Here are the five trends I believe will have the greatest impact on networking and security in 2025:
Prediction 1: Data is recognized as the currency of AI, not GPUs
When people think of AI, often the first thing they think about are the GPUs used to train large language models. And when they think of networking for AI, they jump to the GPU interconnect used in training systems, be it InfiniBand or 800Gbps Ethernet. While the GPUs and interconnect are fundamental to enabling the AI ecosystem, the quality and quantity of data that feeds these models is just as, if not more important. The broader network outside the datacenter plays a key role in collecting and aggregating the telemetry and other data that feeds AI analysis and decision making. And because the diversity and quantity of data influences outcomes, organizations will be inclined to expand instrumentation and collect more data. As a result, organizations will be putting a stronger emphasis on ensuring their networks are robust enough to handle the data required to feed their AI models.
Prediction 2: The network becomes a security solution
Back when the internet started, the role of the network was to connect any endpoint to any other endpoint. In those days, a professor at one university location could access servers on the internet anywhere in the world. However, as connectivity spread into the workplace, businesses quickly recognized that security was a must-have to keep intruders out, and the firewall was born. Firewalls were designed to protect network resources, first by controlling inbound and outbound traffic, and later to segment the internal network to protect select resources, preventing bad actors from moving laterally inside of the organization. Segmentation in response to escalating security threats has led to a proliferation of firewalls in the last few years and organizations are now looking for ways of simplifying their security implementations. The good news is simplification is becoming possible as firewalling and segmentation become built into access points, switches and gateways, and these devices are in turn controlled by a unified, organization-wide policy.
The real catalyst here is the introduction of zero-trust networking. It is not just a buzzword. Zero trust networking provides a path for a clearer delineation between the definition of security policy and security enforcement. Security policy remains the responsibility of the CISO and their security organization. But instead of enforcing it with thousands of ACLs in each of the hundreds or thousands of firewall appliances, the network itself can now implement the policy. In a sense the network’s role becomes not to connect anything to anything, but to facilitate just the connections that match the security policy with a default deny. Compared to a siloed approach with an any-to-any network segmented by firewalls, this “network as a security solution” will simplify operations for both the network and security teams.
Prediction 3: Security controls are unified on-prem and off
The hybrid workplace, where you have users accessing the network from multiple locations, is a reality for most businesses. Traditionally, IT teams have treated remote users as a special case, different from users that are at a site belonging to the organization. With different policies come different experiences and complexity for users, particularly for the new majority that straddle both use cases. Universal Zero trust-based network access (U-ZTNA) solutions provide a path to unify the experience. By applying the same identity-based rules universally, independent of location, the security posture and the consistency of user experience are improved.
Today, ZTNA solutions are mostly being deployed to secure remote users, and typically the enforcement of the policy happens in cloud points of presence (POPs). To apply these solutions to on-prem users, all on-prem traffic also needs to be redirected to a cloud POP. For some use cases, where the destination application is cloud hosted, using a cloud POP as a way point for enforcement makes sense. But when the application or resource being accessed is on prem, “trombone routing” via a cloud POP can be inefficient. And unnecessary, because universal ZTNA solutions are evolving to allow the same policy enforcement to happen on-prem, relying on the security built into the network that we discussed in Prediction 2.
Finally, a full universal ZTNA solution can enforce policy not only for people accessing applications, but for IoT devices as well. Traditional ZTNA typically relies on a client agent or browser to intercept session establishment to redirect traffic to cloud POPs and enforce identify based policy. It would be ideal to be able to do this for IoT devices, but most IoT devices are closed, and cannot have agents installed. This means a different approach is required. Universal ZTNA for IoT requires on-prem device authentication and on-going monitoring, and ideally on-prem enforcement as well, once again reinforcing the trend to build security into the network.
Prediction 4: AI enables faster network technology adoption
In the last few decades, being a network admin has required knowing all the details of an arcane CLI, achieving specialized certifications, and dedicating substantial time to keeping their knowledge base current. Often, more time spent on maintaining skills means less time focusing on the problems that the business wants solved or the experiences that users want to have. In comes the promise of AI. With AI, admins can provide an AI assistant with a high-level definition of what they want to accomplish, and the assistant can provide not only instant help, but also propose solutions. The admin doesn’t need to recall complicated CLI commands to make it happen and can apply a solution across a network or group of devices without tailoring CLI for each device. AI can also enable the IT admin to maximize network performance by automatically tuning parameters based on learning generated by data collected across millions of devices. All of this makes it possible to flatten the learning curve, speeding up the onboarding and optimization of new technology, and in the process, breaking some of the shackles that have tied IT admins to a network incumbent.
Prediction 5: AI-Ops extends to support multivendor and multidomain IT
Almost every network vendor talks about how they are using AI in their management platforms, and each claim similar capabilities and benefits to their solutions, but to date those platforms only provide benefit for their native network elements. The impact of AI is then limited in scope since it can’t see the “invisible” third party infrastructure. What we’ve heard from many customers is that they are really looking for a single AI-powered platform that can provide observability and insights across different vendors devices, rather than deploying several vendor specific AI frameworks, each only seeing a part of the infrastructure. And the trend extends beyond the realm of the network too. Organizations want to correlate and identify multi-domain problems that span compute, storage, and networking, and be able to leverage the telemetry data coming from all these sources to deliver better outcomes. The power of AI in this area has yet to be fully unleashed, and the momentum that is building this year is exciting.
So here’s to a bright and empowering year in 2025
Poised with the promise of powerful innovation, this year will provide plenty of opportunity for your business to grow and thrive. Watch the video to hear my networking and security predictions for the year ahead.
David_Hughes
David Hughes is Chief Product Officer for HPE Aruba Networking
