Oracle Netsuite Uses Illumio to Protect High-Value Applications
SVP, Infrastructure & Security, Oracle Netsuite
WHY DID YOU CHOOSE ILLUMIO?
BRIAN CHESS: Illumio has a brilliant fundamental insight: The software that all of these servers need to protect themselves is mostly already there—it comes with the operating system. The Illumio Core™ activates and intelligently controls the stateful firewall available in the compute layer: iptables for Linux or the Windows Firewall Platform.
The big problem, the reason these haven’t been able to be used at scale is: how do you orchestrate all of them? How do we get them to work together in all of the right ways? Can you get them all working together and let me know what all of these computers are doing? This is what Illumio does. I think that’s just fantastic.
HOW IS HAVING ILLUMIO CHANGING YOUR SECURITY APPROACH?
BRIAN CHESS: The purview for the security team is very wide. Illumio doesn’t just knock something out that was a huge, keeping-me-up-at-night kind of problem before, so much as it allows me to dispatch a whole bunch of little problems a lot faster than I did before. Which means I can now spend more of my time on the security problems my customers are worried about. Now I can talk to them about making sure they set up security in the NetSuite world better, rather than thinking about whether the NetSuite world is really locked down the way it ought to be.
Illumio doesn’t fundamentally change the way I approach security as much as it tightens downs and accelerates my ability to make changes to my security policies.
WHAT ARE SOME OF THE BEST FEATURES OF ILLUMIO?
BRIAN CHESS: From where I sit, Illumio gives the security team the opportunity to say yes more often. “Oh, hey, you need to use this one piece of gear that was in the QA domain, but you want to put it into production until the spare arrives next week?” Before, you couldn’t commingle those things. But now I have this opportunity to say yes to a configuration I never could have approved before. So, speed is probably the number one thing here, but that speed also comes with the need for less communication, and the ability to be more flexible.
One of the things I like about Illumio is that it’s not just on or off. You can think about different ways to employ Illumio Core to achieve a different degree of lockdown inside your data center and cloud.
My primary interest is in as much lockdown as I can get while still remaining completely flexible to business needs. If you’re coming from a system that’s pretty disciplined, then getting there isn’t necessarily a big jump; if you’re coming from a system that isn’t so disciplined, it’s going to take you more steps to get there. Illumio is flexible in allowing you to get just the right amount of enforcement you’re ready for.
HOW HAVE YOU SEEN THE ROLE OF INFORMATION TECHNOLOGY CHANGE OVER THE LAST FIVE TO 10 YEARS?
BRIAN CHESS: I remember walking onto the RSA show floor in 2008 or 2010, and they had bought a white carpet for the whole thing because it was all about the cloud. Well, NetSuite has been doing cloud since 1999. So the cloud’s not new for us. But the reception to cloud is very different. We’re not explaining to people what it means to be in the cloud, or what it means to be using software as a service. We’re explaining how we do it. Now we’ve got to do more to prove we’re the right cloud for you.
WHAT ARE SOME OF THE NEW THINGS HAPPENING AT NETSUITE?
BRIAN CHESS: Historically, NetSuite’s strength has been the back office. We do a lot of work with finance departments; if you have processes related to accounts receivable, accounts payable, and vendor management, NetSuite can help you with that. These days, we’ve been moving into the front office, which means we can help you run your commerce-driven website. We can five you point-of-sale devices so that your website and what you’re doing in your retail location are the same, and then we can tie that all the way back through your finance department and into your warehouse.