Integrated
Security: A New Network Approach
Part Two: The Shift Toward Integration
Featured
Author - Eric
Winsborrow
- December 10, 2002
The Shift Toward Integration
According to Computer Economics, the worldwide financial impact of malicious code was $13.2 Billion in 2001 alone. With nearly 400 computer security vendors offering solutions spanning the spectrum from antivirus to firewalls, content filtering to intrusion detection, we're led to ask, "Why?" The problem lies in the old world strategy of "one threat, one cure." Companies finding themselves marauded by the onslaught of attacks have simply added more single-cure security point product after another, and dealt with the cost and difficulties of trying to manage them with limited resources, finding out in the end that their security posture was marginally improved (if not ultimately decreased due to the complexity). It's outdated. The blended threats Code Red and Nimda crushed that approach employing new combinations of offenses against IT infrastructures.
If
companies wish to successfully deal with blended threats that integrate methods
of attack and propagation, they'll need a similar approach with the cure - integrated
security. The market has recognized a need to move from a "best of
breed" product mentality to a "best of breed" solution mentality. In the past,
IT organizations purchased in silos when it came to security products, but no
longer can security decisions be made in isolation by technical managers. Security
plans should be developed and approved in the boardroom by the executives held
accountable to shareholders, customers and employees.
Corporate approach to computer security must be comprehensive. It is now necessary to protect all parts of the network and to respond on the gateway, server and client levels. Comprehensive includes the ability to secure these tiers as well as the ability to synergistically apply complementary security.
This
is Part Two of a two-part article on Network Security.
Part
One provided an overview of the key drivers behind the shift toward integrated
security, including the growing sophistication of network attacks; and summarized
the business impact of attacks on networks that are not employing integrated
security.
Current Security Solutions
Current security solutions typically consist of multiple point products. These are products that must be purchased, installed, deployed, managed, and updated separately. With this approach, IT managers need to address problems related to the lack of interoperability between each of the products. Protection is usually not comprehensive because cross-vendor interoperability issues often allow threats to slip through the cracks, compromising security. The issue would still remain even if the same vendor were used for multiple security products, because those technologies typically are not designed to integrate and interoperate. What's more, when an outbreak occurs, the "fixes" that each vendor provides must be tested and verified across the various technologies. This can slow response to attacks, potentially increasing the costs that are incurred. Independent point products can also degrade network performance; since the products were not designed to work together, thus they present more of a performance hit.
The implications of current security solutions include inefficiencies, disappointing results (e.g., lower than anticipated risk mitigation and loss of customer and market trust), and a higher cost of ownership. In addition to providing inadequate protection against blended threats, current products require labor-intensive implementation and configuration. These products are part of an enterprise security posture that may be difficult to understand and which provide little insight into security planning and performance.
The Logical Solution: Integrated Security
Integrated security provides a comprehensive, holistic security system that addresses the challenges and opportunities of today's networked enterprises. This security method integrates multiple security technologies and combines them with policy compliance, management, customer service and support, and advanced research, for more complete protection. It uses the principles of defense in depth and employs complementary security functions at multiple levels within the IT infrastructure.
By combining multiple security functions, integrated security can more efficiently protect against a variety of threats at each tier to minimize the effects of network attacks. Key security technologies that can be integrated include:
-
Firewalls. Control all network traffic by screening the information
entering and leaving a network (or portion of a network) to help ensure that
no unauthorized access to computers and/or the network occurs. Firewalls are
not only required at the network perimeter, but at the client level, perhaps
the most vulnerable and common point of entry and launch for attacks.
- Intrusion
Detection. Detects unauthorized access and provides alerts and reports
that can be analyzed for patterns and planning.
- Content
Filtering. Identifies and eliminates unwanted content traffic, whether
that be in message headers, text, attachments, URLs or other sources.
- Virtual
Private Networks (VPNs). Secure connections beyond the perimeter,
enabling organizations to safely communicate with other networks across the
Internet.
- Vulnerability
Assessment. Enables assessments of a network's security position
by uncovering security gaps and suggesting improvements.
- Virus
Protection. Helps protect against viruses, worms, and Trojan Horses.
