Should IT managers secure their networks using products built specifically for that purpose, or should they look for switches, routers and other networking products with built-in security?
Some major equipment manufacturers, including Enterasys Networks Inc. and Cisco Systems Inc., lean toward
the latter option.
This makes sense for Cisco, which makes a wide variety of networking products but whose bread and butter is still routers and switches.
At its worldwide analyst conference last month, Cisco senior VP Charlie Giancarlo said security should not be about point products, but about an integrated approach, based on a “”corporate trust centre.”” For example, he said, an attack or anomaly could be detected by a switch or router with built-in security, or by an intrusion detection system that roams around the network.
Anti-virus, firewall, intrusion detection and other security functions are all an essential part of any infrastructure that’s connected to the Internet or any other network that’s susceptible to attacks. How it’s incorporated into hardware or software depends on what works best for the client.
Cisco isn’t a niche security vendor, but it does include security in its products. For example, the Catalyst 6500 Series switches and 7600 Series routers include an optional firewall services module. Enterasys’s Secure Networks strategy, which includes the Dragon family of intrusion detection products, takes a similar approach to Cisco.
Some users still take the point product approach. The Calgary Zoo, for example, installed Fortinet Inc.’s anti-virus firewall hardware after disposing of an obsolete Nortel firewall (For more information, please see page 12). In this case, the zoo chose a product built by a vendor that specializes in security.
More importantly, though, the Calgary Zoo had to tweak the security settings to prevent legitimate e-mail from being caught in the anti-spam filter. This brings to mind an even more important lesson about security technology: it cannot read users’ minds. It must be configured to watch for specific events, and to prevent specific things from entering the network.