What is it that's so appealing about small-town Main Street? Is it that Ed from the drugstore can tell you what the current specials are at the corner deli? Or that Mabel from the beauty shop can give you a rundown of every stranger that has set foot in the town over the past month? No matter whom you talk to on Main Street, it seems they all know what's going on in town.
Enterprise security, in much the same way as the proverbial small-town Main Street, should operate with a certain degree of interoperability. The various aspects of intrusion detection, virus protection and network traffic monitoring should be enabled to communicate and operate on an integrated level.
The trouble with products from multiple vendors
For most organizations, computer security consists of using multiple products, such as antivirus software, firewalls and virtual private networks (VPN), to create a protected environment. These products are often purchased from separate vendors and must be installed, deployed, managed and updated separately. With this approach, there are more likely to be problems related to the lack of collaboration between the products. Security usually isn't comprehensive and can be compromised because cross-vendor interoperability issues often allow threats to slip through the cracks.
 |  |
| Barry Cioe is senior director of product management at Symantec Corp. and a 13-year veteran of the IT industry, with eight years of experience developing Internet security products. |
A new trend called integrated security describes how companies are shifting their focus from using a handful of stand-alone point security products to a single security solution. This Main Street approach integrates all of the necessary security functions that keep a company secure and productive without compromising security integrity.
Consider the weapons at the disposal of an organization: VPNs; network- and host-based intrusion-detection systems; vulnerability management to assess holes in the system; firewalls to guard networks, applications and desktops; antivirus software for desktops and gateways; and intrusion-prevention tools to lock down servers, desktops and networks. Integrated security can more competently guard against a range of threats and minimize the effects of network attacks by combining these security functions. Key security technologies can be incorporated to provide integrated protection against security threats that may attack a network.
What integrated security can do
In most organizations, a variety of security products from different vendors have probably been implemented as network security has evolved. Different tiers and functions are associated with different security solutions. Because many of these solutions are from varying vendors, it's difficult to integrate them into a comprehensive solution that is easily managed. The enterprise security solution should be knowledgeable of security activity across all tiers and functions to provide maximum interoperability and functionality.
By integrating security, an organization can achieve several major benefits including:
Operational efficiency of security functions
Integrated security reduces the need to purchase, install, update and manage numerous security products and address interoperability issues between differing products at each network tier. Such a solution enables reallocation of IT personnel to other strategic projects while maximizing the productivity of the often overburdened IT department, improving security manageability overall.Increased security posture
Security technologies that are integrated will provide the highest level of interoperability, enhancing security posture over their stand-alone counterparts. Intrusion-detection technology could identify a potential threat and encourage a higher firewall posture, or the firewall technology could initiate a virus scan of a suspicious transmission. This reduces the risk of a technology becoming the weakest link in the security chain and increases the potential for capture and containment of blended threats.Minimized impact of attacks on business
Since an integrated security solution can be implemented at all network tiers, it offers greater protection of proprietary assets. Integrated security better allows for uninterrupted business operations, promotes employee productivity, maximizes revenues and minimizes the possibility of litigation.
However, technology alone doesn't adequately address security issues. An integrated security solution works best when built upon strong policies and procedures and supplemented by appropriate personnel and physical security measures. By combining several security functions, integrated security can more efficiently protect against an assortment of threats to minimize the effects of network attacks.
Organizations that take advantage of integrated security are better able to meet the threats of the future. In fact, organizations that adopt an integrated security strategy today will be in the best position to take advantage of the next stage of integrated security, whereby all network tiers will be integrated and centrally managed. Through this enterprisewide integration of security, administrator resources will be best used, since installation, reporting and updates will be possible from a single console. This management capability will further improve protection, while reducing the administrative, support and ownership costs typically associated with enterprise security.
So while big-city security threats confront all organizations, an integrated small-town approach will increase interoperability and protection by providing network administrators with a complete and secure view of Main Street.