Getty Images/iStockphoto
GSK unifies networking and security for cloud migration
Sessions at ONUG Fall 2023 emphasized the value of a unified networking and security approach. GSK integrated the two to begin its digital transformation journey to the cloud.
The most prevalent networking principles a few years ago included cloud integration, virtualization and software-defined networking. Now, networking has entered a new era, according to ONUG co-founder and co-chairman Nick Lippis during a session at the recent ONUG Fall 2023 conference in New York City. The COVID-19 pandemic contributed to wide consumption of AI, cloud services, multi-cloud, remote access and IoT.
The features that were once important to networking remain, but others have emerged as well. As a result, networking needs a new model to manage this complexity, Lippis said. This new networking model prioritizes security as the two disciplines further align in organizations.
When GSK -- a London-based pharmaceutical company -- began its digital transformation journey to the cloud, the organization used a unified approach to networking and security. This approach was integral to the process migration, said Mohamed Khalid, GSK director of enterprise architect hosting services, during another conference session.
Networking and security in GSK's digital transformation
GSK's internal customers work in R&D to discover new medications. They work with an influx of data that comes from various sources around the world, such as research labs, universities and third-party partners.
Khalid said his team needed to help customers collect data and glean insights, as well as help them manufacture medication at scale. They needed to enable digital transformation to use new technologies for faster drug discovery and manufacturing, and cloud adoption was the first step in the process.
"We knew this wasn't possible in the data center, and cloud allowed us to provide these new services at a rapid speed and scale," Khalid said.
GSK has multiple locations in regions around the world, so the organization chose to adopt cloud services from two providers to build a multi-cloud environment to support its data. When GSK's infrastructure team built its cloud platform, Khalid said they had three main goals in mind:
- Build a reliable and secure cloud platform.
- Enable self-service to support customer UX.
- Connect the entire cloud environment.
The network fabric played an important role in enabling connectivity between GSK's multi-cloud environment and the network edge, SaaS and third-party partners, Khalid said. Additionally, the network provided secure control with tools like firewalls and API gateways.
"Without the network, we couldn't create a foundation," Khalid said.
Integrating security further helped GSK streamline how it offered secure controls in the cloud. For example, Khalid said using identity and access management (IAM) lets his team use resource hierarchy, a process that creates segmented portions of the network. GSK can provide specifications to certain slices and define policies from cloud providers. The policies enter GSK's security information and event management platform, which security professionals use to monitor the attack surface.
Cloud application owners in the research business unit can segment the entire unit from the research down to the project where the resources exist. Segmentation permits users to access only the specific resources within this portion of the network. Khalid said his team enabled this feature for customers and used IAM in the network perimeter.
For more technical applications, depending on its needs, GSK uses network macrosegmentation or microsegmentation on top of the existing IAM portion. The application operates in its own virtual network in the cloud, and Khalid said his team can decide which users access certain segments of the cloud.
GSK also uses routing and firewall policies to control traffic flows between the segmented virtual networks in the cloud. GSK is currently in the process of deploying a single control plane to manage traffic between multi-cloud networks in different regions, Khalid said.
Simplified operations with unified networking and security
Although GSK's first goal for digital transformation was to transition to the cloud, it unified networking and security to aid the process. The path GSK took to combine networking and security is one that many organizations have taken or will eventually take. According to Lippis, 35% of 276 IT professionals ONUG surveyed said they were combining their network operations center and security operations center into a single incident response center. Another 10% said they had already consolidated their teams.
Lippis said data management is one of the top benefits of a unified network and security approach because it gives organizations more insight into the network. This visibility lets network professionals gain trust in their system, which makes it easier to implement additional technologies, like AI and machine learning.
Regardless if organizations choose to combine networking and security for digital transformation or to simplify complex management, the lines between the two fields will continue to blur as organizations apply new strategies to network management.