Welcome to the great cybersecurity debate of the decade of the 2020s: platform vs. best of breed! Where you land on this question carries significant implications for network performance, security fidelity, operational efficiency as well as innovation. It also brings up the question of vendor dependence. So, let’s dive in and look at both sides.
The platform playbook
Platform is the consolidation of various networking and security functions into a single, unified platform provided by one vendor. The objective is to simplify management, reduce procurement complexities, and ensure a cohesive integration of features and tools. From a leadership perspective, it checks the boxes nicely. That said, it’s not all sunshine and roses. Now for the dark clouds…
Vendor lock-in is a significant concern for the “all in one” platform. Placing your security eggs in one provider’s basket can limit an organization's flexibility, making it challenging to incorporate innovative solutions from other vendors. Additionally, dependency on a single platform may also lead to complacency, where the vendor's motivation to innovate diminishes due to almost certain customer base. Then there is the classic monolithic platform concern – a single point of failure. If vulnerabilities are exploited, the entire network ecosystem could be at risk. Finally, this approach may result in a series of “lesser products” vs. solutions which meet the needs to secure the company.
Despite these challenges, the platform play is an attractive option to the security leader. Consider the complexity in stitching together various solutions and the operation burden which results from the alternative approach. For organizations that prioritize operations costs, ease of management rates high on their list. Moving to a single-vendor solution can provide a streamlined management interface, single point of contact for customer support, and near seamless integration of various security and networking functions. Enterprises with lean IT teams or limited resources may find a platform an excellent choice to meet operational goals while improving their security outcomes.
There is another upside: the promise of AI. Platform providers can continuously innovate and expand their feature sets, integrating promising technologies such as artificial intelligence, machine learning, and automation into their ecosystems. For AIOps, large datasets are the fuel you need to be successful. By moving to a single-vendor approach through a platform, telemetry can be easily collected, analyzed and displayed in an off the shelf manner. This can greatly simplify the benefits of predictive analytics, proactive threat mitigation, and enhanced network visibility without the need for multiple integrations.
The best-of-breed advantage
In the other corner of the debate, the best-of-breed strategy involves selecting and integrating top solutions from various vendors. The value here is each vendor and tool excels in specific areas. It’s like your own version of Marvel’s The Avengers. This approach allows organizations to tailor their security and network choices to their own unique requirements.
A study by the Ponemon Institute revealed that 71% of IT professionals prefer best-of-breed solutions over single-vendor platforms for security and networking needs. The reason? Preferences for flexibility, greater functionality and the opportunity to take advantage of innovation in an ever-changing security landscape. The goal is to position top technologies in a modular fashion to allow for an adaptable security and network approach which can swiftly respond to emerging threats and fast-moving business demands.
However, much like The Avengers, managing a best-of-breed approach presents its own set of challenges. Consider the thought of negotiating the minefield of superhero egos for a bit. Much like this, integrating multiple vendors requires significant effort in terms of configuration, interoperability, and ongoing maintenance. To gain the value out of the best-of-breed approach, organizations must ensure the solutions work collectively aligned and do not introduce operational inefficiencies. Additionally, vendor management and contract negotiations can become complex, requiring dedicated IT and procurement resources.
Despite these challenges, the best-of-breed approach allows enterprises to remain agile and responsive to industry trends. By selecting best-in-class technologies, organizations can finetune their infrastructure, adopting cutting-edge solutions tailored to their specific use cases. This approach is particularly advantageous in industries with specialized security or compliance requirements, whereas a single vendor may not offer the necessary level of customization.
Key considerations for decisionmakers
While both the platform and best-of-breed approaches have their upsides and downsides, the choice ultimately depends on an organization's specific needs and priorities. Leaders must evaluate factors such as operational complexity, integration capabilities, staffing levels, security objectives and long-term scalability.
The platform approach may appeal to organizations looking to streamline their operational burdens while seeking strong security outcomes but willing to sacrifice cutting edge innovation. The gains of say, a single glass for visibility and control can enhance efficiency and reduce operational overhead may outweigh the downside risk of missing out on the latest cloud security tool.
On the other hand, best-of-breed solutions allow organizations to adopt cutting-edge technologies from multiple vendors, ensuring that each component of their network infrastructure is optimized for performance and security. This approach can be particularly advantageous for enterprises operating in dynamic environments that require continuous innovation and adaptability. The tradeoff is you need to staff for engineers who can automate and manage a collection of solutions at various states of maturity.
Finding balance between two approaches
Rather than viewing the platform and best-of-breed as mutually exclusive, organizations can adopt a hybrid strategy. For example, enterprises can leverage a foundational platform for core networking and security functions while integrating best-of-breed solutions for specialized capabilities such as threat detection, AI-driven analytics, or cloud security.
The hybrid model allows to gain a best of both worlds option. Organizations benefit from the simplicity and integration of a platform while maintaining the flexibility to incorporate best-in-class solutions where needed. An example of an organization which could benefit from this approach would be a company that is in a multi-cloud environment, where the organization require interoperability between on-premises infrastructure and cloud-based services. Adopting a platform for “bread and butter” networking and security while opting for best of breed for Cloud security may be ideal.
By adopting a strategic approach, decisionmakers can ensure that their networking and security infrastructure remains resilient, adaptable, and aligned with their organization's long-term objectives. The key is to evaluate the specific benefits and trade-offs of each model and choose the one that best aligns with their operational goals, risk tolerance, and growth trajectory.
Conclusion
For CISOs and VPs of Networking, understanding the tradeoffs between the platform approach and best-of-breed is critical. Each approach offers advantages and challenges and must be weighed based on a company’s requirements and resources. Where you land depends on carefully assessing infrastructure requirements, integration capabilities, and long-term objectives.
If reducing the operational burden while maintaining reasonable security outcomes is critical, then the platform may be the best fit. If the operational team is strong and adaptive and the company is in a cycle of transformation, best of breed may be the ideal fit.
Finally, in an era of an everchanging business landscape, where agility and resilience are critical, adopting a flexible approach that incorporates the best elements of both models can provide a competitive edge and future-proof the organization's networking and security infrastructure. The key is to evaluate the pros and cons of each approach and determine your best path forward.
John_Spiegel
John Spiegel is Director of Strategy and Field CTO for the Axis Atmos SSE platform, powered by HPE Aruba Networking. He has 25 years of experience running global networks and managing infrastructure. He is an industry pioneer in software defined networking (SDN) and software defined WANs (SD-WAN). When not helping companies on their journey to modernize and secure their networks, John can be found cycling on the backroads of Oregon.
