Network behavior anomaly detection collects flow-based information from networking devices to root out abnormal...
behavior. NBAD demonstrates how a technology can gain traction when it is delivered as a key feature within a broader threat protection product rather than a standalone one. Sourcefire, for example, now includes NBA features in its 3D system. The Dragon Security Command Console from Enterasys Networks also combines IDS and IPS methodologies with NBA into a single product.
Overall, I think these mergers have improved many Web security product suites, which have quickly acquired additional functionality and sophistication. You can expect to see significant enhancements to many popular products, particularly when it comes to Web application vulnerability detection tools. We are also likely to see more integration in the area of security management consoles. System administrators' lives will be made easier when they can manage security settings from a single management dashboard.
Does all this present an opportunity for your company to get a good deal from a vendor? I definitely think so. Because attacks and defense technologies develop and change so quickly, no one security vendor has managed to become the clear market leader in its field. Plus the top risks are subject to change. For many years, for example, security tools emphasized perimeter defenses. Now, companies are shifting to internal network protection. Compliance requirements are also affecting purchase decisions. The variety of security risks prevent any vendor from charging a premium for its products. The volume of sales therefore is an important factor in any security company's success.
Before investing any of your hard-won security budget, I recommend testing and reviewing several possible Web security products and let the vendors know that you are testing their tool against possible alternatives. You will find that your bargaining position is quite strong, particularly if you include some of the excellent free, open source security products in your trials. Do remember, though, that your security policy – not a salesperson -- must dictate which features your Web security product should have. Also, you must be confident that you have the in-house skills to configure and manage the product that you finally choose.
Related Q&A from Michael Cobb
Expert Michael Cobb explains how an HTTP referer header affects user privacy and outlines changes that can be made to ensure sensitive data is not ...continue reading
Expert Michael Cobb explains the difference between the REESSE3+ and IDEA block ciphers and explores when each is applicable in an enterprise setting.continue reading
While cookies are critical to delivering personalized Web content, they are a privacy concern. Learn how adding Bloom filters to cookies can help ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.