The Problems With Cloud Only

Henry Ford famously allowed customers to buy a Model T in any color that they wanted, as long as it was black. It seems like security vendors are giving customers a similar choice, only offering a cloud-based solution. Is this the right approach?

All customers are not alike, each requires their own path to the cloud. Those that are more risk averse need on-premises, cloud or hybrid deployment options – no surprise! I sat down with Rob Greer, GM of Symantec by Broadcom to get his thoughts on how some vendors are changing their stories about “cloud only” and how Symantec has always supported our customers’ choice. 

Nate Fitzgerald: For many customers, the last three years have been a bit of a “land run” to get to the cloud at any cost. How has Symantec evolved over that time to address these needs and help customers make the move? 

Rob Greer: Symantec went through our own cloud transformation. Just over 3 years ago we completed a project to move our cloud infrastructure from traditional colo data centers to Google Cloud. It gave us a powerful new tool to improve customer outcomes. For example, we can add capacity in a few hours. In colo, it takes several weeks to a few months to do the same thing. When we rolled out our “Dedicated IPs” feature, we did it in a few days, instead of over the several months as required by most of our competitors when running out of colo-based PoPs. We can add a million users of capacity to the Symantec Cloud quicker than our competitors can cut a PO for more servers. Cloud is really good at situations where capacity needs are unknown, one day to the next. 

Nate: What are customers saying about their transition to the cloud, and what are their perceived challenges? What keeps them up at night? 

Rob: I’m hearing a few common themes: First, the transition is “not as easy as other vendors claimed.” Second, many companies are second-guessing their cloud strategies across the board because of cost. Third, most enterprises discover new critical needs during their migration, leading to urgent feature requests, or last-minute vendor changes. Finally, many are realizing that a phased, hybrid approach is the best option for them. Simply going to the cloud because it’s possible to move to the cloud does not always make sense. Some large, relatively static workloads are better handled with a hybrid approach, for now.

Nate: Why do you think these themes are so common?

Rob: These large enterprises are, “unwinding” decades of network and security infrastructure decisions, tech debt, and complexity. It’s a lot like moving to a new house. It’s always more work than you imagined. You find things you had forgotten about years ago. With each surprise, you have to decide whether to keep it the way it is, move it to the cloud, or throw it out. We seek out these use cases and help customers make the best decision and then execute. Sometimes that’s us delivering a new feature in the cloud, sometimes it’s best practices guidance.  

Nate: What are the limitations customers raise about a pure cloud transition?  

Rob: Some customers realize that moving to the cloud just to say “we’ve moved to the cloud” isn’t the right approach. Some workloads just don’t make sense to move. For example, a customer with a 15 gigabit on-premises server workload wanted our opinion on how to handle a possible move: Cloud vs on-prem. We told that customer that while they could send it to the cloud, the effort required to get it there wouldn’t be worth it. The more practical solution was to simply handle it with our Edge Proxy capability. On-prem isn’t considered “sexy” right now, but in this case, it was the right answer. We also see cases that require on-premises inspection for regulatory or internal compliance reasons. 

Nate: What have other vendors done to respond to their needs?

Rob: The idea of accepting a less flexible, less informative solution isn’t playing out for customers, and other vendors are realizing this. Some vendors have been oversimplifying or overselling their pure cloud solutions, but customers are demanding the right solution, rather than a “our cloud security fits all” approach. Some vendors are changing their strategies. A “born in the cloud” or an “all-cloud/only-cloud” strategy has quietly changed to offering on-premise solutions to meet these needs. Notably, one vendor, famous for ceremonially smashing appliances at trade shows, recently introduced…an appliance.

Nate: What has been Symantec's strategy to help customers solve these issues?

Rob: We have always developed solutions driven to solve customers’ unique needs. This includes a cloud-native Secure Web Gateway that also supports on-premises use cases, delivered more than a decade ago. We allow a truly hybrid architecture to drive the outcomes our customers expect, not just check-box features. In addition, offering a single agent that handles all cloud use cases (and optionally endpoint protection as well) helps those customers reduce sprawl on the endpoint and support network and DLP security. We’ve simplified our network security solutions by allowing customers the flexibility to deploy cloud and on-premises as a single license, without sacrificing security and visibility. Mix and match on-prem and cloud on-the-fly without having to renegotiate. Other vendors are now validating this strategy by developing their own on-premises footprints while downplaying their years of rhetoric calling for an end to those strategies. It’s really enjoyable seeing those vendors validate what we have been doing all along. I get a good laugh out of it.

Nate: What recommendations would you have for customers as they move to the cloud?

Rob: In the short term, organizations should focus on realistic security results that have minimal impact on business operations using what they have. In the long term, they should partner with security vendors that can help them move to the cloud but still deliver the needed outcomes to their unique challenges, without sacrificing security – Don’t move to the cloud just because others claim that’s what you must do. Transitioning to the cloud at a comfortable pace that allows a safe and methodical approach should be the path for any organization.

For more information on Symantec’s cloud journey see Driving the Future of Security Innovation.