There are only two options for managing a global multi-cloud network: either by using a combination of inference, hope, and intuition or with mathematical certainty. When conducting 5 million financial transactions daily, it’s essential to operate with certainty, regardless of your network’s size or geographical distribution. Auditors don’t accept inferences; they demand certainty when determining compliance, and a poor audit can be disastrous for the business.

We recently sat down with the director of IT for a global payment processing company, and his opening remarks were, “They say a picture is worth a thousand words; an accurate network map is worth a million words because things are so complex in the cloud.” This IT leader turned to Forward Networks to help make sense of the company network to ensure it was secure and behaving as intended.

Forward Networks creates a digital twin of the network by safely collecting configuration and state data from all devices and using publicly available APIs to reconstruct cloud presence. The platform then uses header space analysis to determine every path a packet could take, which delivers the most accurate representation of network behavior. The same information is used to identify security vulnerabilities and compute the blast radius of a compromised host.

According to the executive we spoke with, “We now have an easy way to understand the day-to-day operations of the network and how routes are being propagated with accurate insight into connectivity. We know if the infrastructure is properly connected and if the infrastructure zones are connected as intended.”

This degree of certainty has enabled them to automate application provisioning. When done manually, the process took weeks and had a significant backlog. It’s now possible to instantly verify the security of a new app and deploy it. This is helping them recognize revenue faster.

Read the case study to learn more about this company and the benefits they realized from implementing Forward Networks.

Network complexity is at an all-time high. Between legacy technology, hybrid-multi-cloud environments, and networks cobbled together by mergers and acquisitions, it’s impossible for people to keep track of the network, its topology, and behavior. The idea of trying to trace a path through a multi-cloud network seems akin to being asked to pull a rabbit out of your hat.

Chris Gundermann of Gestalt IT recently wrote about “Multi-Cloud Security Requires Multi-Cloud Observability with Forward Networks.” Chris is an expert on networking and multi-cloud technology. In the article he covers the importance of observability and its benefits.

According to Gundermann, “Network observability serves as a linchpin for maintaining a secure and resilient network infrastructure. In the realm of multi-cloud, achieving that observability is even more challenging due to the absence of unified visibility across cloud platforms. Forward Networks has risen to that challenge by extending their digital twin technology to major cloud providers.”

Read the full article to understand how Forward Enterprise helps SecOps teams control their network and prevent incidents.

Nobody likes getting audited or inspected. Well, almost nobody; there’s always one person who consistently blows the curve. They gleefully anticipate inspections because they know they’re going to get a glowing review. We all have names for that person, most of which shouldn’t be included in a business blog.

But what if, (bear with me) we could be that person? A leader who faces the inspection knowing that while they may find something that you could improve, you're dialed in, and everything is as it should be. That sounds like a lot more fun than the anxiety and stress that is more commonly associated with audits.

Cyber Command Readiness Inspections (CCRI) are DISA mandated and designed to ensure the security of all networks connected to the DOD information network. Inspectors will examine every part of your network looking for security posture awareness, standards compliance, vulnerabilities, and an agency’s ability to protect against cyber threats.

The inspection process is rigorous and methodical. The network itself is inspected as is your documentation. The good news is that the standards are published. It’s like getting the test questions before the exam. Inspectors will evaluate compliance using published guidelines, including:

So now that you know the questions - it’s a “simple” matter of finding the answers. This requires evaluating the network for compliance against thousands of specifications. In this context, having the questions before the test doesn’t make matters any easier. Trying to verify compliance, produce accurate documentation, and have the right culture and processes in place takes many agencies months of intensive manual efforts. Even then, they aren’t 100% confident they’ll pass inspection because networks are constantly changing, which could take them out of compliance. And manual documentation is out of date the moment it’s completed.

Instead of investing thousands of work-hours, there is a better way. A network digital twin can help index every aspect of your network, including topology, device configuration, and state across your multi-vendor, multi-cloud environment. This information is validated at regular intervals so it’s always up to date.

Custom checks can detect non-compliance and pinpoint necessary remediation efforts. And results are mathematically accurate.

If you’d like to learn more about how this works, read our white paper, Use a Digital Twin For Impeccable Cyber Command Readiness Inspections.

If you’d like to see Forward Enterprise in action, book a 1:1 consultation on using a digital twin to ensure CCRI readiness.

