Modern data centers are pushing the limits of network performance to keep up with growing demand; their security solutions can’t be bottlenecks.
It was only a few short years ago that Gigabit LAN and WAN connections were the standard for speed and performance. In 2013, however, as the SaaS, IaaS, and PaaS markets began to explode, shipments of 100G equipment quadrupled. 1G and 10G still dominated the market then, but we began to see a substantial shift towards much faster core network speeds. As the chart below from Crehan Research shows, this year marks the real inflection point at which 40/100G networks take off.
There are several factors driving this 10X jump in performance requirements. Everything from the Internet of Things to our growing dependence on *aaS and hybrid cloud environments means that customers and service providers alike can’t keep up with traffic and application delivery demands at 10G speeds. Too often, though, organizations undertake major infrastructure and bandwidth upgrades only to find that their security solutions are a new bottleneck.
This is hardly the time, though, to cut corners on security systems, favoring throughput over threat detection. We’re regularly seeing massive breaches making headlines with millions of records being compromised and hard costs associated with these breaches hitting 7 or 8 figures. A closer look at some key verticals drives this point home: it’s critical that we balance rock-solid security with new levels of performance and smarter architectures.
Let’s start with research and education. Universities have made substantial investments to leverage the so-called “Internet 2” 100Gbps WAN. They are moving massive volumes of sensitive research data while also serving the diverse needs of students and support staff. Most firewalls are not designed to process the exceptionally large datasets that researchers are moving while both students and malicious hackers introduce a host of security risks that must be managed and mitigated at wire speeds.
Financial services, on the other hand, demands not only speed and throughput but very low latency, even as financial transactions take place around the globe. Mergers and consolidations are driving even more traffic into a smaller number of data centers while security isn’t just a matter of best practice but of regulatory compliance and laws backed by steep fines and penalties.
Communication service providers give a third example of the need for exceptional data center performance. The *aaS providers that are experiencing such rapid growth in turn require highly scalable, secure service from communications companies. Mobile devices and the rich media and applications we consume on them are pushing carriers to reduce latency and increase efficiency, all while ensuring the security of traffic on their networks.
Even aside from these particular markets, data center operators are moving security functions deeper into the core of the network. Because an increasing number of threats now come from within the network, internal network firewalls and top of rack firewall applications can mitigate threats from hackers who often find networks flat and easy to navigate once they breach the perimeter. This means that firewalls must be able to process traffic at wire speeds at the network’s edge and deeper in the data center, where wire speeds may be much higher.
The bottom line is that firewall performance matters more than ever. Firewalls are serving more security functions in more locations across the network and must do so with rapidly increasing throughput requirements. No matter how fast the Internet connection or how modern the internal Ethernet fabric, firewalls with inadequate performance characteristics will wipe out the benefits of fast connections and high-bandwidth LANs.
To learn more about Fortinet’s line of high-performance FortiGate firewalls, including the new FortiGate 3810, click here.