The Essentials Series: Selecting the Right Network Threat Management Solution

by Dan Sullivan


Network threats are multifaceted and so are the security products that can protect your assets. The Essentials Series: Selecting the Right Network Threat Management Solution examines the trade offs of combining off the shelf security products versus network appliances, the role of security management in supporting operational efficiency, as well as methods for evaluating and selecting intrusion prevention systems. These articles bridge the business and technical considerations and offer insights useful to IT managers, network and systems administrators and other decision makers involved with network security.


Article 1: Hidden Costs of Off the Shelf Security Products

The appeal of selecting off the shelf security products and running them on commodity hardware is not without its drawbacks.  Readers will see in this article the business and technical ramifications of the hidden costs of this do it yourself approach, including: increased operational costs, opportunity cost of not addressing other pressing IT issues while maintaining a home grown solution, and the potential exposure to threats because of misconfigured or unpatched applications.

Article 2: Proper Security Management Enables Operational Efficiency

Information security is not just a matter of protecting assets, it is an enabler of more efficient business operations.  This article describes how a security management strategy can improve operation efficiency. It includes a detailed discussion of how policy administration, network monitoring and reporting, patch management and configuration management can all work to improve both security and operational efficiency.

Article 3: Intrusion Prevention Evaluations and the Perils of Checkbox Product Comparisons

In the past, advocates of intrusion prevention systems have promised capabilities that have fallen short.  The problems were in part due to limits in IPS technology but also in the way we evaluated and selected IPS solutions.  This article examines IPS in terms of broader threat management issues and advocates for a more comprehensive evaluation procedure than those typically found with checkbox product comparisons.