Forward Networks, a provider of network digital twin technology that delivers network agility, predictability, and security for on-premises and multi-cloud environments, made an announcement this week around new capabilities added to the Forward Enterprise platform that will give security and network operations professionals a single, actionable and contextual view of the network.

To learn more, VMblog reached out to David Erickson, the co-founder and CEO of Forward Networks.

VMblog:  Can you describe what you announced this week?  And what does it mean for customers?

David Erickson:  This week we announced new capabilities for our award-winning Forward Enterprise platform, that will help network and security professionals better understand and remediate vulnerabilities throughout the network, including endpoints. We've integrated with Rapid7 to combine end-device vulnerability data with robust and always-up-to-date connectivity analysis. Additionally, we've enhanced flexibility to define a security posture matrix. Now the security posture can be using the L2 through L4 segmentation methodology many enterprises have already employed in their network, e.g. VRFs, on-premises and cloud subnets, and cloud security groups. Forward Enterprise also now supports L7 path search capabilities using attributes such as user IDs, user group IDs, and application IDs to provide more granular connectivity insight... [READ MORE on VMBLOG]

New Product Features and Rapid7 Integration Provide End-to-End Security Posture Verification and Enhanced Visibility to Help Engineers Accurately Prioritize Remediation

SANTA CLARA, Calif., June 2, 2022 /PRNewswire/ -- Forward Networks, the only provider of network digital twin technology that delivers network agility, predictability, and security for on-premises and multi-cloud environments, today announced new capabilities within the Forward Enterprise platform that give security and network operations professionals a single, actionable and contextual view of the network.

By integrating with Rapid7, a leading provider of security analytics and automation, Forward Networks is combining end-device vulnerability data with robust and always-up-to-date connectivity analysis to help enterprise organizations address the challenges of the security talent shortage and flood of unactionable data. The combined data uniquely positions security teams to prioritize remediation efforts with mathematical accuracy.

"Forward Networks is the only company with a mathematically-based network digital twin that can accurately model current and possible network behaviors, information critical for security teams who need to act quickly and accurately," said David Erickson, Co-founder, and CEO of Forward Networks. "With this information just mouse clicks away, security teams can better assess the vulnerability of their network and prioritize remediation and prevention efforts by focusing on the exposures that present the greatest possible risk. Modeling a diverse group of hardware vendors, cloud providers, and integration partners, Forward Networks uniquely serves the needs of network, security, and cloud operations teams with a single source of truth so they can work strategically and proactively."

There are many tools that evaluate device vulnerabilities, but without the knowledge of how that device is connected to the network, security teams only have a limited view of potential exposure. Often, they choose to focus on keeping devices up to date no matter what vulnerabilities are detected, or they focus on vulnerabilities without considering the exposure of individual systems and devices. With the Rapid7 integration, Forward Networks is the only company that can show an organization's actual risk including on-premises, multi-cloud, and SD-WAN in an actionable single screen. This type of data presentation helps teams focus on the work that will have the most impact on the network.

In addition to the Rapid 7 Integration, Forward recently enhanced the security posture matrix and added Layer 7 (L7) application and user ID connectivity analysis to the platform to give security teams a comprehensive look at the security posture. New capabilities include:

Forward Enterprise is designed to simplify the management of large, complex, multi-vendor networks. It mitigates the biggest issue businesses face with network operations: risk. By creating a mathematical model of the entire network infrastructure, the software delivers a "digital twin" that serves as the single source of truth for the network. The actionable information presented in the platform helps engineers ensure their network is agile, predictable, and secure.

Forward Networks' new security features and Rapid7 integration will be available in July, and will be offered as part of standard licensing at no additional cost.

About Forward Networks

Forward Networks is revolutionizing the way large networks are managed. Forward's advanced software delivers a "digital twin" of the network, enabling network operators to verify intent, predict network behavior, and simplify network management. The platform supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

Forward Networks was founded in 2013 by four Stanford Ph.D. graduates and is headquartered in Santa Clara, California. Investors include Goldman Sachs, Andreessen Horowitz, Threshold Ventures, and A. Capital.

The cloud offers agility and speed for DevOps teams. Being able to spin up environments and create applications in a fraction of the time previously required helps organizations launch new capabilities for customers, employees, and vendors quickly. For most companies, this means reduced time to market and the ability to recognize revenue faster.

