Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


How to Match Your Security Needs to Your IT Infrastructure Budget



 By: Jeff Prince
2009-03-05
Article Rating:starstarstarstarstar / 3


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
2009 promises to be a tough year for IT departments. With the economies of the United States and the world in turmoil, economic signals are weak, IT infrastructure budgets are tight and staff resources are limited. Yet the need for network security is greater than ever before. Here, Knowledge Center contributor Jeff Prince explains how to match your security needs to your IT infrastructure budget.

In this current economy, business practices that have led to increased efficiency and productivity have simultaneously led to an increase in security risks as well.

For example, organizations are making ever-greater use of contractors, auditors and collaborative partners. These outsiders become, in effect, insiders; they can access an organization's network, run its applications, and access its proprietary and confidential information.

Also, offshoring adds a new type of work force that has much higher turnover and is less visible than the inside work force. And this new work force can access the company's IT resources. Plus, the ability to store data such as customer and patient details, product designs and financial information online, and access it over the network, puts intellectual property and private information at risk. Convergence also leads to risk. Vital services such as voice calls that run over the Internet are at risk for data attacks that can lead to denial of service (DoS).

In addition to increased risk, many businesses face more stringent regulations than ever, applied by both industry and government agencies. Add up all these factors and the need for security controlsand documentation of those controlsis obvious. But the controls cannot place such stringent constraints over what people can do on the LAN that they prevent staff from getting their jobs done or otherwise hamper the business.

But how can IT reconcile the need to improve security with today's economic realities? Luckily, the latest security developments may provide an unexpected silver lining to the economic storm clouds. Shrinking budgets and intense economic scrutiny are forcing IT to look beyond the status quo. Enterprises must examine their purchases carefully, and demand cost-effective innovations that will improve the security of their information and other assets.

Resource Library:

New perspectives on security

Taking new perspectives on security issues can help IT negotiate the tradeoffs among security, budget and business needs. Indeed, some of the latest developments in security can help IT improve access control to protect information and resources without breaking the bank, exhausting the staff or stopping the business from operating effectively.

1. First, do no harm

This old adage that doctors live by definitely applies to IT security. IT needs to look for ways to layer in tools that tighten security controls but that do not break existing systems. Tools must not force users to adopt new behaviors, require any changes to the network infrastructure or require a heavy investment on the part of IT to deploy.

Today, a number of security appliances are easy to deploy and use, snapping into any network and allowing IT to identify users, apply role-based access control policies, and document all user and application activity.

2. Be open to innovation

When a mature, successful IT infrastructure is in place, it's easy to take on a "let's do things the way we've always done them" mentality. After all, the way you did things the first time around worked and you chose the right vendors, so why tamper with success? Many IT organizations stick to the same infrastructure vendors year after yearand write big checks to them year after yearwithout ever investigating alternatives.

But when times are tough, it pays to break out of that mindset and take a hard look at every upcoming network equipment capital purchase. Innovation is happening across many parts of the network, many new vendors have entered the market with excellent security solutions, and IT may well find just what it needs from these new vendors. Incumbent network infrastructure vendors need to extend and protect their existing customer and product base, and thus are often not the leaders in innovation.

3. Think integration

Perhaps the most dramatic example of innovation is happening where the majority of users access today's LANs: the user edge of the LAN. Integrated security solutions that provide network connectivity with intelligent control over users and applications can perform multiple functions. They enable IT to ensure access policies are enforced, control non-user devices such as printers, and track all activity of specific usersby nameacross the LAN for trending, compliance and accountability.

Integrated security solutions also can dramatically reduce capital outlay, since IT is not required to purchase multiple systems. Integration also improves IT's efficiency and lowers the management overhead of running multiple systems by simplifying tasks such as troubleshooting, compliance and supporting converged networks running voice over IP (VOIP).

Integrated security appliances enable IT to improve control over how the network is used while adhering to the "do no harm" adage. And they do not force any changes on the underlying network, even though they are implemented in the infrastructure.

So be willing to consider new and innovative approaches to network security that won't force you to change your network. Look at all your options. Investigate the operational and cost advantages of products that integrate multiple security functions. Ultimately, taking these steps will help ensure that IT is protecting the company's online assets while spending the IT budget wisely and well.

Jeff Prince is Chairman and CTO of ConSentry Networks. Jeff holds eight industry patents related to networking technology and co-founded three of the industrys most innovative networking companies. Jeff has more than 18 years of experience developing networking and ASIC technologies. Jeff was a founder of Foundry Networks, where he lead Foundry's hardware engineering group. Prior to that, Jeff founded Centillion Networks, which was acquired by Bay Networks in 1995. He can be reached at prince@consentry.com.





