white paper software-defined secure networks · the software-defined data center revolution holds...

© 2017 by The Enterprise Strategy Group, Inc. All Rights Reserved.

Understanding Software-defined Security in Modern Software-defined Networks By Dan Conde, ESG Senior Analyst; and Jack Poller, ESG Senior Lab Analyst January 2017 This ESG White Paper was commissioned by Juniper and is distributed under license from ESG.

Enterprise Strategy Group | Getting to the bigger truth.™

Software-defined Secure Networks White Paper

White Paper: Software-defined Secure Networks 2


Contents

Introduction ............................................................................................................................................................................ 3

Challenges ............................................................................................................................................................................... 3

Cybersecurity Skills Deficiencies ......................................................................................................................................... 3

Organizational Silos ............................................................................................................................................................. 4

Manual Processes ............................................................................................................................................................... 4

Information Visualization .................................................................................................................................................... 5

Solution Integration and Macro Policy Definition .............................................................................................................. 5

Juniper SDSN ........................................................................................................................................................................... 6

The SDSN Approach ............................................................................................................................................................ 6

Juniper Networks’ SDSN Meets the Challenges .................................................................................................................. 8

Security Control Plane: Security Director and Policy Enforcer ....................................................................................... 8

Sky Advanced Threat Prevention .................................................................................................................................... 9

Security Data Plane: SRX Series Firewalls; EX and QFX Series Switches; and MX Series Routers ................................. 10

The Bigger Truth .................................................................................................................................................................... 10



Introduction

The modern dynamic business environment imposes significant cybersecurity challenges. The ever-expanding diversity and number of devices employees use to perform their jobs, new methods for collaboration, increasing dependency on complex IT infrastructures spanning legacy, public, and private clouds, and the escalating sophistication of malicious actors combine to present a particularly intimidating scenario. Organizations need to monitor their networks to detect suspicious activities and effectively enforce policies to prevent malicious behavior.

Challenges

Cybersecurity Skills Deficiencies

Many enterprises simply lack the right level of network security skills or staff to perform these tasks effectually, a symptom of a bigger problem—the global cybersecurity skills shortage. Per ESG research, 46% of organizations claim to have a problematic shortage of cybersecurity skills—the biggest skills gap of all types of IT skills.1 Within that cybersecurity skills gap, organizations’ second most cited area of deficiency was network security specialists, second only to the very closely related and intertwined cloud security specialists.

Figure 1. Cybersecurity Skills Deficiencies

Source: Enterprise Strategy Group, 2017

The skills deficit is not just a theoretical problem; it has real-world implications. Twenty-nine percent of cybersecurity professionals say that the global cybersecurity skills shortage has had a significant impact on their organizations, while another 40% indicate that the global cybersecurity skills shortage has had some impact on their organizations.2

What type of impact? Altogether, 54% of organizations have experienced at least one type of security incident. When asked about the causes of these incidents, nearly one-third (31%) of cybersecurity professionals say that the cybersecurity team is not large enough for the size of their organization, 26% point to a lack of training for non-technical employees, and 21% say that business and executive management tend to treat cybersecurity as a low priority.

1 Source: ESG Research Report, 2016 IT Spending Intentions Survey, February 2016. 2 Source: ESG/ISSA Research Report, Through the Eyes of Cyber Security Professionals: Annual Research Report (Part II), December 2016.

9%

14%

14%

15%

20%

23%

26%

27%

28%

33%

We don’t have any cybersecurity skills deficiencies

Endpoint security specialists

Application security specialists

Identity and access management

Security operations

Security engineering

Data security specialists

Security analytics

Network security specialists

Cloud security specialists

Which areas of cybersecurity would you say that your organization has the biggest skills deficiency? (Percent of respondents, N=299, three responses accepted)

http://research.esg-global.com/reportaction/ITSI2016/TOC

http://research.esg-global.com/reportaction/ISSA-RR-State-of-the-Industry-Dec16/TOC



Additionally, more than half (54%) say that the cybersecurity skills shortage has increased the workload on existing employees, 32% say it has led to high rates of staff attrition, and 32% say that the skills shortage has resulted in limited time for training, since the cybersecurity staff is too busy keeping up with day-to-day activities. It is also worth noting that 25% of respondents said that the cybersecurity skills shortage has led to a high “burn out” rate among the cybersecurity staff.

