Intrusion detection and security management is rightly seen as a cost center, but with the right blend of tools and imagination, the costs can be leveraged to reveal significant performance management gains.
At eWeek Labs, weve seen that most of the products that provide security services—including detection and nearly every analysis tool—are based either on packet-sniffing technology or on log-file analysis.
These pure security products can help IT managers with more than security. Reports that show if systems are receiving the latest security updates will show a pattern that can reasonably be extended to other maintenance operations. For example, Symantecs Enterprise Security Manager can report on the status of its agents scattered throughout the enterprise. Even a cursory glance at this report can provide IT managers with clues as to the current configuration of the systems, in terms of performance patches, because security updates often require that the latest system patches be in place to work correctly.
In eWeek Labs Special Series on IT security, we recommend that systems be configured with as few services as possible. Simplifying system configurations—and, for that matter, infrastructure devices—means fewer "moving parts" are exposed. It also usually means systems are easier for technicians to maintain and upgrade.
In securing systems, we also gain a better understanding of how they work and how they can be tuned to perform more efficiently. This is especially true of devices such as routers, in which even a few minor changes that reduce the number of security exposures on the system, such as turning off unneeded protocol support, can result in surprising performance improvements.
Finally, planning and carrying out a comprehensive security plan requires a re-examination of the entire IT layout. IT managers can recycle and update blueprints that were used to prepare for Y2K remediation as the basis for putting together a security plan. Recycling plans, squeezing more information out of security reports and simplifying configurations can take the edge off the cost of defending the enterprise.
Senior Analyst Cameron Sturdevant can be contacted at [email protected]