Layers Help Secure Net Traffic

 
 
By Cameron Sturdevant  |  Posted 2003-08-18 Email Print this article Print
 
 
 
 
 
 
 

Regular maintenance is crucial for best results.

Taking a layered approach to securing Internet traffic is the right way to handle a fundamentally insecure technology. However, whether organizations opt to purchase several software products or a complete system in a box, thorough, routine maintenance is the key to the systems success.

For IT managers, the choice today is between one-stop appliances with customized operating systems, software and hardware and specialized software products that use load balancing, clustered computing, caching and proprietary algorithms to quickly scour incoming and outgoing traffic for potential or known security concerns.

Appliances from manufacturers including Blue Coat Systems Inc. are often the easiest to install and maintain over several years. This is because they come as a turnkey solution—a hardened operating system and (usually) tamper-resistant cases, custom software and special application-specific integrated circuits that speed packet inspection. These appliances range in price from $1,500 to $10,000.

Blue Coats history is worth noting. The company started life as Cacheflow Systems Inc. and spent the dot-com era fine-tuning hardware to speed Internet access. After the dot-com bubble burst, Blue Coats technicians discovered caching technology could also be used to speed security processing by quickly checking to see if packet and connection information contained malicious information. This discovery sent Blue Coat in an entirely new direction.

Software products including Aladdin Knowledge Systems Ltd.s eSafe 4 (see review) take a similar approach to Blue Coats but let companies use their own (and therefore usually much less expensive) hardware.

As we noted in the review, eSafe 4 boots up a customized version of Red Hat Inc.s Red Hat Linux, then loads the eSafe 4 application on top. This procedure guarantees that eSafe 4 starts with a basically secure operating system. This is vital to ensure security enforcement.

Appliances and software-based systems must be updated over time.

For long-term maintenance, the laurels go to appliances because appliance vendors know exactly what hardware configuration is in use by every customer. Even though some upgrades require physical changes to the appliance, this is a far cry from the uncertain behavior of software products running on anything with a processor and a power supply.

But in our work with Linux-based applications, we have consistently been impressed with Linuxs ability to neatly adapt to hardware platforms. Weve also seen that Linux is no more difficult to administer than Windows in many data center operations.

Given the open-source access that enables vendors such as Aladdin to gain the inside scoop to locking down the base, we see no reason why software-based security products should not approach the same level as appliances in ease of use and reduced maintenance costs in the near future.

Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ ziffdavis.com.

 
 
 
 
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel