The Fast Mode spoke to Daniel Tan, Head of Solution Engineering at Commvault on the impact of traffic visibility on ZTNA networks. Daniel joins us in a series of discussions with leading cybersecurity and networking vendors, assessing the evolution of ZTNA technologies, the roadmap for ZTNA deployments, the benefits of ZTNA for enterprise and telco networks, and the need for real-time traffic visibility technologies such as DPI for ZTNA.
Ariana: How has ZTNA evolved over the years?
Daniel: Zero trust network architecture (ZTNA) is central to an organisation’s security posture to mitigate cyberattacks. The underlying philosophy for zero trust is never assume trust but continuously validate trust, so bad actors don’t get in. Over the years, ZTNA has evolved in response to the cybersecurity landscape and the need for more robust and adaptive security measures.
Traditionally, ZTNA was heavily dominated by the network or security components. It is a common misconception and a dangerous one because the bad actors would like organisations to think that way. However, today, ZTNA covers the full nine yards of infrastructure, all the way from network to firewall, IPS/IDS, compute, storage and last but most importantly, the backup infrastructure which often gets neglected.
As the acceleration towards cloud increases, more and more organisations are leaning towards ZTNA, in order to provide much more secure and flexible network access to their hybrid workforces.
With more than 60% APAC organisations suffering a breach in 2022 alone, as per IDC, there is an acute need to move beyond just implementing ZTNA principals and build a Zero Loss strategy. A strategy that is built on Zero Trust Principles and implemented through a multi-layered security framework for consistent and automated data protection and recovery. While there are very few organisations adopting this approach, we’re seeing an increased awareness for sure.
Ariana: What challenges do you see across ZTNA deployments?
Daniel: Different components of the infrastructure would have different methods and ways of embracing ZTNA. Hence, it makes the job of security practitioners difficult to ensure every part of the network and infrastructure are sufficiently protected. Thus, choosing a good solution with ZTNA built-in, making ZTNA easy to consume is important.
Many firms continue to experience resistance from the need to avoid disruption to end users. For example, asking employees to change what they do or how they do it while providing the same service, such as remote access, doesn’t float very well across the board. This not only leads to unfinished deployment projects but also has a long-tail effect on IT department’s confidence in future deployment projects.
Less involvement from C-Suite leaders towards cyber resilience strategy also often creates hurdles in implementing new ZTNA strategies successfully. In fact, a recent report by IDC-Commvault revealed that only one-third (33%) of CEOs are heavily involved in their company’s cyber preparedness initiatives.
Today, data security demands zero-trust approaches to not only mitigate the data risks of breach and compromise, but also to ensure faster recovery. As such, business leaders need to play a key role in ensuring their firm is prioritizing cyber preparedness.
Backup is essentially the last line of defence, and also the lifesaving component when disaster strikes. However, often times we observe that enterprises do not place strong emphasis on their cyber resilience strategy. A backup should never be seen as merely part of a checklist. Data is the crown jewel of any business and the ability to recover them in the event of attacks is the MOST important piece of infrastructure to ensure Zero Trust on.
Commvault is one of the leading data protection vendors which place very high emphasis on ZTNA into all components of its solution, ensuring that only the right person, with the right level of access, could access the right place and right data.
Daniel Tan (“DT”) is currently holding the position of Head of Solution Engineering at Commvault. He leads a team of talented sales engineers across the region of Greater China, Japan, Korea, and Southeast Asia, responsible for the enablement and delivery of Commvault’s industry-leading Intelligent Data Management services to customers and partners.
DT brings 15 years of experience spanning diversified domains such as networking, data centre, virtualization, and application modernization. Prior to Commvault, DT spent four years with VMware and 11 years with Cisco respectively, in various engineering & leadership positions.
With an avid interest in cybersecurity, he was actively involved in the ethical hacking community and a non-profit cybersecurity conference known as “Hack in The Box”.
DT graduated with a Bachelor of Science in Information Systems Engineering and a Master of Business Administration (MBA) degree from Imperial College London.
This interview is a part of The Fast Mode's Next-Gen DPI Traffic Visibility for ZTNA segment, featuring over 40 leading cybersecurity and networking solution providers and their views on the importance of traffic visibility for ZTNA. A research report on this topic will be published in January 2024 - for more information, visit here.
