Virtual Event Today: Supply Chain Security Summit - Join Event In-Progress

Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Security is Everywhere. Can Your Services Keep Up?

Today’s networks require flexible services designed to accompany efforts to protect any user accessing any service from any location on any device

Today’s networks require flexible services designed to accompany efforts to protect any user accessing any service from any location on any device

Cloud adoption and the rapid transition to remote work have permanently changed how companies do business. And now, as organizations begin to bring employees back to the office using a hybrid work model, organizations have had to deploy highly dynamic and adaptable hybrid networks. These recent changes have resulted in a proliferation of devices and users working from anywhere, which has expanded the digital attack surface and exposed more applications, devices, data, and users to risk. 

Understanding and controlling data, applications, and traffic moving across and between these divergent environments is crucial to maintaining security. But this becomes complicated as hybrid and multi-cloud environments adopt new technologies like zero-trust access (ZTA), zero-trust network access (ZTNA), secure SD-WAN that combine physical, cloud, and endpoint devices into an integrated solution. And it becomes even more complicated when things like identity and access management (IAM) policies and an array of tools designed to protect applications and platforms are added to the mix.

But while the ability to create dynamic environments has rapidly evolved, security services have traditionally failed to keep up. Security services help organizations manage licenses, keep solutions current with the latest product updates and real-time threat intelligence, and ensure their policies and configurations align with critical compliance requirements and regulations. But most security services are still tied to specific silos. As a result, many organizations now struggle to manage the complex array of inflexible siloed offerings with different licensing models they have in place.

License management tends to fall into one of three categories. Device-based licensing is used to support endpoint protection (EPP) and advanced endpoint detection and response (EDR) solutions. Hardware-based licensing is used for physical devices, such as firewalls, IPS, and SD-WAN platforms. And user-based licensing services are the primary solution used to manage cloud-based tools, such as email, identity, and zero-trust network access (ZTNA). But the networks where these solutions are deployed and the users and devices that depend on them are much more fluid. 

In today’s networks, a user, device, or application could be anywhere. This fundamentally changes the networking paradigm from location (Where is a user connecting from? Where is an application located? On what server or in which data center?) to who or what needs to access which resource, regardless of where they might reside. Resource use is fluid and can move between physical, cloud, and end-user edges from moment to moment. Hybrid workers, for example, now need to move between campus and home networks, while applications, data, and workflows can span on-premises and cloud environments. As a result, today’s networks and security architectures are being designed to support distributed resources, cloud-based platforms, and remote workers. But static service models can bring all of that to a standstill.

Today, CISOs struggle to accurately forecast spending for advanced security use cases like ZTNA or SASE because they are a mixture of device-based, appliance-based, and cloud-based licenses. Pricing such solutions can be challenging because traditional licensing models don’t fit. Because they span the traditional services silos, they require custom quotes, making comparisons almost impossible. And the challenges increase when an organization needs to add or reduce security capabilities because budget and needs change due to mixed structures and end dates.

That’s because traditional services models were never designed to support devices and solutions that need to rapidly adapt to shifting business requirements. Inflexible services limit the ability of users, networks, and applications to dynamically adapt to things like shifting connectivity needs, hybrid workers, or applications that may need to move between on-premises data centers and cloud environments. Instead, organizations need services that seamlessly follow users, applications, and data across any environment or form factor. This approach would allow them to build and leverage dynamic environments without the burden of anticipating how many licenses are needed for the different technologies, edges, and solutions in use.

New advanced services need to support various use cases on the fly, regardless of where data, applications, and users are operating—especially as resources move back and forth between physical and virtual environments and form factors. Flexible licensing models and services will not only allow true network flexibility but enable organizations to quickly deploy new technologies designed for highly dynamic networks and distributed solutions, such as ZTNA, SD-WAN, and SASE.

Today’s networks require flexible services designed to accompany efforts to protect any user accessing any service from any location on any device. Unified services need to secure the organization across any network, endpoint, or cloud with simplified consumption and unified licensing models for any use case or form factor. Advanced services designed for the way companies do business will enable organizations to run their business the way they need, enjoying the flexibility such environments provide while knowing that their hybrid networks and users are always secure because their licenses and services can adapt with the network.

Written By

John Maddison is EVP of Products and CMO at Fortinet. He has more than 20 years of experience in the telecommunications, IT Infrastructure, and security industries. Previously he held positions as general manager data center division and senior vice president core technology at Trend Micro. Before that John was senior director of product management at Lucent Technologies. He has lived and worked in Europe, Asia, and the United States. John graduated with a bachelor of telecommunications engineering degree from Plymouth University, United Kingdom.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...