According to, “A Guide to NetOps and SecOps Collaboration,” a recent white paper from Enterprise Management Associates (EMA), 35 percent of network operations teams say security system problems, such as bad policies and device failures, have led to complex and difficult-to-troubleshoot service performance issues. Another 35 percent reported that incidents originally presented themselves as complex service performance problems that required cross-silo collaboration.
Amidst growing enterprise adoption of software-defined data centers and public and private cloud architecture, that cross-silo collaboration is increasingly important. To meet growing security challenges, enterprise CIOs must find ways to bring network and security teams together.
NetSecOps collaboration is key to achieving the critical goals of improved network performance, security risk reduction, and accelerated security incident detection and response. The more converged network and security teams are, and the more integrated the tools and processes used between them, the more successful they can be at achieving the aforementioned objectives.
Four Steps to Collaboration
The white paper, which draws on EMA research on network megatrends, lays out four areas of focus for achieving successful network and security team collaboration.
- Collaboration should begin at the design and deployment stage. As enterprises race to embrace the cloud, software-defined WAN solutions, virtualization, Internet of Things, and increased mobility, the security perimeter is becoming more vulnerable than ever. That is why NetSecOps collaboration should take place at the infrastructure design and deployment stage. Security has to be a first priority.
- Effective collaborationstarts with a single source of truth. A single source of truth will ensure that network and security teams are sharing consistent, up-to-date information, thus eliminating blind spots and data control conflicts. NetSecOps should look for opportunities to unify their data collection, as well as the tools used for analysis, wherever possible.
- Choosing the right tools is key. The EMA report found that network performance monitoring and network automation/orchestration are considered the two most essential tools for collaboration. Because network performance and security incidents often are interrelated, performance management tools are essential for identifying potential security incidents. This information can enable analysts to see how a security incident is affecting performance. Network automation tools can be extremely helpful, because they empower enterprises to make quick changes to the network in response to a security event.
- Formalize the collaboration. To ensure success, enterprises should formalize collaboration between network and security teams. By documenting the processes established for collaboration, creating change controls where necessary, and leveraging industry best practices where relevant, companies can establish a roadmap to guide an effective partnership between network and security teams. In this way, organizations can derive the maximum benefit from NetSecOps.