Network Security & Hardware - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


How to Match Your Security Needs to Your IT Infrastructure Budget



 By: Jeff Prince
2009-03-05
Article Rating:starstarstarstarstar / 3


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
2009 promises to be a tough year for IT departments. With the economies of the United States and the world in turmoil, economic signals are weak, IT infrastructure budgets are tight and staff resources are limited. Yet the need for network security is greater than ever before. Here, Knowledge Center contributor Jeff Prince explains how to match your security needs to your IT infrastructure budget.

In this current economy, business practices that have led to increased efficiency and productivity have simultaneously led to an increase in security risks as well.

For example, organizations are making ever-greater use of contractors, auditors and collaborative partners. These outsiders become, in effect, insiders; they can access an organization's network, run its applications, and access its proprietary and confidential information.

Also, offshoring adds a new type of work force that has much higher turnover and is less visible than the inside work force. And this new work force can access the company's IT resources. Plus, the ability to store data such as customer and patient details, product designs and financial information online, and access it over the network, puts intellectual property and private information at risk. Convergence also leads to risk. Vital services such as voice calls that run over the Internet are at risk for data attacks that can lead to denial of service (DoS).

In addition to increased risk, many businesses face more stringent regulations than ever, applied by both industry and government agencies. Add up all these factors and the need for security controlsand documentation of those controlsis obvious. But the controls cannot place such stringent constraints over what people can do on the LAN that they prevent staff from getting their jobs done or otherwise hamper the business.

But how can IT reconcile the need to improve security with today's economic realities? Luckily, the latest security developments may provide an unexpected silver lining to the economic storm clouds. Shrinking budgets and intense economic scrutiny are forcing IT to look beyond the status quo. Enterprises must examine their purchases carefully, and demand cost-effective innovations that will improve the security of their information and other assets.

Resource Library:

New perspectives on security

Taking new perspectives on security issues can help IT negotiate the tradeoffs among security, budget and business needs. Indeed, some of the latest developments in security can help IT improve access control to protect information and resources without breaking the bank, exhausting the staff or stopping the business from operating effectively.

1. First, do no harm

This old adage that doctors live by definitely applies to IT security. IT needs to look for ways to layer in tools that tighten security controls but that do not break existing systems. Tools must not force users to adopt new behaviors, require any changes to the network infrastructure or require a heavy investment on the part of IT to deploy.

Today, a number of security appliances are easy to deploy and use, snapping into any network and allowing IT to identify users, apply role-based access control policies, and document all user and application activity.

2. Be open to innovation

When a mature, successful IT infrastructure is in place, it's easy to take on a "let's do things the way we've always done them" mentality. After all, the way you did things the first time around worked and you chose the right vendors, so why tamper with success? Many IT organizations stick to the same infrastructure vendors year after yearand write big checks to them year after yearwithout ever investigating alternatives.

But when times are tough, it pays to break out of that mindset and take a hard look at every upcoming network equipment capital purchase. Innovation is happening across many parts of the network, many new vendors have entered the market with excellent security solutions, and IT may well find just what it needs from these new vendors. Incumbent network infrastructure vendors need to extend and protect their existing customer and product base, and thus are often not the leaders in innovation.

3. Think integration

Perhaps the most dramatic example of innovation is happening where the majority of users access today's LANs: the user edge of the LAN. Integrated security solutions that provide network connectivity with intelligent control over users and applications can perform multiple functions. They enable IT to ensure access policies are enforced, control non-user devices such as printers, and track all activity of specific usersby nameacross the LAN for trending, compliance and accountability.

Integrated security solutions also can dramatically reduce capital outlay, since IT is not required to purchase multiple systems. Integration also improves IT's efficiency and lowers the management overhead of running multiple systems by simplifying tasks such as troubleshooting, compliance and supporting converged networks running voice over IP (VOIP).

Integrated security appliances enable IT to improve control over how the network is used while adhering to the "do no harm" adage. And they do not force any changes on the underlying network, even though they are implemented in the infrastructure.

