Integrated Security Protection
Business critical information resides at each level of the network-gateway, server and client-and as security threats continue to increase, each of these tiers are viable targets for the entrance of malicious code and exploitation of vulnerabilities.
In the past, organizations have addressed this issue through a collection of point-products, each working independently. Because each product must be purchased, installed, deployed, managed, and updated separately, this approach has proven to be an inefficient use of IT staff and a costly remedy to the complexities of security.
In contrast, integrated security solutions eliminate these inefficiencies at each tier of the network by combining key technologies-antivirus, firewall, VPN, intrusion detection, content filtering, and vulnerability assessment-to offer more comprehensive protection while reducing the complexity and cost of securing enterprises.
Ask any IT administrator what their mission is and it is highly likely the answer will come back, "To ensure business and service continuity." It is critical that organizations utilize a rapid response infrastructure that leverages both technology and expertise to address new and emerging threats. It is not enough to just detect threats as they appear, but definitions and signatures must also be made available quickly and easily, and mission-critical security products also need to be supported 24 X 7.
Organizations also need to be aware of the breadth of their security provider's response offerings. An ideal response infrastructure will broaden its offerings beyond product and support, to encompass other beneficial services like analysis, threat management and managed security services.
Early warning systems, integrated security and expert response mechanisms are all parts of the complex security equation, but their synergy is most effective when tied together under an open, comprehensive, and standards-based management system that spans all the network tiers and runs on multi-platforms.
Organizations must have a way to sift through the hundreds of simple security events that are generated every minute by their disparate security products, view them together to discover whether they represent a true incident, gauge the relative business impact of the incident, and then take steps to appropriately allocate the resources necessary to address the problem. Further, they must follow each incident to closure in order to eliminate possible recurrence of the problem. And since closure often requires the application of patches or changes in security policy, the verification of these changes must be assured. Without such a system, the process of aggregating and normalizing security event data will remain inefficient and difficult.
Making security manageable
An optimal security posture, and one that eliminates the complexities of security management, is one that takes into account each of these four security disciplines. Adherence to best practices within these four fronts will reduce the costs of enterprise protection and lower risks while enhancing security resource allocation and inefficiencies.
First of all, organizations need an early-alerting system. Because ideally, you want to be alerted before threats damage your business. Next and most fundamentally, you want to protect your business. You need a variety of security solutions at all tiers of the network.