Streamlining Security with Multi-Cloud Networking

Enterprises need multi-cloud networking and security for all layers of the stack: infrastructure, apps and app delivery, and data.

Lori MacVittie

March 25, 2023

4 Min Read
Streamlining Security with Multi-Cloud Networking
(Credit: Kalawin via Adobe Stock)

I spent my kid's spring break writing code. It's been a while, so it took a few hours to get back into it, but once I did, I remembered why I both love and loathe writing code.

To be fair, it’s not the coding that I hate. It’s the yak shaving. Configuration conflicts, missing modules, and a never-ending stream of security-related restrictions make the entire process of developing software painful today.

The thing is, every role has its fair share of yak shaving to deal with it. For the majority of enterprises, that yak shaving involves solving the challenges associated with networking and security across the entire IT stack in core, cloud, and – for just about one-third of organizations – edge environments. What’s the number one challenge organizations across the globe need to solve today? The complexity of the tools and APIs needed to connect and secure apps across multiple environments.

That’s why it was no surprise that multi-cloud networking was one of the most exciting technologies around the globe this year in our annual research.  

Even though most of the market wants to talk about API attacks – which are absolutely growing at a phenomenally scary rate – that doesn’t negate the reality that infrastructure and traditional application layer attacks are still a thing that business needs to address.

I’m not kidding. In 2022, Microsoft mitigated an average of 1435 DDoS attacks every day. According to its 2022 in Review: DDoS Attack Trends and Insights report, Microsoft “mitigated upwards of 520,000 unique attacks against our global infrastructure during 2022.” Our own data shows an equal focus on infrastructure and application layers:

multi-cloud networking

multi-cloud networking.jpg

A quick search of the Internet will provide many such statistics. No one is immune from infrastructure and application layer attacks today, and both happen with appalling frequency.

The complexity inherent in multi-cloud networking – which includes the traditional IP layer through the application layer – makes a platform approach the best option for organizations that need to seamlessly support their IT stack across core, cloud, and edge. That’s because platform approaches address complexity by encapsulating it and providing a simpler experience for deploying and operating services.

So it’s no surprise to see that adopting platform approaches to securing each of these layers is on the rise. We asked about this, too, and found that it’s the norm today. 65% of organizations plan to adopt a platform approach for securing infrastructure, 50% plan to do so for protecting applications and APIs, and 40% are looking at platforms to defend the business.

But unless that security is natively a part of a multi-cloud networking platform, there are going to be a whole lot of frustrated practitioners out there. And by native security I mean both traditional volumetric attacks like DDoS and application layer attacks like SQLi, exploitation of vulnerabilities (log4j anyone?), etc.

In the early days of the Internet, it was natural and even logical to separate infrastructure and app security into different concerns. But as we've progressed and become adept at leveraging the Internet itself as a platform, the two concerns have grown closer together. That's because we've moved away from using protocols as specific functions for applications' capabilities and instead standardized on HTTP as the de facto lingua franca of communication on the Internet. The OWASP Top 10 exists because of that standardization and of the commonalities across applications built on top of HTTP and its associated languages and frameworks.

So deploying an app today requires – or should require – both infrastructure and application security. Period. No one argues with that, except on Twitter, where everything is up for debate. But that means if you're deploying applications in multiple environments and moving to multi-cloud networking to provide the underlying glue that connects them, that multi-cloud networking solution should also, by default, offer simple ways to secure them.

The digital enterprise is going to operate Hybrid IT. That means they need multi-cloud networking and security for all layers of the stack: infrastructure, apps and app delivery, and data. And the two need to go together and offer a simple way to deploy and operate both. Anything less is just kicking the complexity can into someone else’s yard.

Related articles:

About the Author

Lori MacVittie

Distinguished Engineer, Office of the CTO, at F5

Lori MacVittie is the  Distinguished Engineer in F5's Office of the CTO for cloud computing, cloud and application security, and application delivery and is responsible for education and evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she authored articles on a variety of topics aimed at IT professionals. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University. She also serves on the Board of Regents for the DevOps Institute and CloudNOW, and has been named one of the top influential women in DevOps.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights