Network Security Evolving to Unified-Management Approach

Spyware and adware infections have become so widespread on enterprise networks that corporate IT departments are beginning to reinforce their network perimeters with a better mousetrap.

This security strategy, known in IT circles as unified threat management, puts multiple layers of hardware and software protection into one package. Using this strategy, IT officials in medium to large companies can apply an exhaustive, bundled approach that layers security by combining software and hardware.

A white paper analysis by security solutions company ServGate notes that infections by spyware, adware and malware are increasing at an alarming rate.

Choices Available

The cloaked combination of these three types of infections creates what security agents now call a blended threat. They waste bandwidth, drain productivity and present significant risk of sabotage to enterprise computers.

The cost of this added packaged security is not cheap, however. Depending on the product selected, the size of the deployment and the options selected, prices can range from a few thousand dollars to more than 10 times that amount.

As the notion of unified threat management becomes widespread, more security companies are offering products that address a layered protection scheme in a suite of software and hardware combinations.

For instance, ServGate, along with two other Internet security companies — Checkpoint Software and The Barrier Group — offer innovative anti-intrusion products that present an all-in-one threat management approach that includes protection against viruses, adware and malware. They also include spam filtering and Web content filtering.

Following is a description of the product offered by each of the three companies.

The Barrier Innovation

The Barrier Group, a young Ramsey, Minn., upstart, recently capped three-plus years of research and development in releasing Barrier1, a new software and hardware combination preventing intrusion that combines 29 vulnerability categories in network hardware and Internet connections. These categories combine with continuous updates and constant remote monitoring.

“There are many outstanding IP security solutions developing. But no other product puts 29 points of protection into one product,” Steve Sahl, president and CEO of the Barrier Group, told TechNewsWorld.

Among the 29 categories are Dynamic Host Configuration Protocol (DHCP), Intrusion Detection System (IDS), Host-based Intrusion Detection Systems (HIDS), Service proxy and cache server, Anomaly trending and detection and Encryption at all levels.

Barrier1 is the result of three years of design, research and testing. It is available in different hardware appliance sizes and software combinations to fit the networking configurations of enterprises from 150 to 10,000 users.

“We don’t demand that our customers use all parts of our technologies. Users can choose from a menu of [software] items,” Sahl explained.

Pricing can start as low as around US$8,000.

Case Study

For the 9,000-student White Bear Lake Public School System in Minnesota, getting a unified threat management solution in one package from The Barrier Group was a no-brainer. The school district has some 4,000 Windows and Macintosh computers tethered across its 13 campuses.

Chris Hautman, manager of technical services for the large suburban school district, was not happy with the patchwork approach that was in place. Network management was handled by Novell Border Manager, with Cyber Patrol added on for content filtering. The district was using two proxy servers and Check Point firewalls.

Subscription renewals were coming due for the multiple products. Hautman said The Barrister Group’s 29-in-one strategy caught his attention for both ease of use and the cost savings over using separate products.

“We installed a Barrier1 configuration over the last Christmas break and haven’t had any problems with it,” Hautman told TechNewsWorld. “With the old security systems, we would lose our network connection whenever the servers crashed.”

Hautman ordered a configuration that includes content filtering, intrusion protection and anti-spam services. He is still using a separate software product for virus protection.

“Nothing else I looked at comes close to the flexibility and the price. It’s almost too good to be true,” Hautman said.

He added that another security product he was considering cost $8,000. The Barrier Group’s product was one-tenth that amount.

Adding Up the Points

Check Point Software, based in Redwood City, Calif., markets security products that compete with Barrier1. It announced on April 11 an enhanced version of its integrated security software product, Check Point Express CI, for mid-sized businesses that now includes antivirus protection.

“Worms and the like don’t discriminate by business size. It’s important to understand that small- and medium-sized businesses [SMBs] today face the same security threats as large corporations,” Bill Jensen, product marketing manager for Check Point Software, told TechNewsWorld.

“The SMB cannot be forced to choose between less expensive security that doesn’t provide the protection they need or enterprise-class security that they can’t afford. What they need is something that will protect them against today’s threats but not break the bank,” Jensen said.

Check Point Express CI provides an easy to deploy and manage software platform that comprises vital security features designed for mid-sized businesses.

These features include a built-in firewall, Virtual Private Network (VPN) and intrusion prevention capabilities with an integrated antivirus protection. The network-based antivirus protection is designed to ensure that inbound and outbound traffic is free of worms and viruses.

With this added protection, users can perform real-time scans of e-mail (SMTP), Web (HTTP) and FTP traffic for possible threats disguised within legitimate content.

Prices start at $4,000.

Gated Protections

ServGate, a Milpitas, Calif.-based developer of the EdgeForce platform, presents a different approach to unified threat management. It uses third-party software in its multi-layered threat detection products. EdgeForce offers spam and virus screening applications by McAfee in addition to Web filtering by SurfControl, intrusion prevention, Web caching, firewall and VPN services.

EdgeForce platforms also perform detailed content analysis to protect networks on multiple levels. It reconstructs data packets to discover any elements of intrusion threats such as viruses and worms. During this process, the software also performs spam screening at the application layer.

ServGate’s unified threat management platforms integrate vital security functions to prevent breaches at the network edge and extend secure communications to remote sites as well as throughout the interior of the network.

This consolidated approach places a security gateway at key access points rather than distributing security services individually throughout the network. This multi-level approach to security safeguards against both internal and external threats.

One configuration, the EdgeForce M30, is a hardware appliance bundled with Web caching and content filtering, antispam, antivirus, VPN, DHCP and DNS. The package runs on a full-featured firewall with McAfee software for virus protection and spam filtering and SurfControl for Web filtering.

The EdgeForce M30 is priced at $995 for up to 50 users. By comparison, the estimated cost of an EdgeForce appliance with spam filtering is $10,985.

Final Analysis

The concept of unified threat management is a developing market. No two companies apply the same approach to providing managed layered protection to networks against blended threats. However, the 29 threat-avoidance technologies in one appliance from The Barrier Group might be the most comprehensive solution.

“Fragmented, patched-together security products are expensive and inefficient. Enterprises need a solution that is both effective and delivers exceptional return on investment,” Barrier Group’s CEO Sahl said.

“By treating IT security as a single problem to be overcome, instead of a multitude of independent and unrelated activities, Barrier1 gives users comprehensive, cost-effective, and world-class network protection that adapts to meet emerging threats.”

So far, 10 customers in a vertical market have bought into The Barrier Group’s strategy. Sahl is confident that his company’s approach to supplying unified threat management will grow that customer base in no time.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Security

Which device do you use most for digital communication?
Loading ... Loading ...

LinuxInsider Channels