As an aggregate, these security technologies can be time consuming to install and independently would be difficult and expensive to manage and update. When integrated into a single solution, however, they offer more comprehensive protection while reducing complexity and cost.
In most enterprises, a variety of individual security products from different vendors have probably been implemented as network security has evolved. Enterprises are thus likely to gradually migrate to an integrated security solution, to ensure the interoperability and integration of competing security products at each network tier. Such a phased approach will initially involve the integration of a subset of security functions.
Benefits of Integrated Security
Increased
Security Posture
Security
technologies that are integrated will ultimately interoperate, providing an
enhanced security posture over their standalone counterparts. Intrusion detection
technology could identify a potential threat and encourage a higher firewall
posture, or the firewall technology could initiate a virus scan of a suspicious
transmission. This reduces the risk of a technology becoming the "weakest link"
in the security chain, and increases the potential for capture and containment
of blended threats.
Operational
Efficiency of Security Functions
Integrated
security reduces the need to purchase, install, update, and manage multiple
security products or address interoperability issues between various products
at each network tier. Such a solution enables reallocation of IT personnel to
other strategic projects while maximizing the productivity of the often overburdened
IT department, improving security manageability overall.
Minimized
Impact of Attacks on Business
Since
an integrated security solution can be implemented at all network tiers, it
offers greater protection of proprietary assets. Integrated security better
allows for uninterrupted business operations, promotes employee productivity,
maximizes revenues, and minimizes the possibility of litigation.
Features of Integrated Security
Due to the rapid evolution of threats, security is a constantly moving target. As a result, security is only as effective as the most recent update of a virus definition, firewall rule, intrusion signature, or other content updates. By applying a uniform approach to systems and devices that contain business-critical and sensitive information assets, organizations can ensure the integrated and timely updating of their security content and other critical aspects of a security system.
Technology alone does not address security issues. An integrated security solution works best when built upon strong policies and procedures and supplemented by appropriate personnel and physical security measures. Solid security policy and standards define what needs to be protected, who is granted access, and the reason access is required. Executive-level support in the organization for the security policy, as well as employee awareness, helps ensure successful policy adoption.
An integrated security strategy improves the overall security posture of the network in a way not possible via implementation of individual products. Whether security is handled in-house or outsourced, ensuring that all of these capabilities are in place is vital to maintaining a secure critical infrastructure.
The Future of Integrated Security
Organizations can now benefit from integrated security in a variety of ways, including improved efficiency of security functions, minimized business impact of attacks, and an improved overall security posture. In fact, companies that adopt an integrated security strategy today will be in the best position to take advantage of the next stage of integrated security, whereby all network tiers will be integrated and centrally managed. Through this enterprise-wide integration of security, administrator resources will be optimized, as installation, reporting, and updates will be possible from a single console. This management capability will further improve protection, while reducing the administrative, support, and ownership costs typically associated with enterprise security.
About
the Author
Eric
Winsborrow is the Senior Director of Product Management at Symantec
Corporation. His team is responsible for Symantec Client Security,
released in August 2002, which integrates antivirus, client firewall and intrusion
detection technologies. Some other solutions managed within his organization
include the popular Symantec Antivirus Corporate Edition, Symantec
Antivirus/Filtering for MicroSoft Exchange, Symantec Antivirus/Filtering
for Domino and the Symantec Security Management System.
Secure Mobile ERP—Is It Possible? | SAP HANA—One Technology to Watch in 2012 (and Beyond) | Demystifying SAP Solution Manager | Cloud Assets: A Guide for SMBs—Part 3 | I Want My Private Cloud | The Sum of All Malware Fears: Siemens on Stuxnet | Managing the Overflow of E-mails | Security Risk Assessment and Management in Web Application Security | Are You Adequately Protecting Your IT Infrastructure Components Inside the Firewall? | Enterprise Resource Planning Giants Eye the Shop Floor | The Pain and Gain of Integrated EDI
Part One: The Pain of Integrated EDI | The Next Phase of Supplier Performance Management in the Retail Industry | Who Else is Using Your Wireless Network? | Information Security Firewalls Market Report
Part Two: Current Market Trends and User Recommendations | Information Security Firewalls Market Report
Part One: Market Overview and Technology Background |
The Instant Supply Chain Challenge | Inovis Delves into PIM by Snatching QRS
Part Five: Challenges and User Recommendations | Inovis Delves into PIM by Snatching QRS
Part Four: Market Impact | Inovis Delves into PIM by Snatching QRS
Part Three: QRS Background | Inovis Delves into PIM by Snatching QRS
Part Two: QRS Marketing | Automated Enterprise: Many High-ROI Opportunities | Secure Transfers of Large Files Over the Internet Using YouSendIt | Fed Warms Up to ERP Spending, but Will Contractors and Their ERP Vendors Comply?
