Multi-Layer Security Platforms

By | December 5, 2006

Furthermore, a considerable degree of a solution´s flexibility depends on having sufficient performance and capacity to meet the needs of the wide variety of implementation scenarios that may be encountered.

The key to ensuring an adequate and consistent level of performance is having a purpose-built system. To start with, this entails having an operating system that is pre-hardened and pre-tuned to best meet the needs of the specific applications (in this case security modules) that it will be supporting. However, it also requires having an underlying hardware design that provides sufficient processing power, memory, and I/O capacity not only to achieve rated throughput, but also to do so without incurring an unreasonable amount of latency. After all, without sufficiently high performance a solution will not be able to simultaneously provide multiple security services, including intensive application and content layer countermeasures, while still maintaining proper operation of the business applications passing through it.

This is why it makes sense, in general, for organizations to favor solutions which incorporate specialized hardware (e.g., ASICs, network processors) to accelerate as many functions as possible (e.g., general packet processing, content inspection, encryption), as opposed to using solutions which rely solely on PC-based hardware.

Of course no amount of performance will be sufficient if the system is not operating properly, or not at all. Consequently, careful consideration should also be given to reliability features, including: redundant components, support for back-up connections, high availability (active/passive and active/active), and stateful failover.

A Pragmatic Solution

The growing need to have more security services in more locations can be an expensive proposition. By their very nature, multi-layer security platforms are intended to help counter this issue by providing a way to obtain, ideally selectively, multiple security functions in a single, easy-to-implement form factor.

However, capital expenditures are just one component of a solution´s overall cost. A best-of-breed multilayer security platform should also incorporate features to help minimize operational effort and costs, including:

Centralized management, which refers to the ability to remotely manage multiple devices at once and also includes other scalability features such as hierarchical policies and flexible grouping capabilities;

Unified management, which refers to the need to have just one set of management applications, even to administer different classes/sizes of devices (e.g., branch office versus enterprise perimeter versus data center); and

Advanced management, which involves role-based administration, event analysis and correlation, and detailed logging and reporting capabilities.

In addition, ease of use should be a pervasive characteristic, exhibited uniformly across hardware, security modules, and management applications alike.

Significant changes in the threat, technology, and regulatory landscapes are forcing organizations to implement an increasing array of security controls in an increasing number of locations throughout their business environments. In response to this situation, organizations should be reassessing their definition for and use of best-of-breed security solutions. Indeed, security strategies based on heavy use of bestof- breed point products are no longer ideal, particularly in terms of cost and security effectiveness. Instead, enterprises and managed security service providers alike should be embracing multi-layer security platforms – particularly those exhibiting high degrees of flexibility, performance, and cost effectiveness – as the new best-of-breed solution when it comes to securing enterprise computing environments.

Leave a Reply