|
A
piecemeal approach to information security
- added to market confusion - is resulting
in companies spending too much for incomplete
protection.
According to security vendor Aladdin,
companies are unwittingly purchasing
and managing overlapping security solutions,
sending their total cost of ownership
sky-high. Aladdin reckons a set of point
products to tackle anti- virus, anti-spam,
Web filtering, URL blocking and application
filtering could be as much as three
times as expensive to run as an integrated
system. For 1,000 users an integrated
approach would cost $48,200 against
$178,000 for point products.
As
a leading supplier of integrated content
security appliances, under the eSafe
brand, the issue Aladdin raises is a
little self-serving. That doesn't mean
it's wrong though - inspecting the same
piece of traffic numerous times doesn't
make much sense, as Aladdin points out.
But the company draws the line of what
needs to be done with a combined approach
where the capabilities of its own product
stop. Aladdin thinks content security
functions should be performed on one
device but encryption, intrusion detection
and firewall functions should be done
elsewhere.
"There's
a thin line between doing too much and
doing it right," Shimon Gruper, eSafe
CTO and VP at Aladdin Knowledge Systems,
told The Register. Gruper reckons integrated
appliances that do everything have substantial
benefits in ease of use but aren't suited
to handling more complex networks.
Panic
spending leads to disintegrated security
Protection
against Internet worms was a hot topic
even before this week's Sasser outbreak
reduced many systems to a crawl.
In response to the threat posed by earlier
worms such as Blaster and Nimda, vendors
have developed a number of approaches:
these include internal security appliances
(Check Point), Web application firewalls
(Blue Coat), building intrusion protection
functions into firewalls (NetScreen)
and variations on the theme of host-based
intrusion prevention (Cisco et al).
Indeed the capacity of Windows boxes
to spread network worms has created
a
whole sub-category in the security market.
Gruper
advises companies to take a more considered
approach to information security, taking
a close look at how they can protect
their systems instead of panic buying
whatever their reseller or security
consultant punts their way. "Companies
are not taking a holistic approach to
security. Whenever it hurts they are
adding more pieces. Because of this
they often end up with an unmanageable,
unintegrated system with a single point
of failure," he said.
Source:
John Leydon, The Register
www.theregister.co.uk
|