Part Two: Challenges and User Recommendations | Feds Warms Up to ERP Spending, but Will Contractors and Their ERP Vendors Comply?
Part One: Event Summary and Market Impact | International Trade Logistics Challenge Automated Global E-Trading | Product Review: GFI's LANguard Network Security Scanner | The Best ACT! Is Still to Come | HIPAA-Watch for Security Speeds Up Compliance
Part Two: Phase III and IV, and Product and User Recommendations | HIPAA-Watch for Security Speeds Up Compliance
Part One: Vendor and Product Information | EAM Versus CMMS: What's Right for Your Company? Part One | GXS Acquires HAHT Commerce or More Synchronized Retail B2B Data
Part Four: Challenges and User Recommendations. | GXS Acquires HAHT Commerce for More Synchronized Retail B2B Data
Part Three: Market Impact | GXS Acquires HAHT Commerce for More Synchronized Retail B2B Data
Part Two: HAHT Commerce | Using PKI to Protect Your Business Information | Sales and Operations Planning
Part One: Identifying and Forecasting Demand | The CyberAngel: Laptop Recovery and File Encryption All-in-One | Evaluating Enterprise Software-Business Process or Feature/Function-Based Approach? All the above, Perhaps?
Part Three: Knowledge Bases and User Recommendations | InsideOut Firewall Reporter Unravels the Mysteries of Your Firewall Logs | SCE Leaders Partner To See Beyond Their Portfolio
Part Three: Challenges and User Recommendations | When the Bigger Fish Eats the Smaller to Become a Bigger Fish | The Future of Secure Remote Password (SRP)
Part Two: Overcoming Obstacles to Success | The Future of Secure Remote Password (SRP) | Integrated Security: A New Network Approach | Vendor Analysis: Kaspersky Anti-Virus Products Examined | Increasing the Value of Your Enterprise Through Improved Supply Chain Decisions
Part 3: Conclusion | 6 Immediate Business Improvements Offered by an Online SRM System:
Part 3: Other Points to Consider | Hosting Horrors! | Legacy Single Sign-On: Novell, Evidian, IBM, PassGo, or Computer Associates? | Fourth Shift's evolution Within SoftBrands' DemandStream | The Intranet Has Come a Long Way: Where is it Going Next? | The 'Joy' Of Enterprise Systems Implementations
Part 4: User Recommendations | The 'Joy' Of Enterprise Systems Implementations
Part 3: Causes of Failures | The 'Joy' Of Enterprise Systems Implementations
Part 2: Implementation Key Success Factors | The 'Joy' Of Enterprise Systems Implementations
Part 1: Inexorable Statistics | OKENA Brews Up a StormSystem that Secures All Applications | Appointment Scheduling - Achieving the Positive Ripple Effect
Part 2: A Solution | Siebel Rallies Its Integration Alliance Troops
Part 2: Market Impact | Siebel Rallies Its Integration Alliance Troops
Part 1: Recent Announcements | Incident Handling and Response Capability: An IT Security Safeguard
Part 2: Establishing the Capability | Incident Handling and Response Capability: An IT Security Safeguard
Part 1: Are You Ready to Support an Incident Response Capability? | Outsourcing Security
Part 3: Selecting a Managed Security Services Provider | Outsourcing Security
Part 2: Measuring the Cost | Outsourcing Security
Part 1: Noting the Benefits | Vendor Review: SecureWave Protects Microsoft Operating System Platforms | Thanks to a Smart Little Company called Lexias, CIOs Can Now Empower their Users to Assist in eBusiness Security | Feds Buckle Down on Customer Information Security | Identix Leads Biometric Authentication | Bootcamp for the Pros; Why Ernst & Young Will Lead Security Auditing Standards | Vendor Analysis: Interliant's Security Vulnerability Assessment | OKENA Pioneers Next-Generation Intrusion Prevention | PipeChain Adds Pragmatism Onto Simplicity | Social Engineering Can Thwart the Best Laid Security Plans | Application Single-Sign On: Netegrity, Securant, or Evidian? | Lost Your Laptop? The CyberAngel® Brings It Back | InsideOut Makes Firewall Reporting Useful | Optimizing The Supply Chain Network And Reducing Distribution Costs - Part 2 An Andersen Point Of View | The Retail Industry: Improving Supply Chain Efficiency Through Vendor Compliance - An Andersen Point Of View | Optimizing The Supply Chain Network And Reducing Distribution Costs - An Andersen Point Of View | PRISM Users Get A Dedicated, Independent Web Community | ERP Trivia - Every Why Should Have Its Wherefore
Part 2: ERP Key Success Factors | ERP Trivia - Every Why Should Have Its Wherefore
Part 1: ERP Trends | The SOAP Opera Progresses - Helping XML to Rule the World | Nortel and Clarify: Was There Ever Synergy Enough to Support this Marriage? | New Era of Networks Gets Blinded By the NEON | SCT Corporation Means (e)Business For Process Manufacturing | EAI Market Consolidation Continues With Peregrine Acquisition of Extricity | A New Era Dawns for Sybase | Performance Management Simplified by MSPs | Tibco Takes a Pragmatic Approach to Multicasting | Talarian and NextSet Team for B2B Solutions | Manugistics Lays Groundwork For Talus Integration | QueryObject Partners With Cognos | Quantum Snaps Off Its NAS Group | Tempest Creates a Secure Teapot | E*Trade Ignores Private Security Warning, But Public Hullaballoo Gets Response | Navision Executes At a Slower Pace | eMachines to Ship Appliance | Sun Buys Cobalt | My Network Engineers are Talking about Implementing Split DNS. What Does that Mean? | VA Linux Releases NAS Server | eConnections Expands Web With IPNet | New Internet Appliances Coming from Compaq | Lipstream Speaks to Kana | Human-Machine Interaction Company Ramps Up Firewall Product Line | Security Information Market Heading for Growth | Alibris Charged with Intercepting Email | Remedy Welcomes You To Your New Office. Now Get To Work! | Peregrine Welcomes Loran to Its Nest In Network Management Matrimony | i2 Paints Broad Strokes at eDay | Cart32 in Need of Duct Tape | More Marketplace Success For Manugistics? | Deutsche Telekom to Acquire VoiceStream Wireless | Study Shows: FBI Alienates Industry Security Experts | Firewall Cowboyz Set the Stage to Free Innocent Convict | Lasership.com Looks To Descartes For Same-Day Delivery Help | Symantec Swallows AXENT; Takes on Network Associates | Novatel Wireless and Diversinet Team Up to Provide Security for Wireless Modems | Concur Gives Up The Boast | Red Hat Releases Clustering Software | Windows 2000 Bug Fixes Posted | Baltimore Technologies Doubles Revenues, Offers World-Class PKI Hosting | The Whys and Hows of a Security Vulnerability Assessment | Earthlink Leads the Way in DSL Security | PKI and Biometrics Ready for Take-Off | AT&T Has a Thing for Media | Secure Transport of EDI and XML for Trading Exchanges | Compaq and IBM Alliance for Storage | Can You Trust Entrust? | Marketing and Intelligence, Together at Last | Standard & Poor's Announces Security Certification | Evaluating the Total Cost of Network Ownership | Check Point Leads Firewall Market | Dell Snags Motorola’s Grzelakowski to Lead Wireless Business Unit | Fighting Cybercrime on the Internet | NetWare for Small Business – NetWhy? | Let Your Hard Drives Tell You Where they Are! | New Storage Array from Sun | E&Y Spins-Off eSecurity Online and Unveils Security Vulnerability Assessment Services | Technology Project Selection and Management in Community Banks | ASP Infrastructure: The Party Has Started | With Record Revenues, AXENT Puts Down a Solid Fist | NAI Will Pay Trend $12.5 Million