Organizational Silos

Traditionally, enterprise IT staff has been organized around functional areas of responsibility, with separate teams focusing on storage, networking, virtualization, databases, desktop, mobile, telephony, and security. As each focus area has grown more complex over time, IT staff has become more specialized, requiring advanced education and certification for job competency and advancement.

This, naturally, has led to organizational silos, where teams not only don’t communicate with one another, but are also forbidden from crossing functional boundaries. Virtualization teams may be able to spin up new VMs almost instantly, but still must request support from the storage and network teams before the VM can interact. Likewise, storage admins can scale out their storage solutions, but must request network team support before even physically connecting to the network. Meanwhile, only a select few security professionals are entrusted to create or modify security policies for any computing device.

The software-defined data center revolution holds the promise of delivering a unified data center, eliminating organizational silos. Designing, implementing, and managing virtual and cloud environments using scale-out converged or hyperconverged architectures requires expertise in almost all aspects of IT, from networking to security, which should encourage functional team cooperation and crosspollination of skills.

New technology, such as software-defined, cloud, or convergence, does not provide a panacea. New technology brings with it a new set of issues, both gross and subtle, that require significant specialized education and understanding. For example, even though software-defined brings centralized command and control of elements to simplify management and security, spanning the network between public and private clouds introduces new security issues. Thus, the modern data center, requiring more specialization rather than less, is leading to even more isolation between functional groups.

Manual Processes

IT organizations often suffer from a slew of manual processes, spanning the gamut from repetitive manual data entry, through tracking configuration and status through Excel spreadsheets, to paper forms requiring multiple signature approvals or online ticketing systems. Some manual processes are left over after the transition to an automated system. Many arise from the lack of resources or skill sets to automate the processes. More, still, arise from organizational inertia.

The IT organization’s main goal is to provide the technological resources for the overall business. As more organizations are required to do more with less, they have fewer resources available to dedicate toward automating processes. This shortfall is further exacerbated by the IT skills shortage, with IT staff lacking applicable programming skills or the understanding of the underlying processes.

An underlying principle of the software-defined data center is automation of centralized command and control, with a goal of reducing the burden on IT staff and eliminating organizational silos, which may lead to “staff redundancies.” However, IT organizations mimic living beings, and act for self-preservation. A job function, person, or team can’t be considered redundant and eliminated if they follow undocumented, complex, and arcane manual processes.



Information Visualization

IT solutions excel at generating, storing, sorting, and filtering data. However, even after coalescing, collating, and correlating data from myriad sources, the result is similar to the pieces of a jigsaw puzzle. What is required to extract value from the data is to complete the puzzle, organizing the data into an understandable picture using data visualizations.

IT professionals receive thousands of alerts each day, forcing them to wade through a wealth of information to prioritize and then search even further to find the critical items of interest. While the network admin needs to find the IP address of the affected systems, the security forensic tech needs the incident number and checksum of the potential malware. Unfortunately, many IT solutions treat all information as having the same relevance to the viewer, without regard to the perspective, knowledge, or role of that user.

Prioritizing information, displaying the most important information first, and emphasizing relevant related data enables the user to rapidly assess the situation, make decisions, and take the appropriate actions. Poor data visualizations force the user to spend time and effort on information comprehension rather than on decision making.

A related challenge is the user interface. There are as many user interface paradigms as there are IT solutions, and many lack standardizations or regard for human frailties and ignore decades of research in man-machine interfaces, such as those utilized in airplane and automobile design. For example, it is common to indicate error conditions through colors, using the stoplight model whereby green is good, yellow is a warning, and red is bad. This can be hazardous for those who are red-green colorblind.

Another common trait is to put as much information as possible on the screen at one time. Aided by modern high pixel density screens, dense layouts are harder to read for the aging workforce. In addition, dense layouts are difficult to interpret, and discourage exploration for new features or functionality.

Solution Integration and Macro Policy Definition

IT security solutions almost always start as point solutions, designed to deal in the technical minutia of the specific domain. A firewall is concerned with the traffic moving through each specific interface on the device, while an intrusion protection system deals only with traffic entering the organization through the public interface.

Each solution comes with its own set of policies and policy manipulation tools, and managing policies is relatively easy. Many solutions even provide for the ability to synchronize policies across multiple devices, ensuring one master set of policies is applied uniformly across the organization.

