Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

12th Annual Well-Connected Awards: Security

Well Connected Awards 2006

Compliance ... zero-day vulnerabilities ... the business case for security ... policy, policy and more policy! You can't turn around without bumping into one of these topics. They're important issues, but they're not the best drivers for security-related deployments.
Let's face it: There are few business cases for security other than avoidance--specifically risk, attack and litigation avoidance. You need processes and products that solve the problems you face every day. Security budgets aren't growing by leaps and bounds. In fact, many organizations' compliance dollars are going for audits, re-engineering projects and consultants.



The winners in this year's Well-Connected Security category address some of the avoidance concerns. Common best practices dictate the deployment of firewalls, and today's appliances go beyond stateful packet filtering, with the ability to block traffic in the application layer. For example, Juniper Network's NetScreen ISG 2000 with IDP, winner in the Enterprise Firewall category, ferreted out and blocked malicious traffic even under our tests' high load. Small-office and branch locations require similar protection, but more important is integration of multiple functions on a single appliance. Here, WatchGuard Technologies' Firebox X2500 shines.

Get the Picture (Then Use It)

Compliance is really a process issue: an opportunity to get your house in order. Build a security policy, implement management processes and get a handle on your risk posture. One of the critical compliance areas is data gathering and reporting. Auditors need a complete picture of your IT infrastructure to assess the effectiveness of your implemented controls. However, you probably don't need to purchase "compliance products." Your IT unit most likely has the information and tools at its fingertips to gather more than enough data. The challenge is aggregating that information and then doing something useful with it.

  • 1