Resulting from Law Suit | Sub7 Tells Chat Rooms All Your Stuff; F-Secure Leads the Battle | Cobalt Releases Linux "Clustering" Software | E-Cash Rollout Replaces Amex | More Infrastructure Support for CyberCarriers | Intranets: A World of Possibilities | GSA Schedule Partnership Gets Network-1 in the Door | Los Alamos Loses Top-Secret Information, Again! | Standard & Poor's Exposes Customers' Security | The AS/400 Takes You Securely Where You Want to Go | Multi-mode ADSL Heads for the Mountain | Applix Still Shows a Presence in the OLAP Market | Cisco’s Complete Network in a Box | Trend Micro Steps into PDA/Wireless AntiVirus Information Market | Manugistics To Help Amazon.com In Global Expansion | Gateway & AOL Follow Crusoe’s Footprints | Microsoft Tech Ed 2000 Win2K Attendee Network Fails Miserably | CryptoSwift Takes Rainbow Revenues Up 620% | Layer 3 or Bust | Ariba Gains Legs Courtesy of Descartes | Eppraisals.com Gives Lante High Marks | Secure in a Foundry | Smart Shoppers Go Abroad for Affordable Information Security Programs | Anti-Virus Advisories: Rating Them | The Arrow Now Points To Cisco | Network Appliance to Ship Sub-$10K Caching Hardware | The 7 Habits of Highly Effective Security | Compaq Reorganizes Again | 1 Little GB, 2 Little GB, ..., 10 Little Gigabit | Fischer’s Prio! SecureSync ~ A Solution to Enterprise Directory Chaos | Just One Hop Away From San Jose | Will Solomon Finally Satisfy Great Plains’ Insatiable Appetite? | Abandon All Insecurity, Ye Who Enter Here | Extreme Networks BlackDiamond Product of the Year | Top 10 Excuses For Not Securing Your Website or Network | AMD Server Plans De-Railed | Ernst & Young Leads Big 5 in Security | 6 Days After Advisory Posted, AboveNet Gets Hit | Cisco to Become a Player in the DWDM | Napster Cooks up Soup-to-Gnutella Network Management Challenges | Voice-Over-Broadband Standards on the Horizon | A Firewall is Cheaper Than a Lawyer | Gigabit Transceivers ~ the Next Generation | USinternetworking and AT&T are Working the System | NeoModal Launches Corporate Ship On Promising Journey | Analysis of TeleCommunication Systems, Inc. Release of Menu Driven Wireless Web Capability For SMS | Navision Software a/s: Mid-market iNvasion | MCI WorldCom: “It’s not an age, it’s an attitude” | Fixing Security Backdoors:
Red Hat 1, Microsoft 0 | WAP Forum Specifies RSA’s RC5 Encryption For Wireless | Netpliance Responds Quickly to Hardware Hack | SynQuest, Ford Deliver a Novel Application for Inbound Logistics | Strategic Partners or Merger on the Horizon? | SynQuest Teams With InterWorld for Internet Sales and Fulfillment | USi to Offer Managed Messaging for U.S. Feds | Security Stocks Burn Rubber | Mirapoint ~ ISP Messaging Solution in a Box? | Navision Becoming More Visible | A Forum for Wireless Standards…About time isn’t it? | DSL Provider Scoops up Netscreen Firewall Goldmine | Cyclone Untangles Digital Partnerships | Security Begins on Your Desktop | Network Associates Hopes to Rekindle the Flame | Novell Uses XML, LDAP, NDS to Manage AD, IOS, etc. | Hacker Publication Gets Top Defense Attorney | HP Reorganizes Storage Group, Addresses NAS-cent Market | Concur eWorkplace Projects Vision Onto Desktop | How 3Com, Became 1Com | Saudi Arabian Network Security Provokes Local Considerations | Cisco: IPv6 is Coming, Eventually | Gosh, There’s a Bug in Windows 98 | Robust Systems are Built from the Bottom Up | IBM is Not Enough; Ariba Announces Strong Partnership with Amex | USinternetworking: One Suite ASP | DOJ Keeps Low Profile on Curador; Protect Your IIS Server Today! | Information/Internet Appliances | Agilera.com – A new era for the web? | Security Breach: Now What? | PeopleSoft's