These policies are micro policies, tightly intertwined with the specific methodologies used for detection and enforcement in the point solution, and enable extremely fine-grained control of the environment. Specific to one device or solution, these micro policies are not applicable to a different solution, even from the same vendor. Policy silos hamper the organization’s ability to integrate multiple solutions into a single system controlling the security posture for the entire organization.

To maintain a cohesive and comprehensible security posture, CIOs, CISOs, IT management, and IT security need to be able to set policy at the macro level, across the entire organization, without regard for the specific device. Ideally, policies should specify which users, groups, and entities have access or restricted access to specific resources, and the IT solutions could translate into the micro policies for specific devices or solutions. This enables the IT organization to focus on intent, not implementation.



Juniper SDSN

It is worthwhile for IT organizations to examine a network security solution that addresses their specific needs. Juniper Networks’ Software-Defined Secure Network is one such solution that offers end-to-end network visibility, securing the entire network, physical and virtual. Leveraging cloud economics to find and stop threats faster, the unified Software-Defined Secure Network platform combines policy, detection, and enforcement with a comprehensive solution portfolio that centralizes and automates security.

Juniper’s SDSN creates a single, holistic defense domain where every network element becomes an enforcement point, addressing the three pillars of network security:

• Policy—Intelligible, simplified, centrally managed policies spanning all network elements across the heterogeneous network.

• Detection—Aggregated, cloud-based threat intelligence service with adaptive policies covering changing threat conditions.

• Enforcement—Dynamic, real-time policy distribution, ensuring always-updated policies to stop rogue traffic and quarantine comprised endpoints.

The SDSN Approach

The basis for the Software-Defined Secure Network is the software-defined network (SDN). SDN, which pulls from the concepts of compute virtualization, is based on the principle of abstracting the software to the point where software is independent of and can run separately from the underlying hardware.

Applying this to networking, SDN not only separates the networking software from the underlying hardware, but also introduces an abstraction layer separating network configuration and control from physical connections and hardware. This separation of the control plane from the data plane enables programmatic control of the network while simultaneously aggregating multiple device data planes into a single logical data plane for a unified network. With SDN, network-wide traffic flows can be adjusted to meet changing needs with centralized device management and automated configuration of the network.

Software-defined networks are centralized, programmable networks that can dynamically provision to address changing business needs, and provide these benefits:

• Automation—Decoupling the control plane from the data plane enables dynamic configuration and direct integration with the latest principles and technologies, from DevOps to containers and OpenStack. Dynamically provisioned services, applications, and virtual machines can dynamically, programmatically, and automatically provision the appropriate network resources without administrator intervention.

• Centralized management—The decoupled control plane is logically centralized, maintaining a global view of the network, which appears to applications, policy engines, and administrators as a single large switch to simplify management and reduce the possibility for complications due to human error.

• Scalability—SDN supports scale-up methodology, adding devices to extend the reach and increase available bandwidth, without having to perform forklift upgrades.

• Improved TCO—Starting small and growing reduces CapEx requirements, while utilizing dynamic, centralized management shrinks the administrative burden and reduces OpEx requirements.



• Agility and flexibility—Organizations can rapidly deploy new applications, services, and infrastructure, while dynamically adjusting the configuration and performance of the network to meet new and changing business goals.

Juniper Networks recognized the benefits of applying the SDN methodology to network security, and developed the Software-Defined Secure Network (SDSN). Where SDN separates the network control plane from the network data plane, SDSN separates policy management (security control plane) from detection and enforcement (security data plane).

Juniper’s SDSN confers many of the same benefits as SDN, including:

• Automation—Decoupling the security control plane from the security data plane enables dynamic configuration and direct integration with applications, services, and systems. Dynamically provisioned services can dynamically, programmatically, and automatically set the appropriate security policies without administrator intervention.

• Centralized management—The decoupled security control plane is logically centralized, maintaining a global view of network security. Administrators are presented with a single unified environment, enabling control of the entire environment with macro policies using a single interface, simplifying management, and reducing the possibility for complications due to human error.

• Scalability—SDSN supports scale-up methodology, dynamically adding devices to protect dynamically growing networks, without having to perform forklift upgrades.

• Improved TCO—Starting small and growing reduces CapEx requirements, while utilizing dynamic, centralized management shrinks the administrative burden and reduces OpEx requirements.

