Network security: to be secure or not to be ?

Monday, 28 October 2002, 2:59 PM EST

While advances in networking grow unabated, there continues to exist a challenging clash of technologies, resulting in a network security bottleneck. The bottleneck is rampant because some network operations such as security are still in the megabit-per-second performance range, but actual network equipment operates at the gigabit level.

Further, most vendors regard network security as value-added, although from the enterprise perspective, there is a rapidly escalating requirement for security across the board. Still, the performance issue persists with security, in most instances, operating at OC-3 megabit-per-second throughput rather than at gigabit-per-second. Aggravating the issue is that most system vendors offer network security as an afterthought by providing software solutions for VPN, e-commerce secure socket layer (SSL) and transfer layer security (TLS) protocols.

It is important for both system vendors and network management to understand that hardware-based Internet protocol security (IPSec) and SSL acceleration is the only way to achieve multigigabit performance and throughput. Currently, this is not available in switches, most routers, storage area networks (SANs) and servers. Economics is the reason. Today's architecture for these embedded subsystems does not take security into account because of the high cost, design complexity and extended time-to-market associated with ASIC-based network subsystem designs.

[ Read more ]


Don't sink your network

Too many of today’s networks are easy to sink. One attack pierces the perimeter, and all of the organisation's most sensitive data comes rushing out. Soon after, their logo is slapped across the evening news as the pundits start circling the water.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Oct 13th