Network security can be lucrative but be prepared for
costly training
What is network security?
Firewalls are used to block or allow data traffic access to a
computer, network or network sector. Virtual private networks
(VPNs) create secure "tunnels" across the internet that allow data
to be sent from one computer system to another without
interference.
Expenditure on network security software and hardware is growing
rapidly. Market analyst Infonetics Research said it increased 5%
between the last quarter of 2004 and the first three months of
2005, and forecast it will grow 27% before the first quarter of
2006. VPN and firewall hardware and software made up 78% of
sales.
Security systems are becoming easier to set up, but they need
skilled staff to configure and maintain them.
Firewalls monitor and control the traffic between one network and
another. Usually they sit between private and public networks, but
may also be used internally, since malicious attacks and security
leaks come from inside as well as outside.
Where did it originate?
The first commercial firewall was DEC's Secure External Access Link
(Seal) in 1991. The market took off with Checkpoint's Firewall-1 in
1994. Checkpoint and other specialist suppliers still perform
strongly, but the market leader in network security appliances and
software is now Cisco.
What is it for?
Most suppliers now offer products that combine firewall and VPN
features. There has also been a convergence in approaches between
those operating at the network level, on the basis of source and
destination addresses and ports, and the application level, which
examine the contents of packets.
Accepting or rejecting traffic based on its origin, without
inspecting contents, offers the fastest throughput. The more
thorough the inspection of packets, the bigger the overhead, so
some compromise has to be made between performance and
security.
Skilled administrators are needed to apply the organisation's
security policy and keep up to date with threats.
What makes it special?
Firewalls help maintain an organisation's reputation for security
and the confidence of its customers and partners. A thoroughly
audited log of traffic can be produced in court to demonstrate that
a company has exercised reasonable care in protecting its
transactions.
Good IT security also contributes to compliance with the
Sarbanes-Oxley Act, essential for companies that do business with
the US.
How difficult is it to master?
Choice and configuration of firewalls involves a compromise between
security and ease of use.
Security administrators will need a background in networks, and
internal training in the organisation's security policy. Most
firewall suppliers provide four or five-day basic courses. Security
training, particularly at an advanced level, is the most expensive
of all IT training; in part a reflection of the salaries and fees
paid to staff and consultants with security skills.
Where is it used?
As well as the growth of firewall protected subnets with
organisations, there is a surge of interest in personal firewalls.
In this case the compromise is between affordability and
effectiveness.
What systems does it run on?
Worldwide, the leading network security suppliers, according to
Infonetics Research, are Cisco, Checkpoint and Juniper, followed by
Enterasys, ISS, McAfee, Nokia, Nortel, Sonicwall and
Symantec.
What is coming up?
Firewalls are beginning to incorporate other forms of network
security, including intrusion protection, virus detection and
end-to-end encryption.
Rates of pay
Security service revenues are growing even faster than hardware
and software expenditure. Firewall specialists can look for £35,000
and upwards; much more in the financial sector.
Training
Training is available mainly from suppliers. Far more valuable
are generic security qualifications available from the British
Computer Society and International Information Systems Security
Certifications Consortium.