• Agility and flexibility—Organizations can rapidly deploy new security detection and enforcement to dynamically added applications, services, and infrastructure, programmatically adjusting the configuration and performance of the network to meet new and changing business goals.

Juniper’s SDSN provides additional security-specific benefits, including:

• Single policy domain—SDSN creates a single policy domain throughout the entire network, enabling CIOs, CISOs, IT admins, and security admins to develop macro policies by focusing on the intent to protect the network, rather than on the policy implementation of each network element.

• Single detection domain—SDSN creates a single detection domain, integrating and coordinating detection across all different types of security elements throughout the network. Security issues can be detected at the perimeter and inside the network, across the plethora of network devices, increasing the network security posture in the always-on, bring-your-own-device world.

• Single enforcement domain—SDSN creates a single enforcement domain, integrating the enforcement of policies across the network, ensuring enforcement using multiple types of security elements, eliminating special cases, and ensuring that malware and misbehaving systems are completely and appropriately isolated at all points in the network.

• Unified prevention—Every network element participates in the same policy management, detection, and enforcement environment, ensuring unified prevention of damage from malware or misbehaving systems.



Juniper Networks’ SDSN Meets the Challenges

Juniper’s SDSN stack, shown in Figure 2, consists of the security data plane, the security control plane, and the Juniper Cloud.

The Juniper Cloud includes Spotlight Secure Threat Intelligence and Sky Advanced Threat Protection (Sky ATP), and can also incorporate data from third-party threat intelligence services. The cloud provides threat intelligence for policy development, aiding in the detection and prevention of security threats.

The control plane consists of the Security Director and Policy Enforcer, and enables administrators to manage the policies for the entire network.

The security plane includes Juniper’s physical and virtual network elements, including the SRX and vSRX firewalls, EX and QFX network switches, and MX Routers.

Juniper’s SDSN stack supports the three pillars of network security, providing:

• Policy--Centralized visibility and management of policy for the entire network, with an open and programmable environment.

• Detection—Fast and effective protection from advanced threats with integrated threat intelligence.

• Enforcement—Adaptive enforcement providing consistent protection across all physical and virtual network elements.

Security Control Plane: Security Director and Policy Enforcer

The heart of Juniper’s SDSN stack is the security control plane—Security Director and Policy Enforcer. Security Director is the centralized network security policy management system, providing granular policy management across all phases of the security policy lifecycle for stateful firewalls, unified threat management (UTM), intrusion protection (IPS), application firewalls (AppFW), VPN, and network address translation (NAT).

Leveraging a standard web-based interface, Security Director is a platform providing users with actionable intelligence automation. This enables users to detect threats as they happen and apply remedial actions in real time. Customizable dashboard widgets with advanced data visualizations ensure that administrators are always aware of the current security posture and potential threats against the organization.

A key component of the security control plane is the Policy Enforcer. Using information from the Juniper Cloud and Sky Advanced Threat Prevention (Sky ATP), Policy Enforcer learns about and responds to the latest threat conditions originating in the cloud. Enhancing the environment’s automation, Policy Enforcer updates security policies, deploying new enforcement rules to all network elements to ensure effective quarantining and tracking of infected hosts to prevent additional damage.

Security Director and Policy Enforcer are structured around user-intent-based policies. This simplified policy framework is based on business-oriented objects and intents, including users, user groups, geographic locations, devices, sites, tenants, applications, and threats. The framework is designed to focus policies on intent rather than on implementation. Once

Figure 2. Juniper SDSN Stack

Source: Enterprise Strategy Group, 2017



defined, policies are applied to all network elements, ensuring that all network elements work in concert to achieve maximum security.

Security Director and Policy Enforcer enable Juniper to address the five major network cybersecurity challenges:

• Organizational silos—Extending the philosophy and architecture of software-defined networking to cybersecurity networking integrates networking and security tasks into a single system with a single unifying interface across all network and security elements. This breaks down barriers and fosters cooperation between functional groups.

• Macro policies—SDSN as an architecture, and the security control plane provided by Security Director and Policy Enforcer, relies on macro policy definition and management, ensuring staff focus on security intent rather than maintaining multiple complex policy sets for different network security elements.

