Based on the products eWeek Labs tested recently, its clear that branch offices and smaller enterprises get more than just an appliance when they buy devices that combine a firewall and VPN technology with other security applications. The major quality that IT managers should look for in these products is how well disparate applications are combined to make a tool that works well.
In our review of Symantec Corp.s Symantec Gateway Security Appliance, a slew of components were well-integrated through a Microsoft Corp. Management Console snap-in. This made it possible for us to configure options and get reports from the components without having to learn different GUIs.
Because of the tremendous amount of consolidation in the security industry that started in 1997, most IT management tools—including security appliances such as SGSA—are like code versions of Frankensteins monster, with bits and pieces of various applications sewn together to make a coherent tool.
The good news is that most of the scars have faded, and the resulting products are not only easier to use, but they actually work well. Nevertheless, we advise IT managers to get the family history of the components before buying, because many of them have a track record that can help predict future performance and how easily theyll fit into the IT management mix. For example, we were able to speed through some performance tests because we had previous experience with Raptor firewalls. IT managers should also look for ways to leverage staff members previous experience with these products to reduce installation and configuration times, as well as getting better day-to-day results from the products.
One of the disadvantages of having the tools combine myriad features into one box is that IT managers end up having to buy more features than are needed or that overlap with already installed single-purpose products. This raises the question of whether to invest in new tools that obsolete perfectly good products—an issue that, in these financially constrained times, is particularly relevant.
In many cases, its probably better to stick with tried-and-true performers and either forgo additional capabilities or consider buying a one-trick product that can do the job.
Beware buying the latest loaded tool, lest the organization end up with appliances that use only a fraction of their feature set while eating up IT budget. Even worse, although an organization might not be using a particular set of tools in a perimeter security device, that doesnt mean that a cracker isnt going to find those unused features. IT managers who end up with multiuse appliances should be fastidious in disabling the unused portions of the product to prevent accidental exposures.