So be willing to consider new and innovative approaches to network security that won't force you to change your network. Look at all your options. Investigate the operational and cost advantages of products that integrate multiple security functions. Ultimately, taking these steps will help ensure that IT is protecting the company's online assets while spending the IT budget wisely and well.

Jeff Prince is Chairman and CTO of ConSentry Networks. Jeff holds eight industry patents related to networking technology and co-founded three of the industrys most innovative networking companies. Jeff has more than 18 years of experience developing networking and ASIC technologies. Jeff was a founder of Foundry Networks, where he lead Foundry's hardware engineering group. Prior to that, Jeff founded Centillion Networks, which was acquired by Bay Networks in 1995. He can be reached at prince@consentry.com.





  Reader Comments: How to Match Your Security Needs to Your IT Infrastructure Budget
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Jeff Prince
 


x}iw㶲Dwgn)GnۖnΙs4 I)$?3b~Tঅt:oIBm( y$3W7-gB]snS;sa@ Z.%w>; (+o1mnf]( _hoL|Nშ :#:D.Rk2 Z575'4o/Nne0S.:Iq>*֠OմnI>شQ$1q@P.w@~Th= \2ITߦuB)~{Te䆡;g? W2/Fӽ8t[h #k~|E=x:Q/M+lဌl׸ڮUX'[vx)B(!bB]߂CCI%۝_I@ؓ&thm5b'b#Q^]õ]&R,R͌eCwt=POMҷBCLH6}~8MZQOK.m4ZNT_3'@8:)|E[5'0m_k|tfs< s~3 CoZ KUK&ԃ)}(p}=\'t(`_dY7;fؖqSth(͡u(~+www;1ݻ;ht??S*)J=,GA GnGkp[N^׵V8_}ꜝGkr ] o$& jDTV+Rp& Rc@G'I_GH5}(ĭ~ZhZIArija[E4f‰EU:Qs4hϦŠsuywȠs|zt |#9ĠVPAb`W+2hZt\/9uH{#)|v>5M0\ܱ¬8֪׷V׏`Ck'^3R?&:aZ+j庤~Fb;|io]~<:$ץcYn_3`םBi۲ܹ(BKEןȃ+a(7fhXӀ?