Cover Story: Enterprise Security
Security gets more defined

As more enterprises open their networks to the outside world, it becomes imperative to deploy security solutions at various levels, and to continuously monitor these levels. To address this, security has evolved from point products to end-to-end solutions. by Brian Pereira

If you scout around for information or security solutions today, you'll discover that there are best-of-breed products (like firewalls), integrated solutions (like VPN/Firewall), and security measures embedded directly into network elements. The market no longer belongs to only the best-of-breed product vendors. Now others like networking equipment vendors and connectivity service providers have jumped in.

Computer systems vendors like IBM, HP/Compaq, and Sun have embedded security in their various solutions. Networking equipment vendors like Cisco, Nortel Networks, Enterasys Networks and 3Com offer products with embedded security. Even software companies (like Microsoft and Computer Associates) have security initiatives; they’ve embedded security in their core offerings. Connectivity service providers have added managed security services and end-to-end security to their portfolios.

Capt. Raghu Raman, Practice Head, SSG, Mahindra Consulting, says there will be four types of players. At level four (the lowest level) there will be the product vendors who sell stand-alone or integrated security solutions like IDS, firewall, anti-virus, etc. At level three, you'll have connectivity service providers. These will be companies (like HCL Comnet, Satyam, Wipro, etc) that build networks/connectivity. The second level will comprise of managed security services providers. High-end consulting (with sub segments) will be positioned at the topmost level/first level.

SECURITY SOLUTIONS
In this article we write mainly about the level four and level three players. Here's a listing of some of the security solutions available in the country.

3Com
From the 3Com stable there are perimeter firewalls, website filters, and embedded firewall products. For protecting the perimeter of your network, choose the 3Com SuperStack 3 Firewall for enterprise environments. Small businesses may choose the 3Com OfficeConnect Firewall DMZ or 3Com OfficeConnect Cable/DSL Secure Gateway. To help control website access, 3Com offers a content filtering software subscription service.

Cisco Systems
Networking major Cisco Systems now provides comprehensive end-to-end security solutions through its security initiative called SAFE (Safe Architecture for Enterprises). It has products for perimeter security with their appliance firewall (PIX) and software (IOS) firewalls providing for fault tolerance and stateful (no loss of logical continuity) fail over; Virtual Private Network hardware concentrators for dial-VPN and point-to-point enterprise-VPN for large scale tunneling options, VPN client software; high-speed Intrusion Detection System which are available as stand-alone appliances or printed circuit blades in high-speed Cisco switches with continuously updated signatures; Security Policy and Security Device management software systems for defining and managing security systems. All Cisco security products support de-facto standard encryption and PKI packets.

Computer Associates
The CA security offerings are clubbed together under its eTrust brand, which is CA's suite of security solutions. CA offers advanced technologies to secure the e-business infrastructure through the eTrust Identity management, eTrust Access management and eTrust Threat management solution sets. All of CA's security solutions provide a platform for building, deploying and managing security as part of the larger task of managing an organizations e-business.

Checkpoint Software
Checkpoint offers VPN and Firewall products which are positioned at different segments (enterprise, small business, home, service providers, verticals etc). These products are backed by support and training services.

In India, you can buy Checkpoint solutions through Ramco Systems.

Enterasys Networks
Enterasys offers the Dragon Suite of Intrusion Detection Systems and integrated security routers. Besides this, the company offers holistic security solutions through an initiative called Secure Harbour.

Secure Harbour offers an all-encompassing approach to information security, and not a traditional point-product solution. With intuitive intrusion detection features as well as reliable firewall protection, Secure Harbour leverages the inherent security found in Enterasys' best-of-breed solutions to provide total coverage for your enterprise.

McAfee Security
McAfee, a division of Network Associates, offers anti-virus products to protect companies through a multi-tier virus defense system. This system includes VirusScan for desktop protection, NetShield for file server protection, GroupShield for groupware protection and WebShield for Internet gateway protection.

The McAfee products are centralized at the management level through ePolicy Orchestrator (ePO) which allows customers to manage and enforce corporate virus security policy, updates and reporting. All McAfee products are backed by the McAfee AVERT team of research experts who conduct anti-virus research.

