IT departments face significant problems if they are to retain full control over critical assets hung off what has become a sprawling LAN infrastructure, industry has warned today.
Support for an increasingly virtualised workforce, the dynamic mix of permanent employees and ad-hoc workers including contractors, partners, suppliers and customers, is one of the biggest causes of the problem, ConSentry Networks research has revealed.
In a multi-country survey it found that IT decision-makers are coming under increased pressures as a result of opening up their networks to cross-functional users and third parties, who are tapping into a diverse application sets and often with personal IP devices.
Respondents highlighted the need for improved control over security (72%), access to specific areas/job functions (68%), access to specific applications (65%), general user access (64%), and ad-hoc network access (63%). The findings are based on 200 interviews with IT decision makers from mid-sized (250+ employees) to large enterprises (1000+ employees) across the US (100) and UK (100) regions.
One solution, according to a Yankee Group report released this week, is the incorporation of context into the LAN so that IT can resolve the challenges associated with LAN sprawl.
“The onus is on IT to build more sophisticated networks that provide context about what is connecting to the network,” Yankee said.
This context-awareness must also extend to understanding the relationships among users, applications, and devices and the impact that environmental factors such as location and time of day can have on these interactions. “Without this level of visibility, IT will not have the means for controlling the LAN sprawl so prevalent in companies today.”
ConSentry Networks provides around 250 enterprise accounts with so-called context-driven switching, a relatively new class of switches that marries business policy with LAN controls.
These smart switches provide IT administrators with a good level of network traffic visibility and because they have layer 7 intelligence they also provide a knowledge of users’ identities, roles and what application and device they are using to access the network.
In short they make for finer control over access.
This is in line with Yankee’s study, which suggests that the role of the network needs to evolve from that of a passive infrastructure to one of being the underlying orchestrator of services and the central point for providing policy enforcement.
“To be the orchestrator, the network must have context – stateful knowledge of each flow including the end user’s identity, organisational roles, devices, applications at Layer 7, and other environmental factors such as location and time of day” the analyst house has concluded.
