Security appliances continue to evolve, adding more features with every iteration. The newest product from Q1 Labs, the QRadar Network Security Management, continues that tradition.

More than just a security firewall, "QRadar includes an intelligent engine pulling together information on traffic and security incidents and event correlation into one common alert system." So says Jason Knight, managing partner of The Broadleaf Group, a network services and security firm in Houston with an office in Dallas.

QRadar is promoted as a new breed of security appliance that includes some general network management, traffic analysis and policy enforcement tools. Threat assessment goes beyond comparing virus signatures to incoming files and includes network behavior monitoring for atypical actions that may indicate a security problem. Q1 calls this its "Judicial System Logic" technology.

I asked Knight if that inflated-sounding title was more than just marketing speak. "It's a bit of marketing," says Knight, "but there's more to it than that." Early network monitoring tools caused as many problems as they helped solve because alerts weren't intelligent, he says. One router dropping off the network meant hundreds or thousands of alerts, each one calling attention to one device on the far side of the router that could no longer be reached. Modern tools are smarter than that, and "QRadar does a good job of integrating security and network monitoring details into a decent Web interface."

As companies and networks grow, network management often takes a budget back seat to expansion. Knight sees companies regularly that have no idea what types of traffic soaks up their bandwidth. Analysis with a QRadar or other network traffic analysis tool may show, for example, the majority of traffic consisting of peer-to-peer, music or video packets.

"We just had a customer ready to upgrade a data link from a fractional DS3 to a full DS3 for a considerably higher cost," explains Knight. "After some analysis, we found that three quarters of their traffic was non-business related."

That's Knight being polite. "Non-business related" sounds like consultant speak for, "Mr. Executive, your network's full of personal files that may be illegal, competing for bandwidth against spyware and virus payloads." Why pay hundreds or thousands of dollars per month for data lines, then fill them up with garbage?

James Gaskin writes books (16 so far), articles and jokes about technology and real life from his home office in the Dallas area.