Virtualization Technology News and Information
VMblog Q&A with Shehzad Merchant of Gigamon at the 2020 RSA Conference


Are you attending this week's RSA Conference?  This is the world's leading information security conference and exposition taking place in San Francisco.  To get ahead of many of the security topics that will be discussed at the show, VMblog spoke with Shehzad Merchant, Chief Technology Officer of Gigamon, the company providing network visibility and analytics on all information-in-motion across physical, virtual and cloud environments.

Gigamon Logo


VMblog:  What are you most looking forward to at RSA?

Shehzad Merchant:  I look forward to RSA every year. It's a great opportunity to reconnect with other security professionals. This year, I am particularly excited to see and discuss some of the technologies that are at the intersection of virtualization, cloud and cybersecurity. Security for many years had taken a back seat when it came to digital transformation - driven by virtualization and the cloud. In fact, security was almost an afterthought in the journey of digital transformation and the move to the cloud. But we are finally seeing that change with cybersecurity becoming front and center of the cloud migration conversation. I am also very excited for our presence at RSA, as we have had an amazing year with record revenue growth and the strongest fourth quarter in the company's history. We will be located at booth S-1243 showcasing network visibility, analytics and security product innovations that work across the hybrid cloud. I encourage readers to swing by the booth or coordinate a meeting to learn more about the role of network visibility in any organization's digital transformation strategy.

VMblog:  What are the largest security market trends that Gigamon is solving?

Merchant:  We live in a digital age where connectivity is almost ubiquitous. And mission critical systems are now coming online. With this, we are seeing a shift in the nature of cyber-attacks. Whereas attacks on confidentiality of information used to dominate the headlines, we are now seeing attacks on the integrity and availability of systems.

One of the important approaches to detect breaches in this connected world of users, devices, and systems, is to monitor the network traffic for footprints that can lead to the attacker as well as identify and enumerate all the applications, devices, and users on your infrastructure. This is an area where Gigamon along with its partner ecosystem is making a big difference. Indeed, this approach is at the heart of the Zero Trust architecture.

Zero Trust is a significant architectural shift in how organizations model their security strategy. It is rooted in the fact that we can no longer imply trust, based on whether an asset is on the "Intranet" or the "Internet". In other words, all assets be it a user, device or an application, need to be identified, authenticated and access controlled. And from there on continuously monitored. 

At Gigamon, we have a firm belief in all organizations taking a Zero Trust strategy where they understand, manage, and most importantly, decrease implicit trust across their infrastructure. Think of Zero Trust as a journey that is always changing and requires consistent monitoring. It is an ongoing process that provides additional security with each step.

VMblog:  What are some network security best practices you would deem critical?

Merchant:   I would break this down into three pillars or three areas of best practices. The first is practice good hygiene - things like multi-factor authentication, network segmentation and endpoint protection. The second pillar is continuous monitoring and detection. And here it is important to leverage the network wherever you can for visibility. The network is perhaps one of the most content rich sources of telemetry. And the third pillar is automation and rapid response.

And let me offer one practice to perhaps start deprecating - and that is trusting a user or device or application just because it is on the "Intranet". That implicit trust is the root of many breaches. From a Zero trust perspective, whether an asset is on the "Intranet" or "Internet", it should be treated no differently. Getting to this point is a journey. But start with setting that as an explicit goal and then take steps towards that goal.

VMblog:  What are some top priorities for security leaders at RSA to achieve Zero Trust?

Merchant:  The starting point for any security leader is to recognize that Zero trust is a journey that starts with mapping out and understanding all the assets (users, devices, applications) on the network. This is the starting point. From here the next set of priorities quickly evolve to putting in place an authentication and access control strategy, using multi-factor authentication for all applications, segmenting legacy assets, and putting in place a continuous monitoring strategy. These can happen sequentially or in parallel based on the capabilities and skills in the organization. It is important to not try to do too much all at once, but pick a few of these areas to focus on and incrementally move the ball forward.

VMblog:  What are some common misconceptions about Zero Trust?

Merchant:  It is important to recognize that Zero Trust is not a product. Zero Trust is a framework, and a journey. And while many organizations have a hard time believing that Zero Trust is achievable, it is a journey that all organizations can embark on with some basic steps. In most cases, organizations shy away from the concept simply because they don't know where to start. And many organizations focus on the end state and attempt to boil the ocean all at once to get there. My suggestion is don't try to boil the ocean. Start with the basics and build upon it incrementally. Map out your assets, multifactor everything, put in place a continuous monitoring strategy and build upon that.

VMblog:  How does Zero Trust provide a framework to address the complexity introduced by digital transformation?

Merchant:  Digital transformation involves the introduction of new applications that power the transformation. These applications typically run over a hybrid cloud infrastructure, with users accessing these applications over any available network - be it the corporate network, a guest network in a hotel or a hotspot in a cafe, or over a cellular network. Increasingly many of these applications are accessed via local breakouts from remote locations - aka SD-WAN, rather than hair-pinning the user's traffic back to a corporate network. This new world breaks many of the existing security assumptions that traditional security models or frameworks adhered to. Zero Trust provides a framework to address this complexity by systematically eliminating implicit assumptions of trust - for example implicitly treating the Intranet as being more secure than Internet, even when the user on the Intranet is using his own personal device that may have surfed suspicious sites over an insecure hotspot. Approaching security through a "Zero Trust lens" reduces complexity by providing a consistent approach to security and a consistent user experience irrespective of where a user is coming from - be it a hotspot, the corporate Intranet or another location. It helps organizations build in best practices for visibility into their infrastructure, across private, public and hybrid clouds.  

VMblog:  Any 2020 predictions related to Zero Trust VMblog readers should be aware of?

Merchant:  I expect Zero Trust to be scrutinized heavily in 2020 and in fact I expect that Zero Trust will go through its own hype cycle in 2020. This may lead to potential confusion as well. However, out of the ensuing confusion, I expect there will arise a better understanding of what Zero Trust is, what it is not, and how best to embark on the journey. I look forward to helping organizations embark on that journey.


Published Monday, February 24, 2020 11:45 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2020>