Management and security: Still separate but equal?

* Why it makes sense to use certain technologies to manage and secure your network

I've said it before and I'll say it again: It makes sense to use certain technologies to both manage and secure your network. Yet while vendors continue to provide integration between, say, configuration management software and endpoint security products, most companies are keeping the tools separate -- for now.

The trend is to more tightly integrate management and security offerings, but vendors will continue to offer two separate tools rather than one product. A recent example of this is Microsoft's news around its Forefront and System Center products. The company announced the expected availability of Forefront Client Security and System Center Essentials 2007, detailing that the two products are integrated and built upon the same management infrastructure based on Microsoft's Operations Manager.

But if management and security are two great tastes that taste great together, then why keep them separate? There is more to it than vendor's hoping to cash in with one customer twice. For one, most large enterprise IT shops already have multiple management and security tools. While they may be looking for better client security software, they may not be in the market for an update to their systems management software. Vendors, like Microsoft, realize they need to offer customers functionality in bite-sized chunks that can be digested by a variety of IT shops with myriad products.

"Enterprises have already made lots of management investments and are interested in leveraging them," says Jasmine Noel, principal at research firm Ptak, Noel and Associates.

Another factor, industry watchers say, is the existing IT structure will keep vendors from provide just one tool to manage and secure certain parts of the network. So while the technology seems to be converging, the IT organization is lagging a bit behind. Plus completely merging two separate IT domains could cause a greater shift within the organization than enterprise IT shops can handle today.

"Internal IT politics is often aligned with spending power," Noel explains. "If security solutions are so integrated with infrastructure management solutions that the security purchasing decisions are controlled by the infrastructure management budget, then the security budget -- and the political influence of security vice presidents -- dwindles. Obviously, there is little incentive to consider tightly integrated solutions without an executive mandate."

But that all changes when you move down to small and midsize companies who welcome integrated products that tackle more than one IT domain. The IT managers have struggled to get more out of point products and resisted the bigger time and money investment of frameworks. Offerings, like Microsoft's, which provide deep integration but also offer purchasing choices (you don't have to buy an entire framework to get benefits) would be ideal for smaller shops. While small IT shops have a thing for point products, the updated offerings and new level of integration could lure them away, analysts say.

"Microsoft is playing it smart with the separate-but-leverageable solutions," Noel adds. "The first vendor to nail the trifecta of extreme usability, integrated functionality and the right price point will break through the inertia – and look for point-product empires to topple like dominos."

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)