$eR2z[&q, ߱n\S@`hNXѬZykA 4C+D_x0ND=ncf4I5 (,eg MHkM`3R荦o fzCCZ9nVĨ9USAeEI7CD r23yB(&PHQ>Ly%Ku}7p@e-}rlNTW꒬2Wb{H\zL'UM~?w8^%glh|X.B2iK1PW5MGZ'c󣯔~p^Trkh S2ud8İ1nұ>âx?0 t3ϼC|>55F㤞F!|emxqZ.S+ԍEXn`H`Ni1[W <ۋJPIxZ3xV=H:}m`~5$'@ -s'09wښA"Qފ]ӑ4a vhiqppyY?90»{`ޚꖭ,L<ħܠ{ԁ!~9.Wb&A/t[t}JIIL"D%  h4AGEBENlbo(gw$]VpDM'8܉;T>ڹ&,gQY,p[/)Pf%5{~4 cbB|#'&Xr`Y \d+|i)lb V)i儷iĨP^Cs2=WV*ZҧF(+?3w4,T:c_΍p?Y~8& 7R`JI1?,xPwc˰`b .z*H(q0ѿyEĞw(V֌5UƝWVVy'g)UWxVcC V6_2-C+NESr !:w'Ne?ZĿ\?ͺz+YX]۽x@r6viZZ @-ĿeYlc-׾k^ )/a|u("6XR$vϥӲ=CMD27е`5p?o\Re_` }dҶFohCMWj}s4  9P87S$l%U z4-}=_Tn618yRfn Ma)e.GTmg`m1Lx>x# d\46(V,'`#Cҵf; ҢY^S48~|4\u:#V!0\ zD30`-e?C{_=1}Z3YɰRVJ! 6D ȸau-`bc]Wѹq@8CL-s˙07uX8F_͆OCBU&Hy 8TQG.z]1 !WܕVR5󀻬3wdlrCxJREmx.)J%Ew` N 2$Ћ|h s}&njG[tC`ᘻ,OP o~QJ<窺G3> о N,(CR%C[Jp qSaVN dDfaNg¥0ck&&;[9*<ktݿy jm==#ݸ{r_"wsԷйdNkl C?9dN@u3 U s4NP&5߹r4hz]W4Giwṛ: ߀&?\qc`a#2"n=@7$k)VRV*X5@VN^A ұg /@C׳@.l̼QXCGVUeH4yģT3Cr_HVz\ g2|L΋Mo 4y ϔj@Qʣ",߸_V C=, =X畔Z94¢lz ztћIc#&a\ih 产Z}}b*WKU ~Vp8.i1Y+#t0ŕ,7" l ezפR/Jܦ厈@vG^Iў Bb2Q{L{]M;k]A Tcn?eFqªMluP U)7O]$T+IjYx>80xnDG}x$pM\&eѓr ]N7._Tj^0]PX9H(P Yr>GɷonjC<8 +Aנn)ɑ$ |ͤ D] y1Aqq^;.vOqaVwXj\.H݋v_|H`UUE[ꞷwh-6z_5ށ4 `i4~{HCLo>JnWOv{^F:'(BZ@F޹s޺z߽_>)CrֽH^'K֓!7YBVç=gUti)qfm2XG<2zqaxKiWf@ ڝ+N,SVXKS!}>#mP1õhLن;+^+[Z\f·߅B!bFgczH2VBL0B_XH!)$ze*KuR2MĔyk.NEl {6-~G( clwQ(bvҩ(IZ[Ű ݖ:`<5 2e?#S"\' 6L P,OҴy=#lQ1 i(K"ih$lbTȆJoNٺ6<5ަm晿BƗHȣ,P-I+JB$/CiA0 ǭHR#EhqeP>Xki)i[YUH+?vbƇ'%6 XTzH0Hr倜zq{~U׫۞ #H1Ń؍N~ڑq eީӊN|mu+KׅNo5!WC1kyR̵jПd#Aɼ}g7omT=eNd>IАZ=ty8!- Lݷ͆ؓ9̆{Jǻoc Ǯv'ۻw}Zw[q*ApMG@&b:`@Ɍ7#Oҁ{&-3(#F ߸_2{K#N7K}{U"O4v72]awmB%uJˢz9nwZhp;T%%YȁIQ)"y6Kh#jv.bo 14НLl*z>-3xL :6;x5t` aAXŀ0h7g\#9S1<#P` ܍1J "ic$H)Z4 M _56 Z7:a6 *|bZy☖aRoD֬1!IfM1XP|9ߌ9s{C4j Z*2kp+cSK//.