Bolt-on security products can prove difficult to
control, says Gerry Carroll
The piecemeal approach deployed by many enterprises to
secure their IT infrastructure and protect their critical network
operations is patently failing.
The 2004 Pricewaterhouse-Coopers/DTI information br-eaches survey
found that 74% of UK businesses had suffered a security breach in
the past year, compared to under half of businesses in the same
survey two years ago. The report acknowledged that, although
progress has been made in putting in place security controls, there
is still considerable room for improvement.
Traditional tools such as firewalls and anti-virus software are
clearly failing to halt the flood of security infringements, as
illustrated by the report findings. Although 93% of businesses
implemented anti-virus software, a staggering 74% of companies
still suffered a breach.
A number of factors have compounded the problem of securing the
enterprise, including the pervasive use of the internet, the
deperimeterisation of the network and the insurgence of e-mail.
These, combined with a shortage of skilled security specialists and
low investment in security have presented IT managers with a
considerable corporate headache.
Another change has been the increase in speeds and feeds. The
advent of high-speed Ethernet not only accelerated the transmission
of data, but also of viruses and worms, and shortened the time
available to identify and block a problem. Many IT directors
responded to these threats by purchasing a variety of bolt-on
products, yet managing this Frankenstein's monster can be complex
and time consuming.
A different approach to network security is needed. By embedding
security into the network, IT managers can respond to threats,
increase operational efficiency, reduce deployment complexity and
scale as the network expands without adding to the support
overhead.
The key lies in leveraging the infrastructure at the heart of the
network, not only to transport vital enterprise data but also to
manage, protect and secure access to corporate information.
By using an intelligent network which detects user anomalies and
automatically intervenes to quarantine the offending user or
deviant device, companies can enforce corporate security policies,
protect mission-critical applications and respond to zero-day
attacks without negative impact on the cost of ownership.
Employing such an approach will facilitate a move away from viewing
security as a brake on corporate communications to it enabling
effective enterprise-wide communications and enhanced competitive
advantage.
Gerry Carroll is channel and marketing
director, Northern Europe, at Enterasys Networks