-
-
   Home
   Archives
 About Us
   Advertise
 Feedback
 Subscribe

Home > Cover Story

E-security moves towards simple managed solutions
By Brian Pereira

Enterprises are now more aware about security and are looking for sophisticated solutions that are easy to manage and implement

enterprises are looking for comprehensive solutions that are simple to implement and manage. solutions providers are addressing this requirement with Managed Services

Not long ago the word 'Hacking' was limited to the vocabulary of security experts and computer engineers. Today hacking incidents feature on the front pages of our dailies. The casual reader may sit back in awe, engrossed in stories about hacked police websites. But for organizations with large enterprise networks, every hacker's exploit is a dreadful reminder that network security cannot be 100 percent foolproof. Three years ago, organizations would buy off-the-shelf security products (mainly anti-virus and firewalls) and have their in-house engineers configure these for "maximum security." But as their networks grew or meshed with public networks, the number of entry points and threats also increased, calling for increased expenditure in manpower and infrastructure. Today companies want multiple layers of defense and go in for Intrusion Detection Systems (IDS), authentication, firewalls/VPN, virus protection, encryption, content filtering, vulnerability management etc. But as security solutions grow in complexity, organizations find it increasingly difficult to implement and manage them. The enterprise network security industry is now addressing this issue with managed solutions. Suddenly consultants and security experts are in demand indeed enterprise security is "serious business," as a security consultant puts it.

"Corporations have historically been concerned about protecting their internal data from accidents, but only recently have they realized that their data is vulnerable to (external) attack and is worth protecting, even at a high cost," says KA Ramprasad, Deployment Engineer, Apara Enterprise Solutions.

Hacking incidents have increased so there is more awareness about security within the enterprise, informs Milind Dikshit, Practice Head (Security Consulting), Bangalore Labs India. "Electronic security measures in today's corporate world is limited to anti-virus and firewall solutions. But the increase in security breaches, despite the deployment of anti-virus products and perimeter-security products, and news-making attacks on well-known websites, has led to an increase in the awareness of the various aspects of information security," says Dikshit.

The growing threat and concerns about security have resulted in a demand for security solutions and services. A recent IDC study projects that the market for IT security will explode at a rate of 1,400 percent in the next four years. Worldwide revenues for security-related commodities will grow from $66 million last year to $952 million by 2004. IDC expects this colossal growth to be driven by concerns about protecting intellectual property that develops as companies' e-mail, Internet traffic and content increases in volume and complexity. The increasing number of xSPs (ISP, ASP, Security Service Providers etc) providing these services will also contribute to the rate of growth.

Many consulting firms and security solutions providers are now jumping at this opportunity. In addition to offering new security products, they are moving into the security consulting and services space too. Traditional anti-virus companies like McAfee and Symantec have joined the ranks of enterprise security companies to cater to the security requirements of enterprises.

"Until three years back we were perceived as a retail company, but today the growth is really in the enterprise security market," says Joy Ghosh, Country Manager (India), Symantec. "Through a series of acquisitions we have evolved into an enterprise security solutions company with a full complement of security products. We have also recruited more security experts."

Even as corporations around the world take a more serious stance on security, the security solutions providers listen carefully to their requirements, revise strategies, pour millions of dollars into R&D, and then develop innovative products and services with tighter security. There are plenty of hardware and software security solutions, but in order to be really effective they must be properly configured. Today enterprises are looking for comprehensive solutions, but they must be simple to implement and manage. Security solutions providers are addressing this requirement in a number of ways, the foremost being Managed Services.

Managed Services
The opportunity in the Managed Security Services (MSS) space is big. In its report 'Where the Investment Dollars will go in 2001,' the Yankee Group predicts that the managed security service provider market will grow to over $2.6 billion by 2005.

MSS lets organizations concentrate on core competency rather than worry about security or spend exorbitantly on security infrastructure. With MSS an organization can count on the technical expertise and knowledge of outside security experts to remotely manage firewalls, VPNs and intrusion-detection systems. This can be done at two broad levels: firstly the managed security service provider (MSP) can remotely administer a security infrastructure at the organization's site via the Internet. In this case the MSP may host the firewall or other backend systems at its site. Secondly, the MSP can provide On-site security management services at the organization's site, just as third parties conduct facilities management (FM) for organizations. The organization may choose to outsource its security entirely, leaving the management and maintenance of its security systems totally in the hands of a consultancy firm.

Says Viswajeet Deshmukh, Country Head (India), Network Associates (NAI), "As networks expand, organizations will need to increase expenditure on trained manpower to manage security. At the same time these organizations want to lower cost of ownership. So we thought of an ASP model for managed services and a year back we invested $33 million in McAfee.com."

Through an initiative called McAfee ASaP, Network Associates offers remote Web-based managed services designed to ensure security of enterprise networks in the areas of anti-virus and firewall protection, VPN capabilities, and vulnerability assessment.

Symantec Security Services offers remote managed services out of its network security centres in San Antonio (US) and Epsom (UK). A team of security specialists in San Antonio can monitor a bank's network in Hong Kong, and keep a watchful eye for intrusions. All this is done via the Internet, with local support.

Companies like Securify and RipTech, which were traditionally into consultancy, now offer Managed Security Services. Even networking equipment giant Cisco has stepped into this area. And of course other security companies like Baltimore Technologies and ISS have also entered this space.