• Manual processes—Security Director and Policy Enforcer rely heavily on automation, from applying macro policies to each individual network element to automatically updating policies using new threat intelligence from Juniper’s Sky ATP and other threat intelligence sources.

• Information visualization—Security Director has access to data from all network elements and from the Juniper Cloud. This information is presented to the user with advanced information visualizations with the goal of ensuring the user has a macro-level understanding of the organization’s current security posture.

• Skills shortage—Security Director, Policy Enforcer, and Juniper SDSN can be managed without requiring advanced training or certification in cybersecurity, networking, or programming because they provide automation, macro-level understanding, and macro-level policy management.

Sky Advanced Threat Prevention

Working in concert with Juniper SRX Series firewalls, Sky Advanced Threat Prevention (Sky ATP) monitors ingress and egress traffic to find and protect against sophisticated known, zero-day and unknown threats. Sky ATP is a cloud-based solution that delivers a verdict assessing the risk level of each potential attack. Sky ATP uses cache lookups to identify known files, and dynamic sandbox analysis with deception techniques to detect new malware. Applying advanced machine learning algorithms, which incorporate multiple attributes and behaviors across large malware data sets, Sky ATP can identify and eliminate zero-day attacks and threats before an attacker infiltrates the network.

Sky ATP works in concert with SRX Series firewalls and communicates data to the SDSN security control plane, creating an automatic feedback loop, increasing the speed of malware identification and prevention, and automatically updating policies to limit the spread of infections. Malware identified by Sky ATP is shared globally among all Juniper customers in near-real time to block additional attacks.

Sky ATP is further enhanced with a rich set of curated threat intelligence provided by the Spotlight Secure Threat Intelligence platform. This enables automatic proactive blocking of outbound malware command and control communications. The combination of Spotlight Secure Threat Intelligence data and Sky ATP’s global sharing of malware intelligence reduces spurious alerts and diminishes the probability of false negative malware tests. Sky ATP’s machine learning algorithms and automated processing of malware threats reduces the knowledge and attention required for threat prevention, allowing IT personnel to focus their efforts on ensuring that their entire network environment is protected.



Security Data Plane: SRX Series Firewalls; EX and QFX Series Switches; and MX Series Routers

The SDSN security data plane includes Juniper SRX series firewalls, Juniper EX and QFX series switches, and Juniper MX series routers. The SRX series firewalls are deployed as both physical and virtual firewalls, and have a long history of validation by the industry over many years. The SRX series employs the latest next-generation anti-threat firewall technology, integrating Sky ATP threat intelligence. SRX firewalls are suitable for any size data center, and are available in many configurations, expanding to support up to 2Tbps throughput for the largest data centers.

Juniper QFX Series switches are designed to be deployed at top of rack, at end of row, and for spine-and-core aggregation. Supporting 1 Gbps, 10 Gbps, 40 Gbps, and 100 Gbps, QFX series switches are available as 1U and 2U fixed-platform, and 13U and 21U modular platforms spanning 1.44Tbps to 96Tbps throughput.

Juniper EX Series switches offer carrier-class switching solutions for converged enterprise branch office, campus, service provider, and data center deployments. Supporting 1 Gbps, 10 Gbps, 40 Gbps, and 100 Gbps, the EX series is available as a 1U fixed-platform switch spanning 24 ports with 56Gbps throughput to 48 ports with backplanes supporting virtual chassis and 1.44 Tbps. The EX series is also available as a 4-, 8-, 14-, or 16-slot chassis switch supporting up to 13.2 Tbps per chassis.

Juniper MX Series 3D Universal Edge Routers were designed to support a universal set of edge applications, enabling customers to rapidly respond to evolving business and technical requirements, and to simplify operations. Flexibility is enhanced with the Juniper Trio chipset, which scales for bandwidth, subscribers, and services. Leveraging Trio, Juniper can add support for new features and protocols without upgrading hardware.

The MX series utilizes the Junos operating system and offers a rich set of IP/MPLS services, consistent low latency, and wire-rate forwarding at scale. The Juniper Extension Toolkit provides modern programming languages and interfaces for customization and automation. MX series routers can be deployed as a virtual solution offering 160Gbps throughput, and as a physical solution in a variety of form factors from a single 2U fixed platform to a full 45U rack solution. Physical throughput ranges from 20 Gbps to 80 Tbps.

