Network security: to be secure or not to be ?
While advances in networking grow unabated, there continues to exist a challenging clash of technologies, resulting in a network security bottleneck. The bottleneck is rampant because some network operations such as security are still in the megabit-per-second performance range, but actual network equipment operates at the gigabit level.
Further, most vendors regard network security as value-added, although from the enterprise perspective, there is a rapidly escalating requirement for security across the board. Still, the performance issue persists with security, in most instances, operating at OC-3 megabit-per-second throughput rather than at gigabit-per-second. Aggravating the issue is that most system vendors offer network security as an afterthought by providing software solutions for VPN, e-commerce secure socket layer (SSL) and transfer layer security (TLS) protocols.
It is important for both system vendors and network management to understand that hardware-based Internet protocol security (IPSec) and SSL acceleration is the only way to achieve multigigabit performance and throughput. Currently, this is not available in switches, most routers, storage area networks (SANs) and servers. Economics is the reason. Today's architecture for these embedded subsystems does not take security into account because of the high cost, design complexity and extended time-to-market associated with ASIC-based network subsystem designs.
[ Read more ]