As more enterprises open their networks
to the outside world, it becomes imperative to deploy
security solutions at various levels, and to continuously
monitor these levels. To address this, security has
evolved from point products to end-to-end solutions.
by Brian Pereira
If you scout around for information
or security solutions today, you'll discover that there
are best-of-breed products (like firewalls), integrated
solutions (like VPN/Firewall), and security measures
embedded directly into network elements. The market
no longer belongs to only the best-of-breed product
vendors. Now others like networking equipment vendors
and connectivity service providers have jumped in.
Computer systems vendors like
IBM, HP/Compaq, and Sun have embedded security in their
various solutions. Networking equipment vendors like
Cisco, Nortel Networks, Enterasys Networks and 3Com
offer products with embedded security. Even software
companies (like Microsoft and Computer Associates) have
security initiatives; theyve embedded security
in their core offerings. Connectivity service providers
have added managed security services and end-to-end
security to their portfolios.
Capt. Raghu Raman, Practice
Head, SSG, Mahindra Consulting, says there will be four
types of players. At level four (the lowest level) there
will be the product vendors who sell stand-alone or
integrated security solutions like IDS, firewall, anti-virus,
etc. At level three, you'll have connectivity service
providers. These will be companies (like HCL Comnet,
Satyam, Wipro, etc) that build networks/connectivity.
The second level will comprise of managed security services
providers. High-end consulting (with sub segments) will
be positioned at the topmost level/first level.
In this article we write mainly about the level four
and level three players. Here's a listing of some of
the security solutions available in the country.
From the 3Com stable there are perimeter firewalls,
website filters, and embedded firewall products. For
protecting the perimeter of your network, choose the
3Com SuperStack 3 Firewall for enterprise environments.
Small businesses may choose the 3Com OfficeConnect Firewall
DMZ or 3Com OfficeConnect Cable/DSL Secure Gateway.
To help control website access, 3Com offers a content
filtering software subscription service.
Networking major Cisco Systems now provides comprehensive
end-to-end security solutions through its security initiative
called SAFE (Safe Architecture for Enterprises). It
has products for perimeter security with their appliance
firewall (PIX) and software (IOS) firewalls providing
for fault tolerance and stateful (no loss of logical
continuity) fail over; Virtual Private Network hardware
concentrators for dial-VPN and point-to-point enterprise-VPN
for large scale tunneling options, VPN client software;
high-speed Intrusion Detection System which are available
as stand-alone appliances or printed circuit blades
in high-speed Cisco switches with continuously updated
signatures; Security Policy and Security Device management
software systems for defining and managing security
systems. All Cisco security products support de-facto
standard encryption and PKI packets.
The CA security offerings are clubbed together under
its eTrust brand, which is CA's suite of security solutions.
CA offers advanced technologies to secure the e-business
infrastructure through the eTrust Identity management,
eTrust Access management and eTrust Threat management
solution sets. All of CA's security solutions provide
a platform for building, deploying and managing security
as part of the larger task of managing an organizations
Checkpoint offers VPN and Firewall products which are
positioned at different segments (enterprise, small
business, home, service providers, verticals etc). These
products are backed by support and training services.
In India, you can buy Checkpoint
solutions through Ramco Systems.
Enterasys offers the Dragon Suite of Intrusion Detection
Systems and integrated security routers. Besides this,
the company offers holistic security solutions through
an initiative called Secure Harbour.
Secure Harbour offers an all-encompassing
approach to information security, and not a traditional
point-product solution. With intuitive intrusion detection
features as well as reliable firewall protection, Secure
Harbour leverages the inherent security found in Enterasys'
best-of-breed solutions to provide total coverage for
McAfee, a division of Network Associates, offers anti-virus
products to protect companies through a multi-tier virus
defense system. This system includes VirusScan for desktop
protection, NetShield for file server protection, GroupShield
for groupware protection and WebShield for Internet
The McAfee products are centralized
at the management level through ePolicy Orchestrator
(ePO) which allows customers to manage and enforce corporate
virus security policy, updates and reporting. All McAfee
products are backed by the McAfee AVERT team of research
experts who conduct anti-virus research.