̼V&S~2*w#_ƥE/.qh&pjowx7 r`f[|!rw emjJE+uyWwY>w1<OAӏJ~(oԱ;xOaIy@?6_B} us@Q4&:*J}n Z0!;\܇99㍯[HwLG\Ƴx_Q@$ z#{-AvJ&hq'`wg`!%-`8٦++alCY watJ-ߑo@}vrt辄KA')om4DSp'O.J`;<ލ2 .ÝE5[fǠue"c_|]0 w2@[?  VS @(,`J.MRT2&. yuYڕQ$ȧ4p[Hl&G8 TAgqkbuLd#JvGl+NCND;]ǒ7 ܤ︅v%v~ MOJd^I?yE^\Qk{ ‚J~'*Jj9ɻ4Kkr1$ky5 Rj&rDyvt]i/)rB`Y㱉œ< }0ȺMph=gd>,Wf)\@JI?L$ z=1q%""<''lJIE}rt9 fPHǠKBT:3҉nБHgk̈'$XKLޡh5i{"kD lp kՊt 28͉Fa!p)F8K-L~Ԧ#BO%lKպRWrh'1|`"bP0GVg_SbN"r0 _֔O{lb [w Vrny1UHI5bdJE@_$蕁'] Txf*uݺqN>4,'EBq,#R|= .P b6v$S`A}PVӝޢ' ZhcS'-UdN| B$1D H<!~=D*Z'a7+dǺ7틏0Kޣtw#- x$' ]/}SP@]OJɯnHYb75pGL1 x+],8 -RYJ6nѻ"n9`W_[҉EHC"z:/DD/[!M t^˘ZJ=F̒]Nޝ{<D I sfI/񞄬4:wi,ʝZ)տn'…U|1uڷaq^e_Fcn9hyCkհ\ cLVS.˭K">Oe^(էycj_ _cЫI7REo B]#8v}6"ӆonX}+(?4$VZo)[vLOK6eկz"fnzrׄ%T| ƿ2hr_|kND L$6B8B𛷿cV&$;6LHj~6}A+=V4: mX[`cX֊wy0m-mYѧ3.%x{WʲZZ&wRۀ6AmAȼ=KԬE5:&WJE:`K.#cqX箁RXz+{&Ⴣ%=݇^&]ݽ]1\`Ϊ7 5OZz_ڋKۨ_hVBkuߒ`26Z˶뿓$}mv`'rUX,hMÙ@t}œ3QjыDtrqv'z>»P;Crpя"xi=2݀wt*k+H%+so| Ϟ[?I%4&ϗEF? 3,M?C"cYl%PӬfo_`n2y+1uE3{Ga)wgsPwwiOAGq副mNL" B~]7Vqs4IndÈ'w|3]'0ňk)G>?UHU6^ۏo TŢW\@#!kjj`L4#z@]oq4lczD?SM}1w⋤>-V9E,+=6i[ }L]YLa!-(-~aIzS&{Lj$8qmEMm&^5 0kQ (&lRK'q/+CۏAE&Lj>A%fןУ̑Qc̦"f$xr"*]sN.vժJ]]͹O?,OH RkyK lc1 {[+cUAN2AGu x*GR!դFKVGZk>A5Rhsܴ5̈Gbv ]mz^C욲J[7ݬ5S.W@O[fkhPbͪNTpdͪ]ؓRc:-:fp찌?17H%;lsA&N~8͌/kRTPIV ק6:̽KeMDF0FJ j%V*C/CyQ߉8WVkRj*>5B][_NS^wnMz`!`ҧE2jɣv#OF<2rV2#aTX 1bZ<<}Q,mr)A׳߈|A^ <z9~Z2֛k!&1F:;XC @W&Hu#nAB:؝NC0+vb"m7\%pp|ڲVSo4Jv (`?OAr;c{±$ڌ=jX:?K)m#aiø>U&Q{V \ 1M_%Ƙ":}(W' n$,7\#P |¸*S7q+TjV7>2,wAG>p2zSR*=U+%= hx &̋(HKt<.:Ga6ɭ>F&sُp[3'Fΐ௅nX{+$ʽOg->P-bWldb$@^D_ٹt> =gs? >zxX2b9k `E66&*9Ja(peq ) !'@vq]QW-wFH]@aVZC8ܰJ7o8gkH0ג r;"|c4:.J])a#{C~b #:́ Z7iӂF$ЄGc~g~q79t)45A!