Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

iQ MAGAZINE

Adaptive Security
Convergence among network security technologies can help you cope with emerging threats.
By Samuel Greengard
Illustration by Dan Page
Article Contents:
The Need For A New Approach | Adaptation To A Changing World
It's hard to dispute the power of the network and its ability to transform business. It has created enormous opportunities to communicate effectively, reach customers, connect with partners, and streamline processes. However, the increasingly networked nature of the workplace brings with it the real challenge of securing communications and information assets. Network security threats—including computer viruses, Internet worms, intrusion attempts, and a spate of others—are a concern for companies and organizations of all sizes.

The economic damage from malevolent network security threats reached somewhere between $157 billion and $192 billion worldwide in 2004, according to mi2g, a U.K. research firm that specializes in computer security. New viruses, worms, and Trojan horse attacks are released across the Internet with such regularity that it is challenging even for larger companies with ample IT resources to protect themselves, let alone small and medium-sized businesses (SMBs). Attempted system break-ins and information theft are also a growing concern.

"Security is becoming more complex and difficult," says Mark Bouchard, senior program director for technology consulting firm META Group. "Security threats are constantly evolving and many of the tools in place do not adapt. That leaves many businesses vulnerable."

Back to top

The Need For A New Approach
This challenging environment underscores the need for a more effective approach to network security, one that makes it easier for companies—especially resource-strapped SMBs—to cope with the increasing complexity of threats as well as new threats as they emerge. This new adaptive security approach is taking shape as technology vendors develop the next evolution in network protection.

Consulting firm Capgemini describes the concept as an "integrated, active security infrastructure." Simply put, by consolidating applications, resources, and equipment, organizations are better prepared to cope with the seemingly endless onslaught of challenges caused by security threats. By reducing the need for disparate hardware and stand-alone security solutions, and by making it simpler to update network security practices, these adaptive systems boost the overall level of defense while simultaneously lowering the skill level required to manage the infrastructure and cutting the cost of operations.

When it comes to network protection, more isn't always better. There's an inherent problem with many of today's products: Although they are effective at recognizing existing threats, it's essential to keep them up-to-date by downloading virus definitions and known intrusion signatures. Furthermore, each security technology —such as firewall, intrusion prevention, virtual private networking (VPN), and antivirus—operates in a vacuum, performing only its specified task.

With the increased complexity of threats, such as blended threats that use a combination of techniques and applications to disrupt networks, it is important for security technologies to act in a coordinated fashion to stop attacks and better control network activity and applications. Too many threats fall between these timing and technology gaps.

Unfortunately, many companies—particularly SMBs—have typically addressed nagging security concerns by constantly adding devices and software to remedy each problem individually, which has led to separate antivirus protection, firewall, VPN, and intrusion-prevention solutions.

While this approach addresses shortterm needs, it creates a bigger problem: managing multiple independent systems. As more advanced threats emerge, many experts believe that security must become more holistic: Technologies need to act in coordination in order to detect and defend against more sophisticated threats.

"There is a growing need for devices that can assemble the pieces of the puzzle and lock down the gaps that exist in conventional network security systems," says Scott Pope, a security product marketing manager for Cisco Systems. "Today, a huge problem exists with the misclassification of threats and organizations taking inappropriate action or even worse, missing the threat altogether."

Adding to the problem is the lack of application awareness built into existing hardware and software. In many instances, this leaves a growing volume of traffic flowing across networks without being inspected to determine whether it is legitimate or part of an attack.

Back to top

Adaptation To A Changing World
Transforming chaos into a clear and manageable security policy is essential. Bouchard asserts that future network security systems need to focus on convergence and consolidation. The idea is to combine multiple functions into a single device or system, enable these combined functions to operate as a coordinated defense (instead of operating independently), and design far more robust administration and management capabilities. This will transform systems from operating as separate technologies in a reactive mode with limited and static detection methods to functioning as a coordinated, proactive threat defense system that adapts to the changing business environment.

Experts believe that these systems will provide multiple benefits: improved detection, greater accuracy in event classification, lower operating costs, streamlined administration, and the flexibility to integrate new security technologies as they emerge. Most importantly, these converged systems will not compromise the quality of security in any given category, but instead combine the strength of each in complementary ways to deliver a tighter, coordinated defense.

While there's no way to avoid all the computing threats that exist, an adaptive approach maximizes the potential of information technology without compromising the need for protection. It opens the door to a new level of defense while shutting the door on problems. "It knocks down the silos and creates a level of protection that is essential in today's world," concludes Bouchard.

Back to top

iQ Magazine, First Quarter 2005
About the Author
Sam Greengard is a regular contributor to iQ Magazine. He covers business and technology for multiple publications.
Download this Article
Adaptive Security [139 KB]

Further Reading
From Cisco
Next Steps

From Cisco: Q&A With Jayshree ULLAL, Senior Vice President
Jayshree Ullal, senior vice president and general manager of the Security Technology Group at Cisco Systems, discusses the network threats facing SMBs and how Cisco can help you defend against them.

iQ: Why is it so challenging for SMBs to stay on top of network security?
Ullal: Multiple security technologies deployed at multiple points on the network are now required to ensure protection. But managing the diversity of stand-alone technologies strains small IT staffs that lack a dedicated security person.

iQ: What are some of the biggest network threats?
Ullal: The most damaging threats today are worms and viruses. They have the greatest potential for network disruption. They are also the most difficult to protect against because they require manual action on the part of network administrators—unless an appropriate worm mitigation technology, such as Cisco Security Agent, is in place.

iQ: What are some things SMBs can do to protect themselves?
Ullal: A good first step is to disable unutilized network services and ports on routers and switches. Cisco IOS has a simple-to-use auto-secure feature that can achieve this.

Also, implement technologies that proactively stop attacks before they reach their destination and spread. For example, Cisco Network Admission Control assesses security on end-user machines prior to allowing them to connect to the network.—S.G.


Next Steps
Use the Advanced Search function of the Cisco Partner Locator to find certified Cisco resellers with security specializations.