Juniper’s security data plane is powered by the Junos operating system, a single, modular operating system for all network elements in Juniper’s portfolio. Using a single operating system with a single code base reduces the time and effort required to plan, validate, deploy, and expand the network. Junos OS provides a comprehensive set of features to support network switching, routing, and firewall operations. Unified in-service software upgrades (ISSU) reduce downtime and minimize risks during upgrades. Junos is a programmable environment, with secure programming interfaces, scripting support, and the Juniper Extension Toolkit (JET), along with integration with popular orchestration frameworks supporting DevOps methodologies.

Juniper SDSN is comprised of Security Director and Policy Enforcer, SRX series firewalls, EX and QFX series switches, MX series routers, Sky ATP, and the Juniper Cloud. This solution combines a unified code base, automation, integration, advanced threat protection, and macro policy management to deliver consistent protection across the entire network, saving time and effort for security personnel.

The Bigger Truth

Network security and cybersecurity are not just fad-of-the-day buzzwords. The cybersecurity threat landscape is rapidly evolving and becoming ever more sophisticated, with real-world consequences from loss of data to loss of revenue or even



the destruction of the business. This has driven cybersecurity to be the most often cited IT priority in ESG’s annual IT spending intentions survey since 2013.3

Cybersecurity protection becomes even more important as organizations move to support an expanding list of devices, operating environments, access methods, and use cases. Security professionals have been forced to expend significant time and effort to keep pace with rapid changes in technology, the swift growth in the number and frequency of attacks, and the ease with which malicious actors progress from neophyte to expert. Thus, cybersecurity professionals are in high demand, and almost half of surveyed organizations claim to have a problematic shortage of cybersecurity skills.4

Exacerbating the challenge organizations face is the natural tendency for functional groups to become siloed into separate kingdoms, each with their own hierarchy, specializations, certifications, and lexicon. Siloed functional teams prevent cross-training, cross-functional cooperation, and cross-functional communication, which can lead to gaps in security coverage and a worsening of the cybersecurity posture.

Additional challenges that can impact the cybersecurity posture include dependencies on manual processes, which require more staff who are already in short supply, and expose the organization to increased opportunities for human error. Human error can also creep into environments that require IT staff to separately manage security policies for each individual network element.

A distinctive method for addressing these and many other cybersecurity challenges is using the Juniper Networks Software-Defined Security Network. SDSN extends the philosophy and architecture of the software-defined network to network security, separating the control of the security environment from security enforcement. Where SDN has a control plane for network control and a data plane for moving data through the network, SDSN has a security control plane that manages security policies and a security plane that detects and prevents malware and enforces security policies. Juniper extends SDSN even further, incorporating threat intelligence from the cloud into both the control plane and the security plane.

The architecture of Juniper’s SDSN, integrating network security within the network, fosters cooperation and cross-functional communication, bridging the silos and chasms between the networking and security teams. SDSN encourages the teams to develop macro-level security policies, protecting the entire organization, while the solution translates and applies the macro policies to the micro policies for each individual network element. Macro policy management is enhanced with macro-level advanced data visualization, enabling personnel to develop a broad understanding of the overall threat landscape and organizational security posture.

Automation is prevalent throughout SDSN. Sky ATP integration automatically updates policies, detection, and prevention capabilities in the control plane and the security plane, providing each element with the most up-to-date threat intelligence. The solution automates the process of defining and applying security policies to every network element of every type throughout the network. All elements provide APIs, supporting automation and integration with the latest IT environments and methodologies such as DevOps, OpenStack, and others.

SDSN simplifies the tasks of applying and enhancing network security, reducing the demands on cybersecurity personnel. Automation reduces the potential for human error and ensures up-to-date security, while the entire solution focuses the security staff on thinking and working at the macro level, enhancing security throughout the network. SDSN may be the technology that allows you to address your own cybersecurity skills shortage while simultaneously increasing your security posture.

3 Source: ESG Research Report, 2016 IT Spending Intentions Survey, February 2016. 4 ibid.

http://research.esg-global.com/reportaction/ITSI2016/TOC


All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of The Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.

www.esg-global.com [email protected] P. 508.482.0188

Enterprise Strategy Group is an IT analyst, research, validation, and strategy firm that provides actionable insight and intelligence to the global IT community.


white paper software-defined secure networks · the software-defined data center revolution holds...

Documents