Welcome to 2022, a year which promises to be full of turbulence with the pandemic still ongoing and organizations forced to adopt hybrid working models. Network security and privacy will no doubt be top of mind across all verticals, especially with users needing to access critical apps, services and data when working either on-premise or remotely.
Risk limitation of IoT will also be essential as the number of devices grows exponentially driven by 5G, and smart cost-effective solutions for managing access to content will become imperative as governments strengthen enforcement of regulatory filtering, including parental control.
Visibility and control over networks are fundamental for efficient IT management, automation and security, which explains why DDI (DNS-DHCP-IPAM) has a key role to play in all these areas, based on it’s unique capability to offer network source of truth IP data and early traffic visibility.
Here are our top 5 predictions for this year in the areas of network security and management:
1. For their Zero Trust strategies, organizations will strengthen application access control using allow lists
Effective zero trust requires control of which devices can access which apps, domains and services. To do that, authentication is often used – this checks the login & password, but arrives late in the flow as the user is already on the portal, and also leaves the door open for malware. Denylisting applied by firewalls is normally “blanket-based“ – it allows you to create just ONE group containing ALL clients.
In 2022, app access control will be significantly enhanced by limiting the access for specific devices only, while allowing other devices to pass the control. To add the granularity required for doing that, microsegmentation is necessary, meaning organizations will go down to client level for applying filtering. However, doing that using firewalls is extremely complex to set up and maintain, and can also be very costly, so smarter solutions will become adopted.
How Smart DDI will help: DNS based filtering enables control of which group of users are allowed to access which specific apps and services. By defining policies based on allow and deny lists, DNS is able to offer an early security barrier to prevent lateral spread of malware.
2. IT Governance will be helped by hyperautomation and IP source of truth data
IT governance frameworks enable organizations to manage IT risks effectively and ensure activities associated with information and technology are aligned with their overall business objectives. Unfortunately this is being hindered by poor cross-department teamworking caused by silos of data and by a lack of consistency regarding company policies.
In 2022, governance will benefit from increased adoption of data-driven automation relying on data quality and automated management, bringing security control and resource optimization.
How Smart DDI will help: The “Source of Truth” data provided by an IPAM, together with its associated metadata, is fundamental for automation of workflows and processes between teams (NetOps, SecOps, DevOps). IPAM manages and optimizes dispersed resources and data, helping enforce company policies and enabling zero touch operations for improving overall IT management, which is a key requirement for IT governance.
3. Security and privacy for Work-from-Anywhere models will be improved by Private Enterprise DNS
With remote working becoming the norm, employees now need to access company apps and services from anywhere. As well as bringing obvious security and privacy challenges, this hybrid working environment adds a tremendous amount of complexity for network administration.
In 2022, uptake of “Private DNS” and DoH will increase to help enhance security and privacy, ensuring that policies are implemented consistently across on-premise and remote environments.
How Smart DDI will help: Combining IPAM’s consolidated accurate data (and metadata) with Microsoft AD integration simplifies admin tasks by bringing unified visibility to simplify troubleshooting, forensics, and corporate policy enforcement across a hybrid workforce. Creation of Private DNS helps organizations overcome SaaS models while staying agentless, thus letting them keep control of their infrastructure. It solves the privacy issues associated with standard DoH, and helps restrict security breaches such as data exfiltration.
4. Applying regulatory filtering and parental control will be made far simpler
In order to better protect the young population against inappropriate material, governments worldwide are enforcing access control to content. But due to the dynamic nature of today’s content, managing this acces usually becomes a complex and extremely costly task, often requiring implementation of a highly technical solution and impacting network performance.
In 2022, service providers will move beyond firewalls and proxies to benefit from solutions which simplify control enforcement, in particular by making use of their existing DNS for filtering. As it sees almost all traffic intent, DNS is ideally placed to provide this control, and offers a cost-effective alternative as every telco already has a DNS.
How Smart DDI will help: A high performance DNS together with intelligent DNS filtering offers a scalable solution, leveraging existing DNS components of an ISP or Telco. It enables subscribers to manage Internet access and content for their devices, based on the content categories and domains. The simple-to-deploy functionality permits content filtering based on multiple different feeds, thus helping meet compliance as well as opening up new revenue streams to service providers.
5. IoT device management and security risk control will be enhanced by smarter access tracking
According to the IoT Use Case Adoption report 2021, 79% of organizations are planning to invest significant amounts of money into at least one IoT project in the coming two years. However, these usages, driven in part by 5G, bring important management challenges with respect to knowing what is connected to your network. Security risk is consequently multiplied.
In 2022, for improving access control to infrastructure, organizations will invest in enhancing tracking of IoT network access. This will involve two aspects: 1) Checking what is connecting 2) Controlling what is allowed to be accessed.
How Smart DDI will help: The DHCP component of DDI detects IoT devices connecting to the network, and enables the central IPAM repository to be updated automatically, keeping it always up-to-date with zero touch provisioning. DNS helps compensate for weak IoT security by controlling which apps or infrastructure components each IoT device is allowed to access, by making use of allow lists and filtering. Threats such as large traffic botnets can therefore be mitigated.
Ready to learn more?
Talk to an EfficientIP network and security expert and see what our DDI, DNS security or network automation solutions can do for you.Get Started