- Windows HPC hits top 10 among supercomputers
- Ruby on Rails rolls into the enterprise
- Mobile phone chargers are energy vampires
- 10 IT security companies to watch
- Researchers getting the lead out of electronics
Enterprise connectivity is exploding, driven by globalization, convergence, virtualization and social computing. As corporate perimeters dissolve, the security focus switches towards application and data-level security solutions. The question to ask is what are the longer-term implications for network security? Will it become redundant or could it grow more powerful? Only one thing seems certain: It will be different from today.
Who needs network security? Why don't we just build encryption and antimalware protection into end-points and simply enjoy open networks? From a security perspective that's always best and it's in line with the Jericho Forum vision. But in the real world it's not so simple. At the very least we need protective measures in networks to guarantee availability and performance. Beyond that there is huge potential to deliver value through security features in networks.
In fact there has always been more to network security than users realize. Fallback, monitoring and filtering are ever-present but invisible to endpoints. Many application owners believe their systems operate on top of a pure IP infrastructure, but nothing could be further from the truth -- enterprise networks are heavily structured.
Today's network products boast an impressive and growing array of single-point security solutions, ranging from simple authentication mechanisms to full-blown identity management. (Learn more about identity management products in our Identity Management Buyers Guide.)
Taking advantage of network-based security features is difficult in that geography and topology are major factors. They dictate ownership boundaries and legal jurisdictions and it's hard to establish a set of choke points from which all network traffic can be monitored or controlled.
Management domains don't map neatly onto the precise scope of application systems and legacy equipment presents local incompatibilities. Nevertheless, gateway devices are a convenient point for securing central databases. And complete network coverage is not always essential for value to be derived from security analysis because useful intelligence can be derived from samples of traffic.
There are also distinct advantages in locating security measures inside networks. You gain a richer picture of user behavior, enabling individual user activities to be assessed in the context of a broader community. In fact, visibility of events and understanding of context are the keys to effective security and risk management.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment