Enterprise IT departments prefer best-of-breed security technologies. That's been a statement of fact for as long as it has taken information technology to evolve from the mainframe to the network.
That statement of fact may not be holding water for much longer, however. Rumblings of all-in-one security appliances are getting louder as companies, vendors and analysts wonder how much they can integrate into a single box.
Vendors like Symantec, NetScreen, Teros and Nokia already offer appliances that integrate a firewall, antivirus protection, Internet content filtering, intrusion detection and virtual private networking technologies.
Respected analysts like Gartner Inc.'s John Pescatore have predicted that this decade will be dominated by hardware, much the way software was fashionable in the '90s.
Users in small and midmarket companies, meanwhile, will also be attracted to the efficiency and ease of manageability of security appliances, said InStat research analyst Jaclynn Bumback.
"That doesn't mean independent devices are going to go away, especially in high-end [enterprises] because of their requirements for throughput and having the newest and best technology," Bumback said. "At the low end is where we'll see integration because of smaller IT staffs or fewer security-specific IT staffs."
Bumback said by the second half of this year and early into 2004, integrated security appliances will feature VPNs, firewalls, application-layer filtering, intrusion detection and intrusion prevention systems. By 2005, she predicts antivirus protection would also be integrated into appliances, and by 2006, more content filtering and bandwidth management capabilities as security and network management continue to merge.
Some users contacted by SearchSecurity.com, however, are initially reluctant to hop aboard the bandwagon.
"The problem with this solution is like the problem with any Swiss Army Knife idea. If that is all you have to fight off bears, open wine and file your fingernails, and you are 1000 miles from civilization, then the all-in-one black box makes sense," said Gene F. Townsend, president of Gene Townsend IT Consulting. "But would one vendor provide the best antivirus, firewall, intrusion detection and open my wine -- all at the same time? Me thinks not. Of course, for those that don't have the time or inclination to provide best of breed, perhaps it makes sense."
That degree of integration has some users concerned. That will keep appliances entrenched in the midmarket for now, they said.
"My sense is that an appliance for corporate IT infrastructure security is still some time away, and in its final form will likely look more like a service than a product," said Gerry Bliss, president of Bliss Informatics and chairman of the security and privacy committee of Canada's Health Informatics Organization. "Infrastructure heterogeneity, the rate of technical and business change, the proliferation of external partnership-driven connectivity and the proliferation of information protection legislation continue to put the "do everything" appliance out there with the Holy Grail. More likely, short term successes will emerge in identity and policy management, and services like strategic patch management that offload drudge work."
InStat analyst Bumback said interest in appliances will evolve as threats change. Now that the virus problem has been countered for the most part in the enterprise, administrators must address new methods of attacks on networks and how to defend against those.
"It used to be that you'd have a firewall and it wouldn't let anything through, but now we're seeing applications that require they be open to traffic from the Internet [from customers and business partners, for example]. They will be open to new vulnerabilities too," Bumback said. "Now you've got IDS and IPS that are inline doing application filtering to find attackers and address the changing landscape of the network in general."
Meanwhile, Bumback and several users predict that best-of-breed technologies will remain the domain of the large enterprises for some time.
"I guess if I were in a small organization and fed up with dealing with multiple vendors that were always chasing after the Fortune 100, a security appliance is a good choice -- maybe the only choice. If I'm part of a large organization, the clear choice becomes much more muddied."
FOR MORE INFORMATION:
FEEDBACK: How interested is your enterprise in an all-in-one integrated security appliance?
Send your feedback to the SearchSecurity.com news team.
Dig deeper on UTM Appliances and Strategies
IT Decision Center
IT Decision Center