IT teams recognize the benefits of a DevOps culture, but they also know that by their very nature, new applications are prone to security errors that can put the business at risk. So, they require a security review prior to pushing new applications live. Nobody would argue with the need to ensure security compliance; however, most people would also agree that slowing down the process of launching new applications is not ideal. Companies today cannot afford to choose between speed and security — nor do they need to.

The only way to effectively address this issue is to automate the process of verifying the connectivity and security posture of cloud applications. Without automation, your IT teams cannot keep up with the demand to prove compliance for the rapidly growing volume of cloud applications.

The verification feature within the Forward Enterprise platform enables automated compliance checks for new applications in hybrid and multi-cloud environments. Developers are notified of the required changes if there's an issue, and compliant apps can be provisioned automatically with confidence. The intent and Network Query Engine (NQE) check feature also lets you continuously audit cloud configurations to prevent real-time changes from diluting security policy. If a non-compliant change is detected, the appropriate teams will receive specific, actionable data as to what the issue is and why it’s happening, enabling rapid resolution.

The ability to automate security for cloud app provisioning is just one of many powerful features in the Forward Enterprise platform that can help your organization reduce risk and enforce critical security policies as you deploy new cloud apps or migrate on-prem apps to the cloud. To learn more about how Forward Networks can help your business take the security and compliance guesswork out of cloud application deployment for good, read this use case or join our educational webinar.

Spring is in the air and that means that ONUG Spring is right around the corner! At Forward Networks, it’s feeling a little like Christmas in April because we’re so excited to meet in-person, and we hope you feel the same. Our booth is polished, our presenters are on fire, and our capabilities for solving multi-cloud problems are unparalleled.

In addition to an in-person and virtual booth staffed by hands-on technical experts, we have two exciting presentations planned.

On Wednesday, April 27 at 11:20 a.m., our director of product, Natale Ruello, will share how our customers use the Forward Enterprise platform to verify security policies in their hybrid multi-cloud environments. If you’d like a preview of the challenges he’s going to address, check out his ONUG blog post: Is your multi-cloud estate secure?

On Thursday, April 28 at 2:25 p.m., Josh Matheus, Managing Director at Goldman Sachs, will detail the pain points that motivated the need for a single source of network truth, describe the process of selecting and implementing a digital twin, and outline the results that his network team has achieved since deployment.

If you haven’t registered for the event yet – please use our discount code to save 20% on your registration by using the code: Forward22. We hope to see you there or at another event this year.

If you can’t attend in person, don’t forget to check out our virtual ONUG booth where you can ask questions and see the technology in action.

A six-figure surprise is awesome when it’s a lottery win. It’s not so awesome when it’s the “Amount Due” appearing in your monthly cloud bill. But enterprises receive these “surprises” all the time, and what can sting even more is trying to explain this preventable expense to management.

Inefficient (not optimized) traffic routing to and from your various cloud instances and other services can hurt your business in other ways too. It can lead to bandwidth and latency issues that undermine network and application performance. And while your cloud users likely have no clue what network path they’re taking to get to the resources they need, if their experience stinks, you’ll hear about it.

There’s a quick and easy way for your engineers to find and fix inter-cloud routing mistakes before they become costly problems: with a proactive intent verification in Forward Networks. We recently announced that Forward Enterprise now supports all major cloud providers (AWS, GCP, and Azure) to create a digital twin of your entire hybrid multi-cloud estate. This use case has been very well received by our current customers.

The intent verification feature in Forward Enterprise lets you confirm that all the traffic patterns to, from, and between your cloud environments — and across your cloud instances from providers such as Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure — are configured in-policy. Even if a path works, it may not be the most direct route the traffic could take which creates latency for users and/or racks up unnecessary connection charges for your enterprise.

With proactive intent verification, you can ensure your cloud traffic configurations are in-policy. And you’ll find no more big surprises in your monthly cloud bills — at least, from inter-cloud routing mistakes.

For more details on the intent check feature from Forward Networks, join our technical solutions architects for a demo of the capability in action or read this use case.

If your enterprise is like most of Forward Networks’ customers, then your IT shop oversees a sizable cloud estate. You probably have hundreds of accounts, projects, or subscriptions across different cloud vendors. There are tons of related objects too — virtual machines, firewalls, transit gateways, subnets, and more. And cloud-native apps? Maybe you have hundreds of those in use or development as well.

