Network architects and security engineers are looking for ways to be proactive in their approach to network security. By taking information gleaned from leading network performance and analytics solutions, matching it against policy and then automatically, and in real-time, updating traffic flow and network configuration they can ensure network integrity and security.\u00a0 Some people are calling this closed loop an 'adaptive response'.There are many approaches to adaptive response, for the sake of this article adaptive response is used by security teams as part of a layered defense analysis. This is accomplished with information and security context being pushed and pulled from various security solutions, and ultimately provides automated actions that can be applied in any given security issue based on this information.The challengeAdaptive response only works when there is a simple way to collect data, and then connect the analytics (I know what I have) to the action (this is what I want to do with it).\u00a0 Current network security architectures include controls, endpoint solutions, threat intelligence and access management with each doing its job well, but not necessarily playing well together. Each has its own place and role in the architecture creating security intelligence that require a lot of people and time to analyze and then take action. Where the analytics are incredibly powerful and readily available, collection and action are not.\u00a0 Gartner defines the three key stages of a threat intelligence strategy to be acquire, analyze, and action; it\u2019s precisely the acquisition and action stages that are missing.\u00a0Gartner predicts that, by 2020, 40 percent of large organizations will have established a \u201csecurity\u00a0data warehouse\u201d to support\u00a0advanced security analytics. To harness the power of analytics, organizations need better data management in order to close the network security gap to produce automated (adaptive) response.\u00a0 The trick is finding a solution that can act as both the acquisition point and the action point without performance or scale limitations.Disaggregation and automation go togetherFor the gap to be properly closed, with automation, it\u2019s very important to note the performance and scale required. This can only be achieved when hardware is separated out from the heavy lifting of the analytics. This disaggregated approach requires new thinking, but it leads to the right place, with all the network traffic analysis and smarts in the cloud (where they should be, and using whatever tools). With the right analysis in the right place it is easy to then set the directives to adjust and filter bad traffic in disaggregated and optimized hardware.\u00a0\u00a0This philosophy of disaggregation is the enabler of real security automation through control points which are the answer to closing the network security gap.\u00a0Ensuring security and traffic flow across the network requires a solution with full transparency, which also has full line-rate performance and is ultra-precise. By leveraging these capabilities, you now have full control of any packet with any user-defined rule to deliver a wide choice of actions programmed through REST or BGP FlowSpec: accept, drop, rate-limit, copy, redirect, ACL and more. \u00a0The ability to program hundreds of thousands of different rules and have the network respond at a per flow level gives control back to the network architects and security engineers who can now define policy, flag anomalies through rigorous analytics and automatically shut down bad flows at any scale.\u00a0SummaryThere is no end of the cyber threats that large organizations need to defend against. To help stop today\u2019s and tomorrow\u2019s threats, it requires much greater visibility and analysis of security data throughout the organization. Traditional security solutions are limited due to the primary architecture with old approaches to data stores and because of various other rigid elements. The complexity and lack of flexibility created by so many security technologies applied across a large network can be the bottleneck in effectively finding and solving security issues. Adaptive response changes the traditional security posture of finding, analyzing and acting from day\/hours to minutes\/seconds.By understanding that a network security gap exists and by leveraging the right adaptive security technologies, eliminating vulnerabilities across the network becomes much easier. With an adaptive security approach based on a clean disaggregation of hardware from software, network integrity can quickly move to the next level and deliver a more unified defense.