CrossNodes Briefing: Network Security Suites
There's a plethora of network security suites around, and each one boasts new technologies and capas on almost a weekly basis. Just what do they do, and what considerations do you need to take into account when you're deliberating on a purchase or deploying one of these creatures? Each CrossNodes Briefing is designed to act as a reference on an individual technology; providing a knowledgeable guide to networkers in purchasing and deployment decisions.
Security holes, data thefts, web site hackings, and virus attacks garner headlines almost daily. The FBI released a warning about a potential attack from Chinese hackers on May 1st. Microsoft recently announced a patch to repair a potential entry point to its server software. IT managers must decide whether each report is hype or fact and how to best deal with next threat. They need to implement a security plan that protects their data and servers without overwhelming the resources of the IT department.
Pulling It All Together
Several vendors now consolidate security software and devices into products called network security suites. Originally, IT managers installed firewalls as first line of defense. They supplemented this defense by creating a secure logon/password procedure for the server. Some secured transmissions and stored data with encryption. Most installed virus-checking software on the server and the workstations.
Unfortunately, maintaining all the security software and monitoring traffic needed to thwart attempted intrusions overwhelmed many managers. Each new threat seemed to generate a new update for the software or firmware for the security packages and devices. As vendors closed one point of vulnerability, hackers created a new entry method, triggering an endless round of updates. Network security suites can offer some relief.
The quality and comprehensiveness of the available security suites can vary greatly, however. Some vendors bundle components of the suite from separate manufacturers. Others do not provide a consolidated interface to simplify the control of the security products. IT managers must carefully assess each component of the network security suite. In addition, they need to evaluate how well they work together, and whether they will be able to update individual components. Further, they should look at the user interface or interfaces for ease of use.
Firewalls as a Front-Line Defense
Firewalls vary greatly. These devices can be software or hardware, and they help block unauthorized and unwanted access to the network. Some firewalls manage internal and external communications; others focus on external communications. The devices can include encryption, digital certificate management, and user verification. The devices also can check data, identify and block viruses, and block addresses.
Virus software forms an important part of the network security suite. While the firewall can detect some viruses, a secondary check remains necessary. This security is especially useful in preventing some of the virus that travel through e-mail attachments from trusted sources. Most experts recommend virus protection that looks for virus behaviors as well as known virus signatures. By identifying suspicious behavior, the software can sometimes flag new viruses that have yet to be defined and countered by the developers.