote branch offices, geographically dispersed across the country or across the world, where most of the traffic was on-network to enterprise data centres. Security was managed from a traditional “castle and moat” perspective, where assets were all protected inside the enterprise perimeter, but the way enterprise applications and ecosystems are being built now is making this approach increasingly obsolete. Today’s businesses have shifted much of their traffic to and from cloud providers instead, rendering MPLS suboptimal.

It is more efficient to send traffic directly to the cloud. Also, the use of cloud services, video and mobile apps has driven up bandwidth requirements, and MPLS services can be difficult to scale on demand. They are also expensive, so enterprises are now looking at Software Defined-Wide Area Networking (SD-WAN) as a way to accommodate 21st century demand for network performance and cost-efficiency.

Building the network of the future

Enabling high performance, secure network access from anywhere really requires thinking about SD-WAN in more detail. While this technology has been around for about a decade now, there are still a lot of enterprises that have yet to adopt it. However, as companies increasingly connect to private or public cloud infrastructure and harness SaaS applications like Microsoft 365 and Salesforce, they need to be thinking about how they adopt SD-WAN into the network. Having a network which is capable of learning and adapting to the type of application traffic that is flowing across the enterprise helps to avoid problems such as bottlenecks and latency and single points of failure.

There are other benefits with SD-WAN, in terms of decreasing costs and being able to access applications which can perform much better than they were previously able to when using the internet as a corporate backbone. Everything is managed through the cloud using innovative, self-learning AI tools which are able to adapt to degraded performance issues and can move traffic around the issue without intervention. Additional internal IT gains include added visibility and insights into their network that was unattainable before through self-service portals.

That said SD-WAN and MPLS are not mutually exclusive and here at Xalient we understand that some customers are not ready to commit to an Internet only traffic medium and we can work with them to develop a hybrid solution.  This is about really understanding what an organisation needs from their network and helping them to build for their current and future needs.

Harnessing agility and innovation

When the computer age took hold in companies some 20-25 years ago, it was obvious that a lot of tasks could be done in a much smarter way with the tools of this new universe. Fax moved to email; documents could be saved, and shared, in digital files rather than steel cabinets; and, eventually, clunky hardware servers could be replaced by the cloud. Some big-name System Integration companies were born in this digitisation — delivering new, useful, one-size-fits-all solutions to the B2B market. And some of these vendors grew enormously during this outsourcing era, but over time, particularly with the advent of cloud technology, this model has started to wane as customers look for more agile partners who can help them truly innovate.

Now CIOs and CTOs are starting to question the role and validity of the traditional systems integrators who are often tied to a particular vendor. Likewise, as these Tier 1 SIs have mushroomed, so they are now burdened by legacy, age, and customs.  Here at Xalient we work with customers to really understand their business drivers and their technology roadmaps so we can put together a tailored solution to future-proof their networks. Customers whom we have done this for include Kellogg’s, Hamley’s, WPP and Keurig Dr Pepper to name but a few.

The world is changing before our eyes and while digital transformation plans continue to accelerate it is hard for senior IT leaders to keep pace with the shift to cloud. This has created high demand for flexible, cost-effective global connectivity and protection against increasingly complex cyber threats. IT leaders are challenged with looking at how they achieve scale, security, access, and performance all whilst trying to protect the business against the ever-increasing threat of cybercrime,  so that they can build the network of the future.  But build it they must in this highly competitive landscape, otherwise they may find that their business starts to become irrelevant.

Xalient is one of six companies selected to feature in CRN’s Rising Stars 2022 Report, an annual report highlighting six of the UK channel’s fastest-growing, most profitable and most ambitious companies.

 

This year’s Rising Stars were handpicked from the recently published CRN VAR 500, which profiles the 500 largest UK channel partners on their radar by revenue and headcount, and who grew by an average 49 per cent in their latest years on record, adding more than £45m to their collective top line.

The report this year digs into each of the six companies’ business models and examines what they’ve done differently during the pandemic. It also highlights how they’re reinventing themselves for a new era of hybrid working, while also exploring how leading channel firms should be approaching the WFH vs office debate, the rise of new consumption models and the influx of private equity into the sector.

Read our founder, owner and CEO Sherry Vaswani’s interview  on how the business has changed and grown since Xalient was born in 2015 below.

 

Xalient was only founded in 2015. What was the genesis of the company?

My previous business, Worldstone, was acquired in 2012 and I had a three-year non-compete. Three years and one day later, Xalient was born. I had the opportunity to be ahead of one of the biggest mega trends I’ll probably see in my lifetime – the whole transformation around networking, security and SASE. I’d worked for a year in the US in 2014, and spotted a trend of companies moving their applications to the cloud, and of people working more remotely. I felt that the old world of networks and security was out of date. New technology like SD-WAN was emerging at the time. A basic managed network can be easy to provide – you check if circuits are up or down, and whether jitter, packet loss or latency thresholds are being breached. But in the world of SASE technologies, there’s a lot of intelligence in the tools that allows you to be much more proactive about monitoring and managing those environments. I saw an opportunity to differentiate by building a business that’s able to get the best of these technologies and that invents its own tools that make the most of those technologies – and is therefore able to offer a much more intelligent service to customers.

Seven years on, we’ve got huge customers like Kellogg’s, WPP, Keurig Dr Pepper and Avis. I hope they would say the same thing about Xalient, and that these are the reasons they pick us.

What size are you now?

Roughly 150 people, but growing every week, and about 50 customers. Just over half of our revenues are US based, which I think is interesting given that we’re a British-born business. We’ve got operational centres in Leeds, London, USA, Romania and India. The SD-WAN market has commoditised.

How have you adapted?

When we started, people didn’t know what SDWAN meant. Now a lot of companies have decided to specialise in it. We have the advantage of seven years of experience. We’ve expanded hugely on our cyber practice in the last couple of years. Now our market message is that we’re very much that leading authority on zero trust networking, not just SD-WAN. Also, whilst we’ve invested in innovation from the beginning, we’ve doubled down on our investment in MARTINA [Monitoring through Artificial Intelligence and Analytics], which is our AI-based monitoring tool. It’s now across the whole zero-trust piece, so it’s not just network fault monitoring and prediction of network faults.

You more than doubled revenues in 2020. Where’s the growth coming from?

What customers are now seeing of course, is that getting these foundations right, is so critical to digital transformation. Our business model is very much targeted at large companies and multinationals. But we’ll start with a consulting engagement and prove our worth. Then we go into solution design and deploy, and then into managed services. The business model lends itself to fast growth, providing you can retain the customers and deliver good customer satisfaction. We’ve had 95 per cent customer retention since day one, six years ago, and a net promoter score of at least 80 in the last year across all our services.

How have you funded the business?

I funded the business myself. We’ve also had the advantage of government funding and grants. Investing in Leeds was a factor, rightly I think, because we have created a lot of jobs there, including during the pandemic, with 30 or 40 new hires in and around Leeds. Going forward, we can grow and get to our ambitions organically, but we may want to accelerate that with acquisitions. And to do that we might need to get some funding in.

How are you handling the skill shortage?

Our HR team is a team of five. We have a talent and development manager who’s just joined us. But there’s no doubt about it – we are having to spend double the amount of time recruiting for roles. One of our core values is challenging conventional thinking. We look for people who can do that, who have an interest in newer technologies and for the right individuals, Xalient has an attractive offering, which is a differentiator when looking for great talent. To me that will always be the headline about what Xalient does differently.

Has the chip shortage prompted you to modify your focus?

We focus on software defined technology by nature, so it hasn’t really impacted us. There’s not a lot of hardware in our world. But wherever there is, we just manage it. It’s not on our risk register, because it’s quite insignificant.