Your IT team needs to manage this complex environment efficiently and effectively. Yet, it’s unlikely they know exactly what that environment looks like and how everything in it relates to and interacts with each other. No doubt, they’re also unsure whether the company’s networking and security policies have been properly extended to the cloud. Meanwhile, your cloud estate keeps growing and changing all the time.

Given how critical cloud platforms and applications are to supporting your business, your IT team really can’t go on without access to granular, real-time, and historical insight into what’s happening in your cloud environment. They don’t have that insight for a host of reasons, from the lack of appropriate tools to insufficient knowledge about specific platforms. But they can get that insight with the Forward Enterprise platform from Forward Networks, which presents the single source of truth about your cloud infrastructure in a single pane of glass.

In Forward Enterprise, your IT team gets a comprehensive and always up-to-date view of your cloud estate from a global level down to a specific instance. The platform provides the most complete and in-depth path analysis, custom verification, and visualization capabilities for on-premises environments and multi-cloud estates that span across multiple vendors such as Amazon Web Services, Google Cloud Platform, and Microsoft Azure. And if your IT team wants to explore a specific aspect of the cloud infrastructure, they can drill down on the details with a single click.

Your organization’s multi-cloud environment is a big investment for your business, and it’s a marvel to behold. With the Forward Enterprise platform, you can take it all in — every object and traffic pattern — through a single pane of glass and make sure everything is operating just as it should be. To learn more about this eye-opening capability from Forward Networks, read this use case.

Register for our upcoming Forward Fix Live [webinar] to learn how Forward Enterprise can prevent costly intercloud routing mistakes.

Forward Enterprise Makes the Cloud More Agile, Predictable, and Secure

SANTA CLARA, Calif., Feb. 23, 2022 /PRNewswire/ -- Forward Networks, the only company offering visibility and intent capabilities across the entire network estate, including on-premises, hybrid-cloud, private cloud, public cloud, and multi-cloud instances, today announced enhancements to the Forward Enterprise platform. Forward Enterprise now provides unprecedented visibility into network configuration and behavior in an actionable, vendor-agnostic format, enabling all organizations to conduct business in the cloud with certainty. In addition, the new cloud capabilities give IT teams a 360-degree view of both physical and virtual environments, as well as a single pane of glass for end-to-end in-depth connectivity analysis and policy and security verification.

Forward Enterprise creates a digital twin of an enterprise environment across on-premises devices, as well as hybrid multi-cloud environments. IT teams can instantly troubleshoot, verify intent, and predict network behavior by computing all possible traffic paths. The new platform enhancements also ensure security policies are enforced and prevent costly multi-cloud routing mistakes.

"For enterprises running large and complex networks, the cloud promised agility, economics, and security, but it has delivered complexity, expense, and risk," said David Erickson, Co-Founder and CEO, Forward Networks. "Our new platform enhancements were developed after listening to our customers detail their pain points and will help enterprises take the next right step in their cloud journey. They now have the same visibility and transparency into multi-cloud network traffic as on-prem environments and can be confident that they have the necessary information to make networks more reliable and secure."

CLOUD WITH CONFIDENCE
Unlike the proprietary tools cloud providers offer subscribers, Forward Enterprise provides visibility, insight, and troubleshooting capabilities across multiple clouds. Using this insight, professionals can often remediate potential problems before they materialize, saving time and money. Forward Enterprise is the only platform on the market capable of building a software model of all major networking vendors and services at scale, including for hybrid multi-cloud environments. It also offers complete integration with the top cloud platforms, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). In addition, the platform computes all possible traffic paths for unparalleled insight into network behavior, including how some changes can impact network behavior and compliance verification.

The new capabilities are generally available today, and pricing is based on pay-as-you-grow cloud consumption that does not require a large upfront investment.

About Forward Networks
Forward Networks is revolutionizing the way large networks are managed. Forward's advanced software delivers a "digital twin" of the network, enabling network operators to verify intent, predict network behavior, and simplify network management. The platform supports devices from all major networking vendors and cloud operators, including AWS, Azure, and Google Cloud Platform.

Forward Networks was founded in 2013 by four Stanford Ph.D. graduates and is headquartered in Santa Clara, California. Investors include Goldman Sachs, Andreessen Horowitz, Threshold Ventures, and A. Capital.

Top cross