Security / April 17, 2017

Why We Can Control the Network: A Q&A with BAI

For decades, our channel partner BAI has been a bridge between Silicon Valley and the U.S. Federal Government, offering a product portfolio and “mission-first” approach that directly address the needs of the latter to manage and protect modern networks. To learn more, my team recently met with BAI Senior Director of Operations Ryan Morris to ask about current trends he is seeing, including what challenges federal agencies may face and how Gigamon can help.

What challenges are you seeing in the federal sector?

What I’m not seeing is a budget issue. From a cybersecurity perspective, the federal space is fairly well-funded. The challenge, instead, is that many organizations have several disparate teams, each of whom have purchased myriad different products. It’s my job to help bring them all together. I look to take several years’ worth of investments and advise on how to make them work holistically, rather than as stovepipes, so that these organizations can get the most out of what they already have.

What’s one of the biggest changes you’ve seen in the past few years?

For us, one of the coolest things is that we no longer need to evangelize products that our customers have never heard of before. We built our practice around three foundational platforms: Gigamon, Palo Alto Networks, and Splunk. The customers we support already have a foundational understanding of their purpose so we don’t have to spend time explaining the space. We can now jump right into more complex and interesting projects that can help our customers make a significant change in the way they respond to events. Today, our customers are building on strong foundational security platforms which allow us to assist with the implementation of elegant and advanced integrations.

In fact, thanks to the growing brand-recognition of these top partners, we’ve seen a “tech” to “business” shift. BAI is working less with “early adopters” and more at the C-level with CISOs, security architects, and mission leaders. Our conversations revolve more around how to apply these technologies to help the business.

What is the advantage of working with BAI?

BAI works in support of the DOD, Civilian Federal Government, and many Commercial Fortune 1000 accounts. The individual missions vary dramatically, but they are all enabled and accelerated by technology. That technology is now connected and the threat surface has changed as a result. “Computer security” has quickly become “Everything security” and so we have developed a very narrow focus on a small number of highly efffective and flexible security vendors, like Gigamon, who lock down the network and provide agility as needs inevitably change. BAI brings hyperfocused expertise around a small set of foundational technologies so that our customers can get it right the first time and continue to evolve every single day they step into the office.

Why Gigamon? How important is the visibility to data-in-motion that we provide?

Visibility is tremendously important to security, and to the defense-in-depth security model BAI has supported for years.

While companies have traditionally placed point solutions at the gateway in attempts to protect their inside from the outside, BAI has proven time and again that, as networks expand—especially with mobility and cloud computing—the gateway is but one threat surface. Companies need to be able to monitor east-west traffic and lateral movement to detect anomalous behavior within. They need visibility. And with Gigamon, they get the pervasive visibility they need to get more out of existing investments.

What’s the biggest benefit of working with BAI and Gigamon?

It’s about gaining agility—both technical and political. With Gigamon, organizations can access whatever they need from whatever tool at any given time. That’s technical agility.

But even more important is how Gigamon can remove the political barriers that tend to pervade the federal space, where everything is often completely stovepiped. For our customers, Gigamon solves that problem by giving them one common fabric whose sole purpose is to provide access to the data they need. That’s political agility.

What do you see happening in the future?

We’re also starting to understand the way networks naturally evolve and, consequently, what is out of our control. For instance, we know we won’t have control over all network devices—it’s impossible to have an agent on every single one. We also know we can’t control people—they don’t always understand or care about security and will try to go around any limitations placed upon them.

By understanding where we can’t be successful, we can steer toward where we can be successful. And that’s where Gigamon comes into play again. We know we can’t control devices or users, but we have control of the network. And that’s a big deal. The network is an optimal place to layer in security, with Gigamon as an insertion point for defense and prevention mechanisms.

What about encryption?

With 60 percent of gateway traffic now encrypted, there’s no question it’s an issue, but not everyone is sure of the best approach to solving the problem; they’re looking for guidance. Some innovators want to be the first to tackle it, but many more want to be last, preferring to see if others fail before they jump in. SSL decryption is available today and many companies, like Gigamon, can satisfy technical requirements, but maintaining compliance with industry standards and implementing in a way that doesn’t put network availability and integrity at risk can be very challenging. Our aim at BAI is to educate and guide folks down the right path as best we can.

Do you see increasing migration to the cloud? If so, what types of data are they moving?

In a big way. Our customers have been “cloud first” on paper for a long time, though many have been constrained by compliance mandates and others simply did not want to be the first to move. Now, we are finally seeing more FedRAMP-approved cloud services that federal government can take advantage of—and it’s happening quickly.

Right now, Office 365-type services (e.g., email, SharePoint) are the most common applications migrated because they tend to be relatively easy to move and offer a great return on investment. However, from a security perspective, it is concerning that many organizations approach these migrations with a stronger emphasis on availability and compliance than on true security. Maintaining a “data-centric” security model in a world dominated by cloud computing is possible with technology available today, but security architects must play an active role and build security in from the start. This can be challenging, but these projects are a blast for security practitioners and we really enjoy coaching organizations as they prepare to take the leap.

What’s the value of Gigamon’s upcoming Cybersecurity Summit in Washington, D.C.?

Easiest question of the day. In the federal space, we are focused on the task at hand and often head to our cubes and drop down to the command line. It takes events like the Cybersecurity Summit to get people out and around their peers. It forces everyone to think a bit bigger, to see the forest as well as the trees.

To learn more, register to attend Gigamon’s 2nd annual Government Cybersecurity Summit on April 26 in Washington, D.C., featuring a keynote from General James Clapper, former Director of National Intelligence.

Back to top