Performance Drives Innovation and Security Vendors Need to Keep Up | Network World
In 1969, the very first e-message was sent over the ARPANET from computer science Professor Leonard Kleinrock’s UCLA laboratory to a network node located at Stanford. That event kicked off a digital revolution that has utterly transformed our world. And ever since that first defining moment, the one question that has driven nearly all subsequent digital innovation has been: “How can we do this even faster?”
We are still wrestling with that same challenge today. The latest advances in computing, such as edge device hyperconnectivity and the hyperscalability achievements of advanced data center architectures are the result of the desire to achieve better performance. Speed is the driving force behind the digital transformation of today’s business infrastructures. It enables access to critical data and resources, drives business efficiencies, scales application development, increases productivity, generates revenue, and accelerates ROI.
The convergence of hyperspeed, hyperconnectivity, and hyperscale
At the extreme edge of this is the convergence of hyperspeed, hyperconnectivity, and hyperscale to enable the super-fast transfer of astronomically massive data sets required for things like advanced pharmaceutical research and aerospace modeling. Similarly, dynamic e-commerce and massive multi-user environments like online gaming, along with hyperscale architectures employed by financial services, insurance companies, and cloud providers require speed and scale to support customers and maintain service levels.
But that is only the beginning. The next generation of smart cars, smart cities, and smart infrastructures – including transportation, power grids, manufacturing, and more – augmented by AI and Machine Learning, will all require the management and processing of massive amounts of Big Data. Providing sufficient performance and processing to support these new architectures will require even faster and more efficient infrastructures.
All major digital innovation is now powered by custom CPUs – except security
To achieve this, organizations like Apple, Microsoft, Google, and Amazon have all spent years and millions of dollars developing advanced, custom-built GPUs, TPUs and ASICs to accelerate processing at scale. Unfortunately, security is one of the few remaining barriers to achieving the fast and secure hyperscale and hyperconnectivity that these new architectures require.
With one exception, no security tools on the market today are capable of processing data fast enough to support these new super high-end performance and scalability-oriented use cases. Which leaves those organizations with the serious choice of either slowing down their networks or reducing their security.
Part of the challenge is that firewalls require massive amounts of computing power to inspect data, detect malicious content, or prevent cyberattacks – far more than any router or switch. And according to a recent Google Transparency Report, between 80% and 90% of all internet traffic is now encrypted, which only increases the demand for accelerated security performance. In fact, inspecting encrypted data takes such a significant toll on firewall performance that most manufacturers won’t even publish their numbers. All of which makes providing real-time inspection for hyperscale environments next to impossible.
We are the only security vendor with an active ASIC development program – other vendors need to step up
The problem lies in the fact that there is really only one security vendor that has taken the time and energy, like those other manufacturers have done, to develop security processors capable of keeping up with today’s performance demands. Open virtually any security device – even the most expensive firewalls – and you will see that they are filled with off-the-shelf CPUs that were never designed to perform the sort of security tasks today’s high-performance environments require.
Of course, security software engineers employ complex coding tricks to try and overcome hardware limitations and stretch the physical limitations of the processors they have to work with. Unfortunately, there is a limit to how far this strategy can go. The harsh truth is, it’s simply not possible to compensate for the performance impact of hyperscale and hyperconnected environments using software design tricks.
Of course, none of us would put up with this in any other technology. And of all the systems that could benefit the most from custom-designed processors, security is at the top of the list. However, Fortinet is still the only security manufacturer to develop security and network processors designed to provide critical security functions at the speeds today’s advanced hyperscale environments require.
And the numbers speak for themselves. When compared to industry averages, security solutions equipped with our just-released NP7 network processor provide 14X firewall performance, 14X IPSec performance, 4X more concurrent connections, a 20X increase in the inspection of SSL-encrypted traffic over the rest of the competition, combined with 12 million concurrent connections at 195 Gbps Firewall throughput – enabling these tools to support today’s most challenging hyperscale uses cases that traditional security solutions simply can’t address.
Performance is the Gold Standard for digital innovation
Of course, digital innovation isn’t going to stop here. The performance achievements of today will be the bottlenecks of tomorrow. Which is why security vendors need an active and robust hardware development strategy in place. Without it, the gap between ongoing digital innovation and the traditional hardware solutions offered by the majority of the security industry is only going to widen. If those security manufacturers want to provide essential protections for today’s and tomorrow’s most demanding environments, while remaining affordable enough to be deployed everywhere they are needed, they will have to fundamentally change their development strategy.
But they are going to have to hurry, because ASIC development is a long and expensive process and they are already several years behind.
Security performance will increasingly be the gold standard for organizations operating at the cutting edge of digital innovation. Security vendors need to change their development strategies if they want to actively support and secure the increasingly complex and bandwidth-hungry networks, applications, and services on which their customers – and our digital world –increasingly rely.
Click here for more information about Fortinet’s new FortiGate 1800F and here for more information about the next-generation Fortinet NP7 processor. The combination offers unprecedented performance and FortiGate’s wide range of market-leading security solutions and service.