Though much is happening in the Managed Security Services space globally, the concept is still to catch on in India. Also organizations are moving slowly towards outsourced security management. Only a few ISPs and security solutions companies offer managed services here, and for various reasons, on-site security management continues to be the norm.

"Managed Services are still some time away and will coincide with bandwidth availability," says Vikram Watwe, Chief Security Architect, MIEL e-Security. "The basic problem here is the connectivity between the service provider's site and the customer."

Adds Avinash Kadam, Chief Executive (Assurances and Global Services) MIEL e-Security, "Today organizations are not outsourcing security entirely and are still trying to understand how outsourcing will be beneficial."

Confirms Symantec's Joy Ghosh, "Right now most organisations want to keep security infrastructure at their own site. In fact we are in talks with clients for onsite security and will send our security experts to the client's site to manage their security infrastructure."

Single Console
The management of security systems can also be simplified by having a single console. Today there are different consoles for various security components. In a typical scenario, there would be one console each for a firewall, IDS, anti-virus, content filtering, vulnerability management and so on.

"Our customers tells us they want to manage all this through a single console and we are working towards this," says Symantec's Joy Ghosh. "A single console gives a snapshot of the entire network."

NAI's Vishwajeet Deshmukh says a single console can offset the shortage of trained manpower. "As the network expands, companies will find it expensive to hire more personnel to manage the added infrastructure. With a single console you can sit at one location and manage all the firewalls on the network."

Unified management
As networks grow, authentication systems and security solutions get distributed, making administration a complex and costly affair. A new breed of policy management tools is simplifying management through a unified interface for all security products across the network. This helps reduce implementation time and management complexity, thereby lowering the total cost of secure computing.

IBM's Tivoli SecureWay Policy Director for instance, unites core security technologies around common security policies. It provides access control for TCP/IP and other applications based on the same, consistent security policy.

A solution from Kyberpass lets customers use solutions from different PKI (Public Key Infrastructure) vendors, and simplifies user administration.

Security Appliances
Another approach to simplifying management of security is to use pre-configured, hardware-based security solutions. Security appliances are more secure since they run their own software rather than depend on a server-based operating system. They are also faster since unnecessary software layers have been stripped off.

Today one can buy boxed solutions for firewall, anti-virus, VPN etc. Symantec for instance offers VelociRaptor, a Firewall/VPN appliance, McAfee is offering gateway protection for e-mail with its Webshield E-appliance series.

Says KA Ramprasad of Apara Enterprise Solutions, "Increasingly, customers want a single device to handle both firewall and VPN features as well as provide traffic shaping capability to properly allocate WAN bandwidth and deliver quality-of-service assurances.

Companies that offer associated networking technologies, such as switches and routers, are including firewall technology in their devices."

With plug and play functionality security appliances are intended to offer quick implementation and simplified installation. But first generation security appliances are just hitting the market and it remains to be seen if these will be truly plug and play.

Futurewatch
While the focus today is on multi-layered security solutions that are simple to manage and implement, tomorrow's solutions will be smarter and more proactive (See 'The future of network security').

The retina and fingerprint scanners seen in Hollywood movies, may not be as common as card- or token-based authentication systems, that are fast becoming popular. But yes, security (and that haughty hacker) will certainly be foremost in every CIO's mind.

Brian Pereira can be reached at brianp@rediffmail.com

The future of network security
As organizations get more conscious about network security, we will see new practices and trends in the coming years. Security solutions will get more complex, there will be multiple layers of security and organizations will outsource their security requirements. Here are some trends we can expect to see:

Outsourcing: Large companies will outsource their information security requirements, primarily intrusion detection, monitoring and response, and 24x7 management. "This is primarily because despite new training programs, the shortage of security personnel, especially certified intrusion analysts, will worsen as nearly three million new computers are added to the Internet every month," opines Milind Diskshit of Bangalore Labs.

Appliances: Network Security appliances will offer improved plug-and-play functionality. We will see more box solutions for firewalls, anti-virus, VPN, IDS and encryption.

Firewalls: Organizations will begin to move from a single firewall to a network of distributed firewalls and substantially outsource firewall management to organizations (often ISPs) that can offer 24x7 management.

Personal firewalls will gain prominence especially with mobile workers.

Proactive IDS: Intrusion Detection Systems are going to get more proactive. New IDS systems will be smart enough to understand how an application should behave and also prevent hackers from manipulating the application remotely. The administrator will create rules for each application, describing how it should behave. Agents will monitor all logins and will intercept system calls and prevent unauthorized file or registry edits from taking place. All this will minimize false alarms and also intercept malicious code before it does any damage.

Anti-virus: Worms and viruses will spread more quickly and take over entire networks. They will change identities and be more evasive. To keep up, the next generation of anti-virus products will move from traditional pattern/character matching detection techniques to behavior-blocking technologies. There will be better and faster distribution systems for virus definitions and submissions.

Wireless: Security in the wireless space will gain more significance. End-user devices will prove vulnerable but transmissions will get extensive protection through encryption.

Encryption: PKI will continue to steadily evolve and improve. In the next few years, this will become a prominent authentication mechanism. "PKI infrastructure and Certification Authorities will be considered as the base requirement for authentication," opines Rajeev Wadhwa, COO, Global E-Secure.

Network Design: Companies will redesign their networks to include security from the ground up and in all layers of the OSI model.

<< >>

- <Back to Top>-  

Copyright 2001: Indian Express Group (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by The Business Publications Division of the Indian Express Group of Newspapers. Site managed by BPD