By Ankur Singla, Founder and CEO of Volterra
Organizations of all sizes are adopting cloud-native application design and deployment practices as they continue to digitally transform business processes. This includes the extensive use of microservices and APIs, as well as distributing clusters across multiple cloud providers. Unfortunately, a recent survey by Propeller Insights found that while most organizations today are using cloud-native apps, Kubernetes and microservices, they struggle to secure and connect the complex environments resulting from them.
Cloud-native is no longer just a bold new idea for most organizations — it’s a reality. However, DevOps and NetOps teams are facing some serious security and networking hurdles they did not anticipate from the outset. As a result, organizations struggle to get the agility and scalability they expected from their cloud-native environment and investment. Looking to the year ahead, the following trends will play a critical role in helping organizations understand and overcome their cloud-native app security challenges:
Trend #1: API sprawl jeopardizes the security of modern applications
As organizations continue to digitally transform business processes, they are increasingly transitioning from legacy applications to modern, cloud-native apps. These intricate modern apps feature far more APIs than their predecessors. And since these apps are built with extensive microservices, many of these APIs are deeply embedded and hidden. This API sprawl has created many new attack vectors. Few vendors address app security properly at the API level, leaving developer and security teams scrambling to protect these apps. Traditional API gateways were designed for app to web communication, not app to app communication, which is characteristic of distributed, cloud-native environments. As a result, developer and security teams must manually discover all APIs and enforce policies on them, a cumbersome and error prone process.
In 2021, the industry will popularize a new approach for securing modern, cloud-native apps: the use of machine learning to automatically identify all APIs, no matter how deeply embedded or hidden, and then enforce policies on each one. This will eliminate the difficult task of manually identifying and enforcing policies for each API.
Trend #2: Growing understanding of service meshes accelerates cloud-native transition
In 2021, organizations will become more familiar with service mesh technology to help support successful cloud-native adoption. A service mesh is an infrastructure layer used for managing, securing and optimizing communication between microservices. It’s critical that organizations become proficient with the technology when transitioning to a cloud-native approach, which typically leverages microservices-based app architectures. With heavy use of microservices, cloud-native apps are much more complex and harder to manage, connect and secure than legacy apps. Existing point products, such as load balancers and web app firewalls, were not built for modern apps. To properly manage communication between microservices in cloud-native environments, enterprises will increasingly adopt service mesh technology.
Trend #3: NetOps and SecOps help DevOps shoulder the burden for cloud-native apps
Successfully executing a process as complicated as cloud-native app adoption requires the involvement of many different teams. Many enterprises think they only really need developer and DevOps teams to drive cloud-native app adoption. As a result, they end up with unsecured, poorly performing cloud-native apps, if they even get that far. In 2021, DevOps teams will deploy more collaborative infrastructure platforms that will enable them to bring in NetOps and SecOps to help “share the load, but without delays” to better transition to a successful cloud-native environment. These groups will collaborate far more effectively and openly than they have in the past.
The growing distribution of apps across multi-cloud and edge environments is a trend that will continue to shape the industry over the next few years. In fact, Gartner named distributed cloud as one of its Top 10 Strategic Technology Trends for 2021.
While there are several challenges to supporting apps and data in these highly distributed environments, security will be one of the most critical considerations. Few existing solutions and approaches were designed for such environments, and organizations must embrace new methods to safely make this transition. As a starting point, they should implement machine learning capabilities to automate API security processes, adopt service mesh technology to manage and secure communication between microservices, and enforce collaboration between DevOps, NetOps, and SecOps teams to create successful cloud-native environments.
About the Author
Ankur is the founder and CEO of Volterra. Previously, he was the founder and CEO of Contrail Systems, which pioneered telco NFV and SDN technologies and was acquired by Juniper Networks in 2012. Contrail is the most widely deployed networking platform in Tier 1 telco mobile networks (AT&T, DT, Orange, NTT and Reliance JIO), and is used in many SaaS providers’ cloud deployments (Workday, Volkswagen, DirecTV). Prior to Contrail, Ankur was the CTO and VP Engineering at Aruba Networks, a global leader in wireless solutions. He holds an MS in Electrical Engineering from Stanford University and a BS in Electrical Engineering from the University of Southern California. Ankur can be found online at @asingla77 and at our company website https://volterra.io/.