|
|
 |
 |
 |
|
|
|
|
|
|
Historically, network security was a relatively minor and well-understood discipline, so add-on security products like firewalls, anti-virus software, and IDSs were sufficient. Today's security is far more complex, as networks are in a constant state of flux while threats are far more dynamic, insidious and destructive. In this environment, networking and security must work hand-in-hand to coordinate information on network configurations, traffic patterns, and security threats across the enterprise to prevent attacks while maximizing network performance and availability. In other words, security can't be an overlay product; rather it needs to become part of a network architecture that provides centralized command-and-control combined with distributed surveillance and enforcement. -- Information Security: Network Security Architecture by Jon Oltsik Dec. 2004 I want a security policy enforcement product that will autodiscover my network,
compare my device settings against pre-determined security best practice and
tell me which devices currently do not conform to best practice. As an IT
management type, I can then instruct my staff to remediate the environment to
bring it back into compliance. Additionally, the device will tell me if one of
my network engineers makes a device change that is inconsistent with our
security policies or best practice. In fact, I would pay for a subscription
service that would ensure my policy servers had the latest and greatest set of
security best practice templates (security is a moving target).
|
|
|
| .:. Top of the Page |
|
|
|
Testimonials