Companies that use several different types of network security devices are often doing the same task several different times, according to an executive at one network security firm.
Christopher Klaus, founder and chief technology officer of Atlanta-based Internet
Security Systems (ISS) Inc., said some organizations use firewalls, anti-virus, intrusion detection or prevention systems and spam filtering tools to examine and analyze packets. Each device opens and analyzes the packet, decides whether to block it or allow it through, re-assembles it, routes the packet and then logs the result.
“”It creates a lot of complexity and a lot of repetition,”” Klaus said Thursday at the Canadian launch of the ISS Proventia-M products, held at Toronto’s Westin Harbor Castle hotel. “”With all this complexity, we’re finding a lot of organizations still aren’t protected, even after you put it through the firewall, and put anti-virus in place.””
The Proventia-M, which ISS plans to ship this month, includes firewall, virtual private networking, intrusion detection and anti-virus features. Next year, Klaus said, ISS will add content filtering and anti-spam.
Klaus predicted vendors will release more products that combine several security features in one, because customers will save money in the long term.
One of the major security problems for businesses is the time it takes to install patches on their systems, he said. ISS did a cost analysis and estimated an organization with 1,000 servers could spend nearly US$19 million per year on installing patches.
The estimate was based on four hours per patch, five times per month at US$80 per hour.
“”We ran this past Fortune 1,000 (companies) who said it’s actually a conservative estimate,”” Klaus said.
He added many network managers do not get a chance to install patches before hackers take advantage of software security vulnerabilities and launch attacks.
That view was echoed by Parveen Jain, president and general manager of Network Associates Inc.‘s Santa Clara, Calif.-based McAfee network security technologies group.
Jain was in Toronto Thursday for the launch of Network Associates Inc.’s end node security road map, held at the TSX Broadcast Conference Centre.
Network Associates’ end node security strategy includes software designed to secure clients and servers against attacks. Its first product, Entercept Desktop Edition, is shipping this month and is designed to protect against buffer overflows, worms and other security breaches.
Intrusion detection systems have come under fire in the past because many products simply report breaches and do not always stop attacks.
The McAfee Protection Solutions are designed to prevent malicious code from damaging systems. They are also designed to detect security violations from within the network, such as employees from one department trying to access another department’s confidential data.
Jain said network security breaches cost companies tens of billions of dollars a year, and these figures are only derived from firms that actually admit they’ve been attacked.
The actual damage could be five to 10 times greater, he added.