In addition, McAfee ASaP, a
division of Network Associates, offers managed network
security and availability services for corporate e-business
Nortel Networks provides end-to-end security solutions
for enterprises and service providers. Its security
eliminate the delays that are associated with comprehensive
screening. Nortel's security portfolio includes:
- Alteon security clusters
- This includes the Alteon Web Switch, Alteon Integrated
Services Director Appliances and purpose-built software
that accelerates a variety of security applications
while integrating management and control.
- Contivity VPN switch - VPN,
Firewall, Bandwidth Manager and Router.
- Shasta 5000 BSN - Also plays
a part in network based security market.
- Alteon SSL accelerator -
SSL offload and acceleration appliance.
- Alteon Switched Firewall
- Firewall appliance.
- Partnered with Symantec
- Partnered with ISS for Intrusion
Novell has range of solutions that address various customer
needs, from setting up a firewall, to providing single
sign on, to integrating PKI technologies with its edirectory,
to setting up a secure Identity Management infrastructure
Novell's security portfolio
comprises of the following:
- Novell BorderManager - Firewall/Proxy/Authentication
- Novell Ichain - Web Based
Access Control and reverse Proxy)
- Novell Modular Authentication
- Novell Secure Login - Single
- Novell Secure Access
This Bangalore-based company offers intrusion detection
(nPatrol) and vulnerability management solutions. nSecure's
solution helps organizations comply with security policies,
efficiently administer users, reduce vulnerabilities
and prevent intrusionsall with the goal to provide
maximum protection of information assets throughout
RSA Security offers authentication, Web access management
and developer solutions/encryption.
Authentication: For this RSA
offers two products: RSA SecuID and RSA Keon. The former
protects network resources through two factor authentication
(tokens, smart cards and software). RSA Keon software
is a family of interoperable modules for managing digital
certificates, and creating an environment for secure
electronic transactions and communications.
The RSA BSAFE line of SDKs (software development kits)
provides all of the components required to make any
application safe and secure. RSA BSAFE software is embedded
in today's Internet applications,
e-mail systems, commerce servers, VPN products and wireless
Web access management: The
RSA ClearTrust solution is a unified Web access management
solution. It is designed to centrally control and manage
user access privileges to Web resources.
Symantec has been known for its Norton brand of anti-virus
and desktop utilities. But in recent years the company
has entered and quickly taken a lead in the enterprise
segment. It now considers itself to be a leader in Internet
security technology, it provides a broad range of content
and network security software and appliance solutions
to individuals, enterprises and service providers.
Symantec's security portfolio
- Client, gateway and server
security solutions for virus protection, firewall
and virtual private network
- Vulnerability management,
intrusion detection, Internet content and e-mail filtering
- Remote management technologies
- Security services to enterprises
and service providers
Trend Micro offers anti-virus and content security software
and services. It offers products to protect the desktop,
network server and Internet gateway.
Today Trend Micro specializes
in high-performance, server-based virus protection with
advanced management capabilities, scalable for any size
enterprise, large or small. It also provides anti-virus
products for consumers.
Through its e-Secure division, HCL Comnet offers end-to-end
security solutions and services. It considers itself
to be a pioneer in IT security and a one stop shop for
all enterprise security needs.
Its solutions offerings include:
- Perimeter security: IDS,
Firewall, Gateway Virus control
- Content security : URL Filtering,
- Transit security : VPN,
PKI, Encryption Boxes
- Access Control : Tokens,
Its services include:
- 24X7 Monitoring and escalation
- Speedy response to new forms
- Security Analysis by Security
- Any time Anywhere Alerts/
HCL Comnet's e-Secure division
has premium partnerships with RSA Security, CheckPoint,
Cisco, Netscreen, ISS, Symantec, Websense, Web Trends
and Trend Micro.