In addition, McAfee ASaP, a division of Network Associates, offers managed network security and availability services for corporate e-business infrastructures.

Nortel Networks
Nortel Networks provides end-to-end security solutions for enterprises and service providers. Its security products basically
eliminate the delays that are associated with comprehensive screening. Nortel's security portfolio includes:

• Alteon security clusters - This includes the Alteon Web Switch, Alteon Integrated Services Director Appliances and purpose-built software that accelerates a variety of security applications while integrating management and control.
• Contivity VPN switch - VPN, Firewall, Bandwidth Manager and Router.
• Shasta 5000 BSN - Also plays a part in network based security market.
• Alteon SSL accelerator - SSL offload and acceleration appliance.
• Alteon Switched Firewall - Firewall appliance.
• Partnered with Symantec for anti-virus.
• Partnered with ISS for Intrusion detection.

Novell
Novell has range of solutions that address various customer needs, from setting up a firewall, to providing single sign on, to integrating PKI technologies with its edirectory, to setting up a secure Identity Management infrastructure for organizations.

Novell's security portfolio comprises of the following:

• Novell BorderManager - Firewall/Proxy/Authentication services)
• Novell Ichain - Web Based Access Control and reverse Proxy)
• Novell Modular Authentication Services (NMAS)
• Novell Secure Login - Single Sign On)
• Novell Secure Access

nSecure Software
This Bangalore-based company offers intrusion detection (nPatrol) and vulnerability management solutions. nSecure's solution helps organizations comply with security policies, efficiently administer users, reduce vulnerabilities and prevent intrusions—all with the goal to provide maximum protection of information assets throughout the enterprise.

RSA Security
RSA Security offers authentication, Web access management and developer solutions/encryption.

Authentication: For this RSA offers two products: RSA SecuID and RSA Keon. The former protects network resources through two factor authentication (tokens, smart cards and software). RSA Keon software is a family of interoperable modules for managing digital certificates, and creating an environment for secure electronic transactions and communications.

Developer solutions/encryption: The RSA BSAFE line of SDKs (software development kits) provides all of the components required to make any application safe and secure. RSA BSAFE software is embedded in today's Internet applications,
e-mail systems, commerce servers, VPN products and wireless devices.

Web access management: The RSA ClearTrust solution is a unified Web access management solution. It is designed to centrally control and manage user access privileges to Web resources.

Symantec
Symantec has been known for its Norton brand of anti-virus and desktop utilities. But in recent years the company has entered and quickly taken a lead in the enterprise segment. It now considers itself to be a leader in Internet security technology, it provides a broad range of content and network security software and appliance solutions to individuals, enterprises and service providers.

Symantec's security portfolio includes:

• Client, gateway and server security solutions for virus protection, firewall and virtual private network
• Vulnerability management, intrusion detection, Internet content and e-mail filtering
• Remote management technologies
• Security services to enterprises and service providers

Trend Micro
Trend Micro offers anti-virus and content security software and services. It offers products to protect the desktop, network server and Internet gateway.

Today Trend Micro specializes in high-performance, server-based virus protection with advanced management capabilities, scalable for any size enterprise, large or small. It also provides anti-virus products for consumers.

SECURITY SERVICES

HCL Comnet
Through its e-Secure division, HCL Comnet offers end-to-end security solutions and services. It considers itself to be a pioneer in IT security and a one stop shop for all enterprise security needs.

Its solutions offerings include:

• Perimeter security: IDS, Firewall, Gateway Virus control
• Content security : URL Filtering, Anti Virus
• Transit security : VPN, PKI, Encryption Boxes
• Access Control : Tokens, Digital Certificates

Its services include:

• 24X7 Monitoring and escalation
• Speedy response to new forms of attack
• Security Analysis by Security Experts
• Any time Anywhere Alerts/ Report Views

HCL Comnet's e-Secure division has premium partnerships with RSA Security, CheckPoint, Cisco, Netscreen, ISS, Symantec, Websense, Web Trends and Trend Micro.

