Unified threat management, demystified - Network World

Skip Links

DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Security

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library.  Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Audio

Crackin' the Kraken bot. Listen now!

Network World's Newsmaker of the Week

Wireless dangers at airports. Listen now!

Network World Panorama

Additional Resources

RSS

FEATURED WHITEPAPERS

Auditing and Recovery for Active Directory: What's New in Windows Server 2008 NetPro

Windows Server 2008 is not intended to be a "one size fits all" solution and Microsoft relies on third-party solutions to enhance and extend Windows Server 2008 to accommodate functions like auditing, backup and recovery. Here, we look specifically at audit and recovery capabilities for Active Directory and learn where Windows Server 2008 toolset leaves off, and where the right third-party solution can provide broader coverage and enhanced management capabilities.

RSS

FEATURED REPORTS

Executive Guide: Storage Heats Up HP

Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.

RSS

FEATURED WEBCASTS

Reduce Complexity and Cost - Windows Server Consolidation with Virtualization from Novell Novell

There are many compelling reasons for virtualizing Windows and Linux applications. Virtualization improves server utilization by allowing you to run multiple workloads on a single physical server. It reduces the number of physical servers you have to maintain, while allowing you to use less physical space and power while still improving scalability. All of these capabilities translate directly into lower costs, less complexity, and greater flexibility in your mixed IT environment. Register below to learn more and be entered to win an Archos 605 Portable Media Player.

IT Buyer's Guides

View All Buyer's Guides

Free Newsletters

Sign up and receive the latest news, reviews and trends on your favorite technology topics

Save The Date!
What They Are Saying

what is wrong with you dont you like to read two inch text articles?- Anon3233

Join the Discussion

Unified threat management, demystified

By Bill Snyder , CIO , 03/24/2008
  • Social Web 
  • Email 
  • Feedback 
  • Close

Protecting the secrets of a uranium enrichment plant should be enough to keep any CIO very busy. But when Sarbanes Oxley mandated even tougher controls on databases containing key financial information, David Vordick, CIO of USEC, a $1.9 billion public company that operates a gaseous diffusion plant in Paducah, Kentucky, knew he was going to get even busier.

His security defenses are complex and multi-layered; and while simplicity is generally a good thing, it's not Vordick's priority. "Our philosophy is defense in depth. That means looking at multiple (security) products from multiple vendors. We can not be dependent on any one layer," he says.

Not every CIO has the same worries as Vordick, of course. But as regulations like SOX and PCI standards place increasing demands on IT's security capabilities, more and more companies are choosing to simplify network defense by using a security appliance that combines hardware, software, and networking technologies. U.S. companies spent $3.85 billion on network security appliances in 2006, an expenditure expected to nearly double by 2011, according to market researcher IDC.

As USEC designed its security architecture, Vordick and his team had a wealth of options. They could have chosen to install one or more UTM (Compare Unified Threat Management products) appliances, devices that handle multiple threats from a single chassis, or opted for a series of single function, best of breed appliances.

USEC choose a best-of-breed database security appliance by Guardium, plus point products from other vendors, largely because the defense in depth strategy meant that the convenience of deploying and managing a single device was outweighed by the fear of creating a single point of failure, Vordick says. Moreover, USEC sought a security appliance that would serve as a check on IT employees with privileged database access who might seek to view or change data without proper authorization, an atypical function for a UTM.

The choices regarding network security appliances are complex, but your decision won't just come down to a technology issue, says John South, senior security consultant for Plexent, a Dallas-based IT service management company. "The real question is how do we get our business done and still protect the corporation?" he asks.

1 | 2 | 3 | 4 | 5 |  Next >
Comments (1)
Login
Forgot your account info?

Guardium is the bestBy xmachine on March 26, 2008, 2:06 amGuardium is the best when it comes to DB monitoring. I've worked on my self recently. It could be deployed as inline-Fw to actively protect against unwanted DB queries....

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to moderator approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.
First Name
Last Name
E-mail
Zip Code