You are here  Software Security Software

Niche security providers have the cutting edge

by Cliff Saran
Tuesday 15 November 2005 01:13

IT directors will have to select niche IT providers to ensure their networks run the latest in cutting edge security, or wait up to two years before mainstream suppliers are ready.

In his conference session, Gartner analyst Neil Rickard discussed five emerging areas of network security: instant messaging, network access control, 802.1x, proxy caches and SSL virtual private networks.

"Unfortunately we are not in a position where we can wait for this [technology] to mature," Rickard warned. He said security was not an area of IT where users could wait two years for a major supplier to get it right. "In two years you can have an awful lot of damage done to your enterprise."

Rickard advised users to consider smaller, less mature suppliers for the more cutting edge capabilities. "You are going to be investing tactically. It is a fast-moving market: protocols will change and architectures will change. Expect there to be integration challenges."

Companies will need to integrate multiple systems such as directories and Lan and Wan infrastructure, he said.

Emerging areas of network security

  • Network access control provides a way to limit access to the network. It can ensure only devices with the right level of patches and anti-virus signature can connect. Users should also provide a way for non-compliant devices to connect to a quarantine area of the network, where faulty devices can be repaired.
  • Reverse caches are used to improve the performance of external websites by holding frequently accessed content. A reverse proxy cache can shield the primary server from the internet and provide content filtering.
  • SSL VPNs allow companies to be much more precise over what access they give end-users, compared to the popular approach to remote access based on IP VPNs.
  • Instant messaging can enforce policy, run virus scans, authenticate users from a directory service and provide a degree of content filtering. But users need to consider how to audit instant messaging sessions. However, audits could generate vast quantities of data and fall foul of data and privacy legislation.
  • 802.1x is the protocol used to provide access control on wireless local area networks. The protocol can also be used on fixed Ethernet network connections. But again, users will need to integrate products themselves.
An error occurred on this page.
An error occurred on this page.