ICICI Infotech
ICICI Infotech provides end-to-end solutions, encompassing all products/services necessary for implementing IT Security in an enterprise. Its portfolio includes solutions for security management, security forensics, virus protection systems, IDS, firewalls, single sign-on, PKI, 3A authentication etc.

The service/consultancy offerings include IT security policies & procedures, security profiling, managing security, security implementation, IS security audit, disaster recovery plan, computer forensics, enterprise consulting and training services.

Infosys
Infosys with its global delivery model (GDM) provides distri-buted project management and multi-location security expert teams to address the needs of information security management requirements.

To address the needs of information security management requirements of an organization, Infosys classifies its services as Ongoing, and Periodic.

Ongoing services:

• Security advisory and support
• Intrusion detecting and alerting
• Perimeter security management
• Managed anti-virus services
• Security software management

Periodic services:

• Security auditing
• Penetration testing

Patni
Patni provides end-to-end enterprise security solutions. It offers consulting, implementation and security management solutions.
Consulting Solutions: Patni consultants perform an information risk assessment and develop/design the Information Security Management System (ISMS) for the enterprise. The ISMS typically consists of:

• Information Risk Management System
• Enterprise Information Security Policy
• Enterprise Information Security Architecture including network security architecture, application security architecture, physical security architecture etc.
• Business Continuity Plan

Implementation Solutions: Patni consultants implement the enterprise ISMS. These would typically consist of:

• Implementing network security solutions like Firewall, VPN, PKI solutions, IDS etc. It supports a broad range of products like Checkpoint, Cisco, Symantec, Entrust, Baltimore, and RSA etc.
• Implementing Disaster Recovery solutions.

Security Management Solutions: Patni provides managed security services like remote management and monitoring of firewalls, antivirus and IDS through its Security Operations Centers.

Rolta
Among the various offerings of Rolta's e-Services division are end-to-end security products and services. The division also offers Managed Security services as part of its portal offerings.

Some of the products are:

• RoltaSecure Firewall Server
• RoltaSecure Intrusion Detection Server
• RoltaSecure Virtual Private Network Server
• RoltaSecure PKI Certificate Server
• RoltaSecure Network Monitor Server
• RoltaSecure Dial-in Authentication Server
• RoltaSecure SMTP
• RoltaSecure Single Sign-On
• RoltaSecure Messaging

These products have been developed in-house and are based on the Linux platform.

SecureSynergy
The information assurance company focuses on management- and operations-controlled security. Its services offerings include consulting, training, managed security and predictability management.

SecureSynergy is focused on addressing the needs of enterprises, specifically in Banking and Financial Services Industry (BFSI), IDCs, ISPs and government. Their portfolio of consulting services include security policy, architecture and audit; asset valuation and consequence analysis; threat identification, vulnerability assessment, penetration testing, risk mitigation and safeguards; continuity and recoverability planning; incident response, forensics, awareness and training; information assurance and risk monitoring; change management, and system life-cycle security management.

The solutions portfolio comprises security products that cover prevention, detection, and response controls ranging from anti-virus, anti-hacking, encryption, network management to storage area network, network attached storage, automated backups and media disposal products.

Ramco Systems
Through partnerships with various vendors, Ramco offers a range of security solutions. In addition, Ramco provides outsourced security management services through an initiative/division called RADAR.

RADAR has evolved a structured approach to design, provision and maintains comprehensive information security programs for organizations. RADAR's Managed Risk approach is phased and iterative to ensure that an organization's security strategy is in line with the business objectives and procedures and practices followed continue to be aligned with the organization's security strategy.

Ramco's product offerings include:

• Access Control/Authentication - Check Point
• VPN &, Bandwidth Management - Check Point
• Vulnerability Assessment & Intrusion Detection - ISS
• Anti-Virus/Content Security - TrendMicro
• Performance Firewall Appliances - Nortel Alteon
• High Availability - Stonebeat
• Employee Internet Management - Websense
• Caching Appliance - Bluecoat Systems
• Authentication & PKI - RSA Security
• Traffic Analysis - NetIQ

Brian Pereira can be reached at brianp@networkmagazineindia.com