/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsThe number of security appliances being deployed on enterprise networks is growing dramatically as compared to software-based ones. This is possibly an indication of a new trend in the security arena, thanks to the ever-increasing number of security threats. So much so that they might end up capturing a large chunk of the software-based security solutions market. Could this mean the end of software-based security software? Not necessarily, because both security appliances and software have their own share of advantages and disadvantages. Let's first take network security appliance. A security appliance is a hardware box, dedicated to some security function. Currently, the dominant appliances are firewalls/VPN boxes, IDS, and UMT (Unified Threat Management). Out of these, UMT has the largest base. The biggest advantage of appliances is the ease with which they can be deployed, just like a TV or fridge at home, or a switch/router in the office.
|
|
/pcq/media/post_attachments/386760c8ca77c6d1c68d2073e68dfccb00e45aaee668d8d9dd2864f3acad3988.jpg)
Simply plug them into your network, run through a few configuration screens and they're on. Appliances don't carry any over heads and only perform the function
they're meant to.
One major concern that's normally raised about appliances is on the updates. As security threats are constantly coming up, all security devices have to remain constantly updated to tackle them, otherwise they're as good as not being there at all. Most appliances are able to automatically update themselves directly from their manufacturer/vendor's website, provided they have an Internet connection. The concern here is that the administrator needs to constantly keep a check on the appliance to ensure that it's indeed getting updated automatically. Another advantage of appliances is performance. Since they use dedicated hardware for scanning all incoming and outgoing packets, comparing virus signatures, or running encryption algorithms if creating a secure channel, their performance is much faster than security software. However, this benefit is only visible when the volume of traffic passing through the appliance is enormous.
Another point that might seem like a disadvantage is that appliances have a high initial acquisition cost as compared to software. This may not be an issue for large enterprises with deep pockets, but it could deter medium-sized organizations from purchasing. There is one more fact, which needs to be kept in mind about multi-function appliances. Usually, an appliance vendor would not own all elements of security. Say vendor of appliance X has a great firewall technology, but doesn't have any anti-virus expertise. So the vendor licenses the anti-virus engine from another vendor and incorporates it in the appliance. While this may sound good, this can lead to several issues, like support. The vendor might service the appliance for its firewall, but may ask you to contact the anti-virus vendor for support. Moreover, in case the tie-up between the two vendors breaks, then you might be at risk, because you won't get support from either.
Security software on the other hand is installed on an OS like Windows or Linux, which sits on a PC or server. Since OSs are designed for multiple functions, they do carry a lot of overheads. So the network administrator has to put in extra efforts to do a lot of optimization and tweaking after installing the security software, such as disabling all unnecessary features, services, etc of the OS. Even before that, all hardware incompatibilities also have to be resolved, to ensure that the security software interacts optimally with the underlying hardware. Moreover, the cost of OS, licenses, PC, and server hardware also have to be borne. In most medium -sized businesses, the same machine also ends up being used for multiple functions. For instance, a server that's configured as a firewall or IDS can also be configured as a proxy server, or offer other services like DNS, DHCP, etc. This can affect its performance and make it more vulnerable to crashes. Plus, the administrator has to worry about keeping track of the latest patches and updates for all services, and has to ensure that the machine runs smoothly even after all updates have been installed.
All this may sound as if software based security is bad, but it has its own advantages as well. One is the sheer variety of security software available. The lowest price for it is free, because lots of open-source security software is available for free download. In fact, there are some dedicated Linux-based firewalls, VPNs, etc available, which can easily be installed on a PC. Like appliances, these are also dedicated to doing security functions only. They're also freely available, but the trouble there is that you have to keep track of their updates on your own and nobody else but you would be responsible if anything goes wrong. Here again, there are companies offering open-source security software, along with support.
So the bottomline is that while appliances are definitely in, they're not going to kill the security software market.
Anil Chopra, Associate Editor