  Reader Comments: How to Match Your Security Needs to Your IT Infrastructure Budget
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Jeff Prince
 


x}ks㶲*Q3C)%[X'ciƙVi)S$IVO/Oon|AK~$6Fh4!;I"ntcnQ?sOG3齿O$7}Lk9UQ#C3W)92 E]0eNZnDz:pD7d>J`OS{Su)5'Ӡ? Qm_6g2z9ޯ3 fE63F6IEk9JGDqERG{EQ>߱L㘄-:;|7*UN83p{f_ʞC%k4ًqGw?0{/<Pcw̪0}Gdh9[P;Uyaeh -\r."Lѽ[@ *YNrDƞICKh;Fýб}:|p `rJ*JXtGL: nK>1`:x =3~4dȢq/!_Cp`eFWF=2}hG' :a;6]fu~ƷPNAGc"Sk9ˑ,FpF94GU(DžaV+{6{2q#gֺޅRR5MQe*Gq7Z} nm19x] Z>g}rܺ 7;AڼYJL~%?QQ- Y|/LZ@GS::Y'v{jtjzQҏZJ-oZՂhZAAr,f3}3+i*U$vߔM-~k~:CJ,[sA-5 衄Ġt19zqsּyi_67=rֽ&iř{Ά0pgs 䏵V pO{:$~|Yz>5409;RRJjG$է)I|S8fI~>w.!}O}nr2GrI/o"$cM|`Ap6 2X~`]vЎRljZmT7o`H2 f4 .ͻZp-Alo K(H)5?&`Mil&XJp7Ӕ}̗U/d`(AK/g- 5t*軨(If0;A0<^f/_\RG 1 p1S{n2.sd>U<8vw,u"մ޹-~4CށؓYtjUOVǫ #KEHYf7-wI0ꨦ騕Kt ~|"<‹JUU _1q-~~j0B m]& :V}y0`h vz?3Ϩagnۉ!9~tDAG66^lzK $ ,70}HOQI$7X8=sOv/|TaPn-UD%i-DCw 0Ie&3@yGLν݂23fC?F{7t( u,/= 0/ Z- Be^~}̢8sB7}`t҇&Qc>>Ԇ!~~9.b&+A/tSt=JIA }At"BђF 4  gsX"C"'' [AX+ʫ aä\,2=bq ! g bxvn ){TKh+K@f:34YIJMGѺń(VFNDl0Vj)();eڷP,MmEc7˅L4 +׬uPL g<)*[hu< ):ȭOs1r@@SrH1g0dz?Ѝ;Oq=1:37RtfZC+>q^i:[Lg˦zkfXؽ/ 7b@2Km *4@0V_Xvo jQtW0&T em:fZGJ]D!1~ha2(_MpSw{{jA_ܰ큡K*+jS#5E+:,Wfn  (!r?-j(6 3XSq;hzE>wH{Lcg@~P9s?Q,C,8c4)L>Eװ HZQ{)u&\$(e\8V,'Ё*8t5u{yqؿXYZ®tِ/xVp ;Dۣh2f ñiHuߴiF̫EUXOE}T5F" D ȸla,ri L*gXs>Qid^0RcPxP߄3sHL$`ǎ73] %aauܧ^ۨM`섏k 5o`" 2l3s&/ft|tE% i4qXPR&S4Z0@턇4`Hڸ/|P"X 8|Ї> B K'"R*c`Es ǖYCǖbTیЂ[|P*'i~Ò?DBCizi}~هF9C!_'PPo?E*JP)džVRbP-˨߬Ps1)'@S$f|`g<ڗ_ޝ?4j c:70t*tȕ`s|eLFjAB;<JB4By^YpQ.Q8f!(87~Ɋd3 خ crFmhv~:N(kUPΓeO0FGF'%:"pwC(2GԻ5ebՈG:`JEWFlu+ln?`gT086 ([wOܕ?ܶ RD71PUL xg4sfDcK6jU+'A&GlEVjIk->Q} 2!`OR)&JQ) `zVEZ1~ HǞ1}]>ṱ4N7/UU^SG;:9&!GTжU0Hz6.q̑砊IZ'2N*,E%B(NY HXٌʇr {[3/0ւGAh|?T\SGV:N<ݠ1p BM41HO}ʧ!GQռi0T˅ZT< +8rm4rOk,ZvۀKkpo9 -2j>uR@%erIMq {a/;CnK-%.