As hackers have honed their ability to get dangerous code, like the Sasser worm, to jump right through an Internet browser without the inconvenience of having to wait for an e-mail user to open a file, vendors quickly moved their security and antivirus technology outward from the PC and on to the network.
This shift in intrusion protection spurred industry partnerships like Cisco Systems' Network Admissions Control (NAC) program, which brought rivals Symantec, Trend Micro, McAfee and others together under the banner of integration at the network level. It also unleashed a flurry of appliance-based security products that could be placed strategically about the network to scan for vulnerabilities and detect attacks.
The upside is a hot security appliance market. The downside comes with the decision making. Can appliances that offer firewall, antivirus, intrusion detection and vulnerability assessment complete the task of securing a network? Or are they just souped-up components of a broader security deployment that still leave VARs explaining to customers why so much functionality overlaps with what's likely already running on their servers and PCs?
Jeff Brown, director of business development at NSA Services, Stoughton, Mass., said that with the increased onus on security, "a lot has changed" in the appliance market. "Historically, you've had purpose-built appliances for certain functionality. But now, where you get into trouble is when you cast a wide net of all security technologies on one appliance," Brown said. "A layered approach to network defense is very important."
The size of a customer plays into the decision as well. Small businesses are typically attracted to security appliances based on the notion "that they just connect it, plug it in and watch it work," said Kevin Connell, CTO of Beaverton, Ore.-based Endurics.