Like its software-based predecessor, a network-based entitlement control and management platform allows an enterprise to adhere to stringent regulatory compliance standards while securing sensitive data center resources. However, a network-based entitlement control and management solution can be managed from a single, highly intuitive GUI application to administer policies across the data center. Knowledge Center contributor Shane Buckley explains the top 10 reasons why you should adopt a network-based entitlement control and management platform in your enterprise.
Modern
enterprises rely on IT networks to compete globally. Corporate networks
need to accelerate business responsiveness by enabling rapid and secure
global connections to business opportunities, customers, partners,
contractors, employees and, in some cases, even competitors. The speed
at which enterprises can enable collaboration directly impacts the
bottom line. It can mean the difference between winning and losing a
market opportunity.
Many factors contribute to collaboration and decision-making delays,
the stringent demands of regulatory compliance and IT security among
them. Traditional IT solutions designed to meet security and compliance
requirements can be complex, labor-intensive, slow to implement and
cost-prohibitive. Finding the manpower and money to implement effective
security and compliance solutions is not always easy, and these
projects can create as many problems as they solve.
Software-based versus network-based solutions
Many enterprises opt for software-based entitlement control and
management solutions to enforce policies across applications, systems,
file shares and servers that exist within corporate networks. This
approach can be complicated, cumbersome, time-consuming and costly
because it requires IT to touch every application and resource. IT also
has to resort to server and client-side agents and, frequently, custom
application coding for implementation.
To help enterprises mitigate delays caused by traditional
approaches, vendors have developed new breeds of solutions that are
network-based. These solutions are network appliances managed via an
intuitive GUI application. Like its software-based ancestor, a
network-based entitlement control and management platform allows
enterprises to adhere to stringent compliance standards while securing
sensitive data center resources. But, unlike its predecessor, the
platform accelerates corporate responsiveness by keeping pace with
global collaboration demands, is simple and fast to deploy, is
operationally simple, and comes at a fraction of the cost to deploy and
manage.
Entitlement control and management isnt going away. Without it, the
data center would be open to any user logged into the network,
regardless of their need to know. The following are the top 10
reasons why enterprises should adopt a network-based approach:
Reason No. 1: Cost-efficiency
Network-based entitlement control and management platforms can be
deployed transparently. Because there is no need to make changes to
network topology, or deploy client or server agents (nor resort to
custom coding), the network-based approach can be deployed on a broad
scale, enterprisewide. It can be deployed without imposing a burden on
IT to spend thousands of man-hours configuring each application or
resource.
Reason No. 2: Speed of provisioning
Entitlement control and management is based on a broad range of
user, environmental and resource attributes (such as role, project,
citizenship, location, file, delete command--just to name a few).
Network-based entitlement control and management platforms can enforce
policies at run-time through interoperability with existing directories
such as AD and LDAP--a capability that expedites the policy
provisioning and enforcement process.
Reason No. 3: Breadth of coverage
Because network-based entitlement control and management platforms
are deployed in the data center between the user and resources, policy
enforcement can be executed at the transaction level for all users
across the broadest range of applications and resources. Rather than
having to enable entitlement control application by application, it can
be implemented throughout all enterprise applications.
Reason No. 4: Massive scalability
Because there is no need to make changes to network topology, deploy
client or server agents, or resort to custom coding, entitlement
control and management is provided at the speed of your business. The
network platform operates at multi-10G-bps levels of performance in
order to accommodate the stringent demands of the most demanding data
centers. During peak traffic surges, computer resources can be
dynamically adjusted to meet massive demand and ensure that SLAs
(service-level agreements) are met.
Reason No. 5: Simplicity
Enterprises deploy thousands of collaboration, Web 2.0, file shares,
legacy and custom applications across corporate networks. Each
application or application set has coding considerations. Because
network-based entitlement control and management platforms deploy
transparently--with no changes required to applications--policies can
be defined, enforced and administered without having to reach out to
every application deployed. This significantly reduces time to
deployment and switching costs.
Reason No. 6: Compliance
Sarbanes-Oxley (SOX), the Health Insurance Portability and
Accountability Act (HIPAA) and Payment Card Industry (PCI) standards
are three of the most complex and stringent regulatory compliance laws
to which many businesses must adhere. Each requires enterprises to
maintain security over sensitive data and produce comprehensive
auditing logs. Network-based entitlement control and management
platforms not only enable policy enforcement, but also provide the
ability to produce comprehensive, business-language, policy-based,
per-transaction logs to support forensics and auditing needs.
Reason No. 7: Increased productivity
Because network-based entitlement control and management platforms
can be deployed transparently, with no need to make changes to
applications, the network-based approach frees application developers
to focus on application development. Externalizing policy enforcement
in this manner provides many advantages to application developers who
can call on the network to deliver policy and logging services to
multiple applications.
Reason No. 8: Availability and performance
Network-based entitlement control and management appliances can be
multicore, with massive throughput, supporting many millions of flows
in run-time. The high-performance nature of these appliances supports
Gigabit Ethernet interfaces for ease of connection to data center
switches and routers. A network-based entitlement control and
management appliance is typically 10 times faster than traditional
approaches.
Reason No. 9: Transaction support
Network-based entitlement control and management platforms can
support both user-to-machine and machine-to machine transactions,
ensuring that enterprises can apply policy enforcement to all
transactions. Support for machine-to-machine transactions is crucial in
the data center and in SOA environments where servers often make
requests to each other (for example, for algorithmic trading or to look
up a bank balance).
Reason No. 10: Centralized management
Network-based entitlement control and management platforms can be
managed from a single, highly intuitive GUI application to administer
policies--and to provide delegated administration--across the broadest
range of resources and applications in the data center (or multiple
data centers), as well as to produce comprehensive, plain English,
policy-based, per-transaction logs to support forensics and auditing
needs.
Shane Buckley is president and CEO of Rohati Systems Inc.
He has more than 20 years of global executive and general management
expertise, having held senior executive positions in the United States,
Europe, the Middle East and Asia-Pacific. Before taking the helm at
Rohati, Shane served as COO at Nevis Networks Inc., a leader in network
access control. Prior to that, he was VP of Worldwide Operations for
Juniper Networks. Before that, he served as the international president
of Peribit Networks, the leader in network optimization. Juniper
Networks purchased Peribit in June 2005 for $385 million.
Prior to Peribit, Shane served as CEO of Conduit Software, a
provider of directory assistance and wireless applications solutions.
Before that, he was VP, EMEA, at 3Com. In this role, he managed a $2.2
billion business unit and was responsible for 3Coms distribution
strategy, OEM partnerships and reseller channels. Shane also chaired
3Coms Global Distribution Council, was a member of the companys
worldwide OEM steering team and served as 3Coms head of operations for
the Asia-Pacific region based in Hong Kong and Tokyo.
Shane is a frequent speaker at high-level industry trade shows
and events such as Gitex, CeBIT and The Wall Street Journal Europe
conference. He has also contributed to many magazines and news
programs, including MSNBC, SABC and Middle East Business news. He holds
a bachelor's degree in engineering from the Cork Institute of
Technology in Ireland. He can be reached at shane@rohati.com.
Enterprise Applications 