<\AAcs}ŸHJ 1b10a9=g1;my^,aнT^26Faŷ~(l81<1cbHgHm*R').yDci 8^iN4X/=7,Xzoj Bp),f,ԪRD&uMCu]j9u\]À YQ^&"AӔ\ ^) / (HZ W{}KCHIPu0՝)h]^}&'+"'W<_u/98oWj[u|ܻ|ҽ\^u/&hL晾xQ(X7OGYFuavʜT{:.ͅdUx,yr8,tG_14ee$G0%lyї51o&(񏉊V}|l%6#g5^L#Ǯ#u7AkV CQrYmnz!>w:һIJ/΀r?@_+(Z_~JmS>X_;9P~s9?/?vmC9CL"~S?/?g9A5s3s{sy~a9?<ϡsD'(S~ 9䔟CyN9E^\E@rOK/G\}\%Uaa97k}G9 ?>S::~s/$)GAy+Zpz~;}sS^.4r\y~)P'9u(ϑgsV^V`{Jg+~W KN+ťfW*7yKxM}%kg[Z1iu bCa/ KPe^ٛLGP/<,Y}Mchto$.rd&}:=WWvl+x.*ܢ}:qOkXE9 8GX%ӚXn3'rc&6(s#h0 .Ǒrۿ剹?|K2yi8 ? { pm`L_W-ah0.: 7W=M̅\ڎwڝGf{ueePsvdmoCdx^$ٝzÀ}G]xZLܸpoQ^"#"@a050ŸeR 7㌰6ևǫ3{ C:We}=tF}Yʪ)N(Ѵ~PWEjnrh s{)螩zħ_ NW+ 7\xќ8w&; P7maIHkھZjZV 'Wd,#"2t`NϐDdU.Uzy 0XR^9Q(Fuo*#K0njE=u̐ga0V1;BDO"OӉ;fC$gWe",dƋaSOp^'Wv$` }pLB Psgq =q] XI5<ZA0TYǤK4l&Klɜ]k'b#'mg7'L;,O~f+g -ěn 4@[4Dr(9PǏǦa tOȹ`" >oє^\gCN*˗ X֭2/s˸ [2dZ jXJr 9;\x\$'@^~B3s{̪\DF}q!rE: i/hx7xW ,L0c2 B5ޙnǍqg0z98Ev͘N7))mĤjG[wzhLS,i_cErd9GU ZCQ(1]}&~.݆oxP -~ug+6bneW .rAK5 X =c7]˘ݔ%SO"K w`/ft]hT6?eY/'<41`&^_Ϙ3˙߳z l0CDa0'+xTb;`HIأlgJ64s ` CcKoϔ;>x*$]vu$$}9= zLgVߜRs7QH Д0.A 露#,zHTP{Hf@mM]-On=[: [WuvÌ# 1*;ԟ#1RWf345pb_"T+u@' ;؆OnS5r^dNAm{'jٲs9cbV)qmeGfӧZW-[@#5E`0v`eh# nخ;Oq^' 3>&rx{Koڇfn.;H|nHJUƧf2{;:o9kn>q$Lx Cr8vI 96%O-  `ꎈM@6i֘H\*,Dlf) K?Z/9qSg _((U@Dqg˫HvyGml<"^:uKW}Q'nGa|d[t%K^Fz%!ҶT)V#ʥ.Sܟ?C˻a҇fF_X (K# LIN8u vKѪ N7"!aNo0n%/$9&@ Rs=V*)vfe6r.*l XGڦZ-Qa[Anb=Oy꾉=e-{B70* <Ǹ9m@>{zw1Ǹ[0rczz7Y= li12#, $$jVI;;Q0&iE-ȓl`Cv_.~ph[?S+ NRQf7@ 'Ɣ ϰ"- smxDx^]"?P+xolw6k+Ѐ7HY[PE"10ON= !`5>g~C{%9w:nn0ѕD1F(g,1f wAx& =`#hxj"nh1 d'k%IKc79=GBJiF"5cP!|X]-nB@w: εx C,$ˋ} cyx Uf}')VS/́.?I&g\9ƕEyXqө8Yo>u.)ZwByһH'RI>Q}v4:~v҉.3Jbq')tߟVzW XٺqKZ_>^@ђuzWNJ]tEg 6A|>ǐy6=xL -2VѪwVVtƦI21qzRWk.yQ'b"mR? ۔̑r&s.c MW\e\)֦O*L㇅c>lgLt )2)v}mb-c6C-;%XB+