Managed Services
Weigh security options
Enterprises are looking for alternatives to traditional security methods.
by Jim Freeze
IT teams charged with securing their networks are increasingly asked to do more with fewer resources and to protect critical information assets with extreme efficiency-all while facing a constantly evolving threat landscape. The traditional enterprise approach to security involves internal ownership and management of security appliances and security software. Enterprises today are increasingly looking for alternative solutions that meet all of their critical needs, including high reliability, best-of-breed software, scalability and lowest total cost of ownership.
The traditional model that enterprises use to secure their traffic-heavy networks involves ever-expanding racks of appliances connected by load-balancers, switches, cables and redundant hardware to ensure reliability. Each instance of each security application-including firewall, intrusion detection/prevention, content filtering, antivirus, antispam and others-requires its own appliance. To meet best-of-breed requirements, each type of application might come from a different vendor, as well.
As network traffic grows and strains the performance of the security system, enterprises are forced to add more appliances and the necessary support hardware. In this model, appliance sprawl yields chaotic network architecture, a change-management environment that is difficult to adapt, and an inflexible infrastructure that is costly to maintain and scale.
Many enterprises turn to unified threat management (UTM) technology to avoid the appliance sprawl of traditional approaches. UTM technology offers a single-device approach, eliminating hardware for each type of appliance and eliminating multiple management interfaces.
While this model enables multiple security applications to run on a single box with a single management interface, these UTM devices can struggle with scalability. For many enterprises, especially those in demanding industries such as financial services or retail that require the highest levels of performance and uptime, this is an unacceptable alternative.
To ease the burden of IT security, some enterprise IT teams are looking to carriers for alternatives to traditional security methods and investigating their managed security service offerings. Deployment methods for these carrier services vary, and each offers a distinct set of capabilities and advantages.
Carriers are also looking for networking solutions that enable the delivery of reliable, high-performance security. While some will opt for the traditional appliance-based model, others will employ UTM solutions, and some will use high-end next-generation security platforms. One caution: Not each option will deliver the same results to the enterprise customer.
High-performance enterprises want the best applications in each class of security software if they are going to limit their security risk. Additionally, this software needs to run with ultra-low latency and with a minimal network footprint. True in-the-cloud security services, and the benefits they offer to enterprise customers, can be difficult to realize via traditional security hardware.
Some carriers are turning to a new breed of security platform, one that is capable of delivering massive scalability and performance, while providing ultra-high reliability and availability-the next-generation security platform (NGSP). These systems enable the delivery of multiple best-of-breed security applications from within the network cloud directly to enterprise customers via a dedicated chassis purpose-built for security. For enterprises using these managed services, this means no more security software and hardware management hassles.
NGSPs combine network blades, control blades and application blades to efficiently process high-throughput data streams, while adhering to security policies, enabling carriers to customize security services applied to each of its customers' data streams. NGSP hardware and management software are purpose-built to streamline security processes, setting up literally hundreds of virtual instances of multiple best-of-breed security applications within the application processors. This virtualization eliminates unnecessary appliances and supporting hardware.
The virtualization capabilities within these platforms make use of all the application hardware resources, enabling quick failover and high reliability. Next-generation security platforms preserve best-of-breed choices, offer unparalleled performance, five nines of reliability and linear scalability.
The resulting benefit to enterprises is clear: They can be assured delivery of outsourced security services that enable their IT staff to focus on more strategic security initiatives.
Jim Freeze is vice president of marketing for Crossbeam Systems, Boxborough, Mass.
For more information
(click here)