@^ذ:z6]ܒ(t]4.7 21$v ˽'jH@KYPVVJU@iI+T Zy̡2a{і$}/\EI'sSfn G`_A|7=#Sj$·RPAkb;vO;a>&1 ƈkS@Kx@Fe!r]N6[_)rZ8YPX9H(P Yz>Gɷwnh‰/lCXx|{ `?K{c$ $"zдb=.=2fV(Xō?hhqN w>C81A A D@";n߱?% ?S-l8F#t}/+i7G}e_:kt_u_u{~{yDDмxޏ %<jԾl~>"c>^w?]6v&Ӹoٷ)P K Ncbw}ɾ2z~j4ˏ56|v: 72DH4|w;Nq})}ڽ^x}ْW's=B DH#䄬W!zN/ZfS L k;d8)(hdju\8`&ziR_KٺĂKӜ$"J?N3$nx0GSkޚ8 V`!旁wPH2>(_1aXHT dDݻh|de؋n/2 m! D785S*PW2REHIAϚu_f| bt<~Ut"ڿPa~C<B<M_q<& ]l=8,rl%uF;LdNlp l_{`EcrF4- Í7"tSϭkԛ#25 &r֚SE[@-{B[QJ;ޣd e~=m0첰nIlx4c%r)!MOp|L(k'IZV6X(4%!44QҌObCYA*C' һj\npVPt._xvIq%1h dgKU 3 KQk i"TH>a')-#*VZRZ-V6yʏhqz])LU9"y?9UղĶ3 = m{'M{q?K8t2Ti\'sXrw{ѺB ?݁M5=ICw5chJNj=/5g3@ \:`A)cn ~]ު9Eqܘx,3uNiimơ8 J}~l/It6Djy[f{wCWȪ̙S.{ۋ~g#S^q:-< &nuoǥ4LZY>]dKwP;_zŞYiQu9/s\-"nZ\⽸|90.=y$/Av} ,D>?G{oD:*p&޹ gI[Ɯaҩ|B'g}ãޑ)=<_a"5ԊN ӘxCj(Eňj9&K~ž=X Xz퓍gMk (ߙ#C (iF '~v&L( IFwTx1 ; t3-?" ;qJ3s} SNЙ߲_i^|_N rML>ɺke}6{ j6ZnkAD]ǾN`\1Gd(΀,~SDR}(P>NPɘN0_BdDdAW7AgyYuL ;RYm!%iYrh׆.V#(+a>Xf0j9֙vV#oܹI+q KMJ" H,IlvًĽ=7 X%8IOT)81E3mƐܮل#^$:"+ ))y TK f$OA1&xF}Y L kOt,KShY^+&&W;gEhYmޠwx?Ȯ@-L}!$v!~;ZZT N;.ˬI aB4ͳuۦK=U-!*8PLL'oރբ A+,$aްd̒'xur8%g(se,UDCx4%^ /J^pz;dRIU%>y/g_e92h&@nEK# 5| et)@3}Ds+]> (5|VIf>FASAbHDd7=_> q$a< EZd㳬ʹˇZ'4/KC|MF(<Dic  ,$t\t)q+)K.ytjmTJe?)mަ`\vd`ʅt;$&LbE B=I罿; kےKiX2o u58=CjRT =ZB IKK*WR!9|'!Pm0#;ބ~qdxz&n{ -_^ֆ]>V$LG#~N訕:ف9VMeϳEHD$Lsb%Pb)?'Pce[j,،0{My2X0t`:L(zeSO+4ӴZU3de C|n-I /㠾+)ʯ'~Q4Q3lk52*%”kE KRYa#D4BFD/ 7Q#oV>k!žS|-YD,Wcl3b3^ p|_>W/-Xm̫ʌk], {n/ZHŒf;GTsH>NO7+[&9Po]uKJx1_9.!Auk:Cuhs4@ lO!L<1P@$2hԟVx)R !?TJS3-}J 2qX>2C%|_ Ԗtb.~h"ݲ}t&[Ŝ/5QÔ";Z9|$!H" y,*B|;D*Z'a+d;ޜsK%Ql0qaGbxޛ7؞%zVO~uKz1Op"~?ň3TA+]:,4 5Z.=PݤGD\sD13ĐDt1h 6BD섀.KQH\nt_,AuUKji t_6,H}M>oNKkkkkƽN[Z\ZF1*W= ~~zc4׎C G5zF{GhxM lH|Dl88bTŭ]^}:7(G6*Meb1DWWxU^dGoh[V|}g^X ?>P_D]7GlɢHh lv$G#r-+[kk<Y,9eeYƒy3݆z ƗY'6 [IHgs;wNPcEX1̭-fdn+b+V^ph=yW`A|`߱1 נ 8bEu~3^"Ҷ'Z߷87X6ְ̫d=IGI7mq*)Zap]|rEcco"61^#a;^=ե{#L4.NeãE*Z@9* eTZWqiKZP_h | ךΐ[?qñŃMO$g8. 