Skip Links

Network World

  • Social Web 
  • Email 
  • Close

Architectural approach to security on the rise

A new way of managing security
Network/Systems Management Alert Network World , 07/27/2005
Sign up for this newsletter now!

Senior Editor Denise Dubie guides you through the latest developments in management tools and services.

  • Share/Email
  • Comment
  • Print

Because it is constantly evolving, the IT security market is crowded with a mind-boggling range of technologies and tools. An enterprise’s ability to adopt new technologies is often limited by the management challenge posed by the scope and variety of options. This, however, has resulted in an opportunity for security vendors - by enabling them to promote security architectures.

The “architectural” approach to security refers to the integration of disparate but complementary security tools into a managed whole. From the Trusted Computing Group’s Trusted Network Connect initiative, to Sourcefire’s “3D” suite, security architectures integrate a risk intelligence center with a combination of defenses and proactive risk management such as patch and software maintenance, all strategically deployed and interfacing with enterprise authentication services. This holistic approach enables IT to more fully realize the benefits expected from the use of many available options.

Infrastructure vendors have been among the most vocal proponents of the approach, as evidenced by Cisco’s Network Admission Control (NAC) effort. More recently, these same vendors have begun to drive “up the stack” with an architectural approach to application infrastructure, as with Cisco’s new Application Oriented Networking (AON) initiative. The reasons are clear: enterprise and Web applications, like security systems, require the integration of moving parts into a coherent whole. This is an approach that lends itself to infrastructure, so the fit has much resonance in the market.

There would appear to be synergy between the architectural approach to security and the emergence of integrated application architectures. Yet up to now, the application security market - the ground on which these trends would be expected to converge - has been characterized by products that tend to be point-centered rather than architecturally oriented, such as application firewalls.

That is changing as we begin to see Web application security products that more closely reflect the architectural nature of enterprise applications themselves. Breach Security, for example, is a vendor with a new class of application security products that can monitor application traffic and distribute security controls to key points throughout the application architecture. This differs from point-oriented inline protections, in that monitoring and control can be separated and distributed across an application architecture itself, rather than depending on a single inline security enforcement point.

Denise Dubie is senior editor with Network World.

  • Share/Email
  • Comment
  • Print
Partner Content

NetScout and analyst Jim Metzler have teamed to deliver a series of IT Briefs on Network and Application Performance Management leveraging research from NetScout’s nGenius & Sniffer users.

www.netscout.com

Metzler on CIO Priorities

The top five CIO priorities based on a survey of NetScout users revealing CIOs' top priorities and what they think they should be. Also includes interviews with CIOs of large organizations.

Read the Report

Metzler on Application Delivery

How to eliminate the stovepiped or siloed nature of application delivery from both an organization and a technological perspective.

Read the Brief

Metzler on Network Troubleshooting

Overview of network troubleshooting that provides an assessment of where we are, and where we need to be relative to the complexities of today's IT challenges.

Read the Brief

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed