The Appliance StraightjacketJune 18, 2015
Let’s admit it: we want to love our appliances. Not the washing machines and the dryers, but the technology workhorses that dominate the IT landscape. They are cool to look at with their modern industrial designs, bright colors, and cool branding. They are even more attractive inside a rack stacked up with their brethren: lights blinking, fans humming, busy going through billions of bits looking for the sharp needle in the haystack.
Sometimes, though, the music ends. A power supply fails and you have to go deal with a replacement. Software update crashes the internal operating system. As years go by, even these loyal workhorses need to be laid to pasture and a we accept a bright colored replacement bundled with an EOL (that’s End of Life) notice.
Even when things are looking good, our appliances may not be able to handle what we need. A DDoS attack chokes them down. New business drives growth and capacity becomes constrained (inconveniently outside the budget cycle). New cool features overload them when activated in conjunction with old cool features we take for granted. So, we go on a spending spree like drunken sailors because “you only live once” and “today’s budget is tomorrow’s cut”. And, as the hangover sets in, all this spare capacity just sits there, idle within our networks.
We love variety. So we have many appliances. Many kinds. Each with its own policy that needs to be managed and kept consistent. We keep on staff just the right number of experts for the proper number of appliances and rely on them to watch over them like day-old babies. Than you have turnover and a new geological layer of rules, settings and scripts is born. Not before long, no one knows what these rules mean or what it would mean to change them. But, no worry, we have vendors for that too.
We are so concerned with stability, that we require human intervention before every update. This means we waste precious time before our appliances adapt to current threats. As we diligently lock them in data centers and away from the vendors, we are assured they will be slow to figure out what is going wrong before they ever hope to fix it.
But, ultimately the biggest challenge is positioning. Not the vendors’ clever marketing messages but their precious appliances in our networks. You see, they are supposed to be “in front of”, “at the perimeter of” or “the edge of” the network. But we have mobile workforce, Bring-Your-Own-Device programs (BYOD), Cloud Apps, small branch offices we can’t afford to protect and 3rd parties like partners, contractors and agents. You can’t just get “in front” of all of that.
And if you think virtual appliances will save you – think again. The severe challenges of capacity, manageability, adaptability and positioning equally apply to them too.
The appliance model is broken and Cato Networks is working hard to help businesses break out of the appliance straightjacket. If you want to help network security break free of old paradigms and launch into a new era, join our team. Or, if you have suffered enough running networks choke-full of appliances – join our Beta.