2ä?&L1HHͦ0i":6M^97*z@RJ~v/(|g\ t;8v/J&j~h!W:$8-?t(p +GO𷊛q'H|#E<盩oD4ZRFaw9Ƕ5Vƫcmc7LyM13цX50yfDZGaUv̈́󄾋7Zz9Z<HsS587Z}n:t4z&3[TvXɟY՝;ls c'?tkeL٦ƗRµuIʥ rQ Dc'&E"#m#*r ~RTKʱߡ<ƌDtđՊʡ fGGŒ *Z#x[ǜpbBK.xړGF~~dŢvXR#o鞵0pX*l@Qј1e؈>PP,(jz;eOeˡWǪcj+鱚Ǿ3Ak qٔr +^Tc$7 !L]ufs; !Qf;6vfbjs>ѽ^P;8{9~+ۋuNhO1VY%\d3+nUm}yVң]%Ft .ȹn붩th3LO82uT>#V̯mR߃q>&[Q{Z> 1+qk'gQOro¨`*³x]A9(TD~LJ/tX0/b-=-#e< w{̥7f?= .yN9cǃ"Ba=X@:>IoH@]U# `xoLz Ѿ Eo]*!Kp(M$X vm7r[ ,=!>a:$.+Jގ̃  [z.p5:(̪C^!&W醾.sSy-r)G)򏷣Z˞RU ƈn_fÐs{VMŰD¤ c 4Q?cMZfE< ,i P 6@א0H`lgR#IA!9S"#kȚ36\Ob/уTm_16Fnŷ^(l8xc||P"51XJ.VE@_-G,(B5D*%n67PFͭ03L\Yej xpƧx})lE@͇33f;. l9 :@Lg >򽉡:ςlQغ9P MꊂOJ 2,=Vb0Gwy |wTfI3{8~eROr%-ruV0`A-'i92fg4t\K ̑~@|LBz،PnquuuI]Zwzݾ귻uѽL֚_ԝniYuuݾgRf&E`<eJF9ũ'\ «X]dpxixɎ(bh,.6ɾt{$G0%lyї51o(6񏉊Fyllŵv#g5^L%!u>7~V C+sXmnLt!>E.Z}ҽlIJ/6./22_2ʯzsi(QޅnF9RzsypleB3Y~>B?f'(7zQkg3ˌr;?rz_ ]1?'cɂdddɠg'>G/3?gCyF?(d^f%e\]f_O7CtAt3U}\W_\gO诟A埀>eg(U1πrߛ o2ڿɠ = >k\IFy1W?ɠb Ee৬rXB]eWTk6:5DQ3[ %ňC?8[ =ݴ}FGzY.U~͸QPc^u= !Y>Y"x|s&pJ!J80|HM׳pNR?аs3@t=h{A|7q X1Y&HΝҡer)wwrH;""C ATMVYI0ZI QPफ़h[iRo膖 yVi8an%[z"z%~@NL6j"9/cA6of)3^FսD<'M~ m1q;N@UG0P$=Cb K,Hĕ Ma Okd9HR=I*4uMfβْ4szn%0)% KBlPՍFoU^-!Bv @ă|U`-<>,R2GdYEl,XoͨD % %m^Πb_sԷeEQ&PL¶=G)JqK3yHR͠_[=$sDs݅ ߠ(b/<% * >ߺT+@g ߅ϩnSfrMA{g&ٱsӘ1L1А8v2COA=t ύke[a O2C24wVulם@ dd9e7 }1]wN:ۓ|?Oe Mt8/o9kn>7Q$L{ izQZˤ`+슧~0qGĶ2C|R0͜UpvRvcdLwfø) 3/: '8BU(]ۼ#6s/>^|˼kAўYnw0w>L/#]ZFc`p ۂ{ꐏXiWeJpC)tO˞˰ANx3AEWk^rXѻ"gPs:#vKѺ V7"!a^n1n-/ـ9&@s=֏*.uf94m#* XGڢF QaW:~ib=yꞁ=ve+{@760* <Ǹ9-o@>{~w1Ǹ 0tcz7^?Wͳ-lI12#, $8zIW{{a0&iE㨤t`C v_̉~ph;?S'NR(t>f cJ\g'ۂ~G+2G S<"Y4/`y#xV%ʷJvdzU Z-^chX$֬"K깘#gy= `5>gvC%z1w~n0ѕD1F(g,1.f Ax&=`#hxj<nh1 d'kIK#795GB iF 5cP.|X-%B@: εx CG,$?ˋ} byx Uf )VS/ρ.ȟ$3}E.tqea Vt*Nz/f?Pu/YӾrC*gUώ7z_Za}BeFBl4*7њE:?CKғO.RXB^ZP$Du $RzWf}1Y/7L~} Whc<[Wy &Fk5U+iD;idMn+:cQEae=*V}01{6JܖmJPUN9KIk^iLNƇ̚ڱ wm<lx61(*