CEO Steps Down | Descartes Evolution Yields Revenue Growth But No Profits | PeopleSoft, Lawson To Resell Integration Tools | MAPICS, Inc. to Acquire Pivotpoint, Expanding e-business Offerings for Mid-Sized Manufacturing Establishments | Microstrategy Moves Up with e-Business | Seagate Technology Refocuses its Software Business | The New Manugistics Debuts eBusiness Products | Concur's Customers Can Network Now | AT&T's Ecosystem | E-commerce Grass Getting Greener | Commerce One Meets GM: Web Now Has A Really Big Parts Department | Dynamic Ariba Trades Up | AMERICAN EXPRESS Selects TRADEX To Build New Business to Business Commerce Network | So Does your e-Business Provider have Internationally Recognized Tools in its Digital Business Consulting Toolkit? | 3Com Will Route Customers to In-house Web Design Firm | Total Uptime Guarantees? It Must Be A New Millennium! | Adsmart Blazes Vertical B2B Trail | Expedia Relaxes Registration Requirement | Be There or Be Square? David and Goliath Team on bCentral Auction Site | Ariba to Leave Integration to Specialists | Bank is First Mover in Canadian E-Commerce | Concur Scores A Bingo | Commerce One: Connectivity Improved | GE Comes to Lunch. Want to Guess Who the Appetizer Will Be? | News Analysis: Dot.Coms Getting Bred By Scient: Will Scient Spawn Into a Giant or Will Andersen Have the Edge? | Why Not Take Candy From Strangers? More Privacy Problems May Make Ad Agencies Nutty | Sendmail, Inc. and Disappearing, Inc. Team Up to Add Enhanced Security | Dell to Acquire ConvergeNet International | Palm Tries to Take the Desktop in Hand | Cisco Tries to Cache In By Buying Software Start-Up Tasmania Networks | Is Your Financial Transaction Secure? | Compaq, HP, IBM, Intel and Microsoft Create New PC Security Alliance | Expect Boom in Electronic Signatures | Secure Your Search Engine | President Proposes Security of Medical Records | Sendmail Takes Security to the Next Level with Version 3.0 for NT | CheckPoint & Nokia Team Up to Unleash a Rockin' Security Appliance | Trend Micro Anti-Virus Server for Microsoft Exchange ~ A Secure Choice For Enterprise Wide Anti Virus Protection. | Security Snafu at NetBank | Freeware Vendor's Web Tracking Draws Curses | The "S" in SAP Doesn't Stand for Security (that goes for PeopleSoft too) | Content Technologies releases MIMEsweeper PolicyPlus | Hackers Will Be Out in Full Force On New Year's Eve | Analysis of Virgin Net's Hacker Scare | Network Associates RePositions Itself as a Security E-Village | Lexiguard™: The Coming "Adobe Acrobat" of Encryption | CyberPeepers from Korean Sites Peek at U.S. Networks | Would You Hire a Hacker? What Would Your Mother Say? | @Home Scans Own Customers | CIOs Need to Be Held Accountable for Security | New Market for Security Insurance | At Least Your Boss Can't Read Your Home E-mail, Right? Wrong! | PrettyPark Virus Litters Cyberspace | Compaq and Samsung in Deal to Save Alpha | Packard Bell / NEC Leads Secure Etoken Deployment | Congress Acknowledges Outdated Banking Laws | SSA: Evolving into systems integrator to survive | JBA: Will it remain "@ctive Enterprise"? | Advanced Planning and Scheduling: A Critical Part of Customer Fulfillment | WorldCom SPRINTs, Nokia/Visa Pays Bill, & Service Providers Gear for Wireless Tsunami | How Secure is Your E-Mail? | Trend Virus Control System - A Centralized Approach to Protection | An Analysis of Trend Micro Systems - Who They Are and Where They're Going | Network Engines, Inc. - Double the CPUs for Web Serving | Server Appliances - "Caching" In on Internet's Growth | VPNs Are Hot, but What Are They? | ATM Machines Hacked in Moscow | How To Mitigate Holiday Cybercrime | Surf's Up at Akamai |