ICICI Infotech provides end-to-end solutions, encompassing
all products/services necessary for implementing IT
Security in an enterprise. Its portfolio includes solutions
for security management, security forensics, virus protection
systems, IDS, firewalls, single sign-on, PKI, 3A authentication
The service/consultancy offerings
include IT security policies & procedures, security
profiling, managing security, security implementation,
IS security audit, disaster recovery plan, computer
forensics, enterprise consulting and training services.
Infosys with its global delivery model (GDM) provides
distri-buted project management and multi-location security
expert teams to address the needs of information security
To address the needs of information
security management requirements of an organization,
Infosys classifies its services as Ongoing, and Periodic.
- Security advisory and support
- Intrusion detecting and
- Perimeter security management
- Managed anti-virus services
- Security software management
- Security auditing
- Penetration testing
Patni provides end-to-end enterprise security solutions.
It offers consulting, implementation and security management
Consulting Solutions: Patni consultants perform an information
risk assessment and develop/design the Information Security
Management System (ISMS) for the enterprise. The ISMS
typically consists of:
- Information Risk Management
- Enterprise Information Security
- Enterprise Information Security
Architecture including network security architecture,
application security architecture, physical security
- Business Continuity Plan
Implementation Solutions: Patni
consultants implement the enterprise ISMS. These would
typically consist of:
- Implementing network security
solutions like Firewall, VPN, PKI solutions, IDS etc.
It supports a broad range of products like Checkpoint,
Cisco, Symantec, Entrust, Baltimore, and RSA etc.
- Implementing Disaster Recovery
Security Management Solutions:
Patni provides managed security services like remote
management and monitoring of firewalls, antivirus and
IDS through its Security Operations Centers.
Among the various offerings of Rolta's e-Services division
are end-to-end security products and services. The division
also offers Managed Security services as part of its
Some of the products are:
- RoltaSecure Firewall Server
- RoltaSecure Intrusion Detection
- RoltaSecure Virtual Private
- RoltaSecure PKI Certificate
- RoltaSecure Network Monitor
- RoltaSecure Dial-in Authentication
- RoltaSecure SMTP
- RoltaSecure Single Sign-On
- RoltaSecure Messaging
These products have been developed
in-house and are based on the Linux platform.
The information assurance company focuses on management-
and operations-controlled security. Its services offerings
include consulting, training, managed security and predictability
SecureSynergy is focused on
addressing the needs of enterprises, specifically in
Banking and Financial Services Industry (BFSI), IDCs,
ISPs and government. Their portfolio of consulting services
include security policy, architecture and audit; asset
valuation and consequence analysis; threat identification,
vulnerability assessment, penetration testing, risk
mitigation and safeguards; continuity and recoverability
planning; incident response, forensics, awareness and
training; information assurance and risk monitoring;
change management, and system life-cycle security management.
The solutions portfolio comprises
security products that cover prevention, detection,
and response controls ranging from anti-virus, anti-hacking,
encryption, network management to storage area network,
network attached storage, automated backups and media
Through partnerships with various vendors, Ramco offers
a range of security solutions. In addition, Ramco provides
outsourced security management services through an initiative/division
RADAR has evolved a structured
approach to design, provision and maintains comprehensive
information security programs for organizations. RADAR's
Managed Risk approach is phased and iterative to ensure
that an organization's security strategy is in line
with the business objectives and procedures and practices
followed continue to be aligned with the organization's
Ramco's product offerings include:
- Access Control/Authentication
- Check Point
- VPN &, Bandwidth Management
- Check Point
- Vulnerability Assessment
& Intrusion Detection - ISS
- Anti-Virus/Content Security
- Performance Firewall Appliances
- Nortel Alteon
- High Availability - Stonebeat
- Employee Internet Management
- Caching Appliance - Bluecoat
- Authentication & PKI
- RSA Security
- Traffic Analysis - NetIQ
Brian Pereira can be reached at