Forwarded From: darek milewski <darekmat_private> http://www.zdnet.com/pcweek/stories/news/0,4153,380464,00.html Security survey finds 'best of breed' software works best By Jim Kerstetter, PC Week Online December 23, 1998 9:00 AM ET It's a debate reminiscent of the early days of enterprise resource planning applications: best of breed or packaged suites? Which is best for your company? Security software is no different. A recently published report by Forrester Research Inc., in Cambridge, Mass., says best of breed, at least for now, is the best way for your company to go because one company may not be best at all aspects of security. The maker of a good firewall, for example, may not know what to do with digital certificates. Forrester interviewed security managers at 50 Fortune 1000 companies and talked with executives at more than a dozen security companies, ranging from IBM to Netegrity Inc. The conclusion among many of those security managers was twofold: First, security suites have so far been products picked up in the acquisition process and are weakly integrated; second, companies tend to buy security products one at a time, as needs arise, and aren't likely to have a suite strategy. A security administrator at an East Coast utility backed up Forrester's contentions, saying that buying into a security suite strategy doesn't fit his company--yet. "We don't have that kind of need because we're buying things one at a time," said the administrator, who requested anonymity. "It's hard for us to plan for a suite when, really, we're just looking to solve our next problem." "Suites aren't a solution to users' security problems. And the way that [users] can rise to the security selection and implementation challenge is by dividing and conquering," said analyst Ted Julian, the report's co-author. Julian divided the market into four major areas for products and responsibilities inside a corporation: infrastructure access, content integrity, application user and operational compliance. Infrastructure security systems control network and system access and protect against denial-of-service attacks, Julian said. Those systems are the domain of a network administrator, who must handle a variety of systems, such as firewalls, routers and remote access servers, and work with protocols such as IP Security as well as authentication services including hardware tokens and digital certificates. On another level, an IS administrator should be focused on content integrity, which means looking for malicious content in viruses, Java and ActiveX code and office suite macro viruses. In turn, application security middleware controls access to enterprise applications by adding security to software that doesn't already have it. Application developers with skills in Component Object Model, Common Object Request Broker Architecture, C++ and Common Gateway Interface should be assigned to these tasks, Julian said. Finally, operational security--the true domain of security administrators--detects security breaches in progress and discovers systems that are not in compliance with security policy. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:14:41 PDT