You can’t protect what you don’t know is yours. Having a clear view of what is on your network and why will help guide a security strategy that can transform the business. 

Knowledge is power. When it comes to securing Global Service Providers’ networks, there is no such thing as too much power. 

Service providers face and suffer from the same security challenges as any other business — patching, segmentation and endpoint architecture, among others — but do so on a much larger scale due to the sheer size of their networks.  

With the explosion of 5G, security is more important than ever. Security services will play an integral role in the 5G network’s ability to transform business 

Service providers can throw the proverbial kitchen sink at their security concerns and it won’t make significant difference unless they know what it is they’re trying to protect.  

Security always starts with visibility. Think about it — you can’t protect what you can’t see or don’t know is yours.  

Global service providers should begin any security conversation with three basic questions:  

  1. What is on my network?  
  2. What is each and every application or device doing?  
  3. Is that application or device doing what it should be doing? 

Surprisingly, answers to these three questions aren’t always top of mind. And that’s a problem, especially for service providers. Consider this: One large service provider WWT has worked with in the past discovered nearly 4 million IP addresses under its thumb it previously didn’t know existed — roughly 7 percent of its network. 

Simply put, security teams do not have enough visibility with executive leadership.  

One of the first questions I ask customers across any industry is, “Do you have an accurate inventory of your assets? 

There’s no logic to discussing more sophisticated trends if the customer can’t nail down the basics first. You can’t maintain basic security hygiene on assets you don’t know are yours. This is certainly true for service providers, which have massive networks.

The security eye doctor 

An easy way to begin gaining better visibility into your network is a relatively new security provider called ExpanseBut don’t confuse young with inexperienced. Expanse can make an immediate difference for service providers looking to beef up their security capabilities. And better yet, Expanse is quick and easy to deploy. 

Expanse provides a comprehensive, continuously updated inventory of all Internet-connected assets that belong to an organization. In doing so, Expanse surfaces problematic and non-compliant configurations and communications of those assets.  

The Expanse solution requires zero installation or configuration of any kind and delivers its service via two product offerings:  

  • Edge Expander discovers, monitors and tracks a providers global Internet attack surface to identify new, existing and unknown assets. That is to say, it finds what you didn’t know was yours to begin with. 
  • Edge Behavior provides a complete, outside-in view of the behavior of your perimeters, its responsive assets and their communication outside your organization. In effect, it allows a service provider to take action on better securing its network. 

This type of visibility is integral. But it’s just one viewpoint — one of the enterprise from the outside. Service providers should not overlook the other half of the equation: visibility of the enterprise from the inside. 

Tanium can help in this regard. 

The power of Tanium 

Tanium, an endpoint management platform, recognizes the lack of visibility across endpoints — laptops, servers, virtual machines, containers or cloud infrastructure  is preventing organizations from making confident decisions and operating efficiently 

Tanium allows a user to communicate with endpoints in a very fast and efficient manner by using a proprietary architecture known as linear chaining, which allows Tanium to bypass the traditional need for distributed infrastructure to see and do things much more rapidly and with much greater scale than common enterprise tools. 

Tanium requires an agent to be deployed to all assets in an organization and is managed by a single server. With the agent and Tanium capabilities, a service provider can now perform discovery of assets, software, people and data, measure their compliance, identify their vulnerabilities and much more. 

World Wide Technology (WWT) has a large Tanium customer base and expertise helping customers identify hardware and applications operating inside an organization.  

Powers combined 

With WWTTanium and Expanse working together, the combined services can give a service provider a complete picture of its environment in both public and private IP spaces. 

Take, for example, a rogue telnet service exposed to the internet detected by Expanse. Leveraging a company’s data and mapping algorithms, Expanse can identify the telnet and tie it to an organization but can only report the public-facing IP address, possible login information and certificate information.  

That information is helpful. But identifying the particular piece of equipment exposing the service, the business unit that owns it and the people using it can still be challenging.  

This is where Tanium comes into play. 

Top-Down Strategy 

By using information provided by Expanse, WWT can generate focused questions in Tanium to help identify the equipment and expose the service. WWT can integrate Expanse data and Tanium data into a service provider’s central management database (CMDB) to quickly identify problem and quickly remediate the issue. 

Through rigor and next-level subject matter expertise, WWT works to drive success and achievable performance for service providers by employing a top down security strategy that weaves business objectives and use cases from leadership into consumer-level current use.  

While Expanse remains an easy to use tool that offers high upside, WWT can work across various organizational bodies to ensure adoption of the tool, thus creating growth and value recognition.  

WWT engages with:  

  • End-users/consumers of data by bringing adoption of the tool or use of the data gathered to their everyday workstream; 
  • Team leads by bridging gaps where leaders are looking for streamlining or more effective ways at managing their lines of business;  
  • Executives and leadership by driving toward business objectives for purchase of tool to ensure ROI is recognized and costs are avoided; 
  • Partners by leveraging our relationships with technology leaders in industries across the globe to drive additional business growth and opportunity for operational effectiveness. 

Advanced Solutions, Enhanced Visibility 

WWT can help customers evaluate solutions across the broad spectrum of the security industry — from leading brands to innovative startups — by leveraging our state-of-the-art Advanced Technology Center (ATC) to evaluate the right solution mix.  

Regardless of type or location of your technology — whether it involves data center, 5Gpowered devices, supply chain, mergers and acquisitions, cloud governance, EastWest traffic or endpoint — everything starts with visibility. 

The ATC’s unique testing environment can mimic a service providers large network and provide access to numerous OEM products to evaluate and implement solutions faster and easier than ever. 

Gain access to our ATC lab and resources today. 

Leave a Reply

Your email address will not be published. Required fields are marked *