|
The rise of the integrated appliance
Security appliances offer a quick and effective answer to
an SMB’s security problems. They’re easy to manage and
their all-in-one functionality is taking SMBs by storm, says Abhinav
Singh.
 The
SMB market, which has traditionally invested in point security solutions, is
now embracing security appliances as a simpler way to fulfil their security
requirements without adding administrative overheads and complexity to their
networks. Companies like Brakes India, Orient Craft and Sodexho are some of
those which have deployed security appliances.
In today’s environment, a cracker does not spend hours doing port scans
and attempting to launch a network-based attack. On the contrary, he would just
go ahead and launch a blended attack. Blended threats are attacks that utilise
multiple transmission techniques to spread and attack other computers. E-mail,
Web and file transfer are the most common modes of transmission used in these
attacks. Traditional and point security solutions can’t effectively block
blended attacks from entering and leaving a network. The sudden rise of blended
threats is driving the demand for blended security at the gateway-level, which
in turn has given birth to the security appliances which now come under the
umbrella of Unified Threat Management (UTM). As per IDC’s definition, a
UTM should have features such as firewall, VPN, IDP (intrusion detection and
prevention) and gateway antivirus in a single appliance. All these things are
affecting SMBs in India like never before—and driving this market.
- UTMs deliver ease of management with a single
console to manage multiple functionalities. They are being positioned
as single security network management tool.
- TCO would still be a criterion for evaluating
UTMs, but the rise of blended threats would be the deciding factor.
- UTM and point products will co-exist, with UTMs
acting as a robust first line of defence.
- High availability (active/active load balancing)
between multiple UTM boxes can help mitigate a single point of failure.
|
"Tier-2 and -3 cites have a high concentration of security appliances,
and with the advent of broadband Internet usage there’s a boom in
the market for these products"
- Vishak Raman
Country Manager, India
Fortinet Inc |
India has emerged as a strong market for security appliances,
and hence there are numerous vendors who have floated their products here, vying
for a piece of the appliance pie. According to IDC India, the security appliance
market in the country was worth $44 million in 2005, and India continues to
be a leader in terms of security appliance adoption in the entire APAC region,
registering the highest growth rates with a CAGR of 24 percent. Analyses Vishak
Raman, Country Manager, India, Fortinet Inc, “Tier-2 and -3 cites have
a high concentration of security appliances, and with the advent of broadband
Internet usage there’s a boom in the security appliance market. SMBs will
be one of the dominant forces in driving the consumption of appliances in these
cities. I feel that out of the total $44 million market, about 15 percent will
be accounted for by SMBs. Although they buy plenty of units, the value of these
deals is on the lower side.”
Let us take a close look at why SMBs are going in for security
appliances rather than stand-alone software-based security solutions at the
gateway level.
Integrated vs point
|
Blended threats are attacks that
utilise multiple transmission techniques to spread and attack other computers.
E-mail, Web and file transfer are the most common modes of transmission
used in these attacks.The sudden rise of blended threats is driving the
demand for blended security at the gateway-level
|
Stand-alone security products are complex to manage, leading to additional
investment in technical staff to operate multiple stand-alone products. The
inconvenience of dealing with multiple annual maintenance contracts, patches,
upgrades (which get released in a month), reports and subscription services
of stand-alone security products adds to the complexity of managing a set-up
that revolves around point products. That is why SMBs prefer to invest in security
appliances.
Explains Anil Menon, Chief Executive Officer, SecureSynergy,
“The ease of managing security appliances is the principal reason why SMBs
are adopting them. Typically, an SMB with 50-100 users will not have a CIO,
but only a junior staff member to manage everything in the IT department. Security
appliances come with a plug-and-play approach, making them easy to handle and
easier to configure without requiring specialised skills.”
|
Security appliances can be used
effectively in small, remote locations where there are fewer technical
people to manage the IT infrastructure. Appliances are easy to configure,
deployment is smooth, and they can be monitored from a central location
|
It has also been found that if an organisation is using multiple
products for security it will have to deal with varied user interfaces, some
graphical, some requiring admins to drop to the command line. Through an integrated
solution (box), it is possible to perform functions such as encryption and compression
on the same box, something that is quite complicated if you are dealing with
multiple devices. It has been found that security appliances have the capability
to do deep pocket inspection (look inside e-mail attachments, downloads and
the like), thereby shielding a company’s network and systems from content-level
threats and ensuring secure content-level management. This is an added benefit
for SMBs, which are price-sensitive and want better RoI from their limited IT
budgets.
"If an SMB customer who is using software-based security solutions
had to scale up his network, he would have to change the configuration
every time that he upgraded his set-up"
- Srivatsa S
Director, Business Development
Syntax Soft-Tech (I) |
Appliance-format security boxes can be used effectively in
small, remote locations where there are fewer technical people to manage the
IT infrastructure. Appliances are easy to configure, deployment is smooth, and
they can be monitored from a central location. Due to ease of manageability,
security appliances have helped organisations to trim their IT staff costs.
Remarks Srivatsa S, Director, Business Development, Syntax Soft-Tech (I), “Consider
this. If an SMB customer who is using software-based security solutions had
to scale up his network, he would have to change the configuration whenever
an upgrade is made. This adds up to a river of woe for the concerned company.
By comparison, in the case of an appliance, every update and change in configuration
is done by the vendor.”
The buck stops here
"Appliances are integrated solutions with their own operating systems
that are designed to work flawlessly with the
underlying hardware"
- Ajit Pillai
Country Manager
India & SAARC
WatchGuard |
SMBs also save on licencing fees that had to be incurred in
the case of software-based security solutions. Before security appliances became
popular, organisations often found it difficult to fix responsibility for breaches
and the like. Because many vendors were involved in supplying various components
of a company’s security infrastructure, it became difficult for the user
to approach a particular vendor to solve his problem since no one was prepared
to take responsibility. With security appliances however users are in a position
to approach a single vendor to get their problems fixed. In case there are several
devices, a company will have to maintain relationships with all the concerned
vendors (multiple SLAs and contracts), but with an integrated solution accountability
rests with a single player.
Ajit Pillai, WatchGuard’s Country Manager for India &
SAARC, explains that in any complex technology acquisition the installation
and configuration usually require the maximum time. Appliance-based solutions
are designed to reduce this time and allow customers to quickly start using
a product instead of spending time configuring and tweaking it. “Appliances
are integrated solutions with their own operating systems that are designed
to work flawlessly with the underlying hardware. As such, appliance vendors
are responsible for supporting everything including the hardware, operating
system and application. This approach provides customers with a single point
of contact when a question or problem arises,” elaborates Pillai. This
dramatically reduces the time needed to fix problems.
Pillai adds that with a software-based solution customers are sometimes left
hanging because the hardware vendor, OS vendor and application vendor are pointing
fingers at each other. The burden of determining which component is really at
fault is then left to the customer.
| The garment exporter is reaping the benefits of deploying
a security appliance from WatchGuard. Today it gets all-in-one protection
from a single box. Established in 1978, Orient Craft is a garment exporter
with 10,500 hi-tech specialised machines. The company operates in the export
arena, sending products to the US and some countries in Europe. Deploying
the Firebox X700 from WatchGuard has changed the way work is done at Orient
Craft—the company has been able to tackle security issues with its
new security appliance.
Threats without end
Orient had a firewall but there was no end to its security woes as
it couldn't cope with the security threats that were materialising day
after day. Recalls Ranjan Sha, the company's IT manager, "The company
was receiving 5,000 to 8,000 spam messages per day, and it was eating
into our bandwidth, not to mention the time wasted in finding and deleting
the same. 70 percent of our e-mail traffic consisted of spam." Over
and above this, securing the company's e-mail, ERP and database servers
were on the agenda. Regular virus attacks were bringing the network to
its knees, and it was unstable.
Securing the gates
The company went in for an integrated security solution, the Firebox
X700 from WatchGuard. The principal reason to go in for a security appliance
was that the company wanted to secure its gateway as it was facing enormous
problems tackling spam and viruses. Says Sha, "Since we were already
using WatchGuard's Firewall solution, it made sense to use their new appliance
which integrated several functions into one box." The Firebox X700
blocks spam and viruses, controls Net access, takes care of intrusion
prevention, and acts as a VPN concentrator for secure remote access.
Sha adds, "The solution controls inbound and outbound
Internet traffic, scanning for spyware, keyloggers and diallers. The product
blocks malicious objects and other threats before they can enter the network
and drop their payload. The blocked-site list is constantly updated to
prevent access to known spyware sites." Sha informs that the appliance
identifies known network and application exploits, and addresses them
based on the type, user group and protocol, with responses including Allow,
Block and Lock. It also blocks unwanted e-mail before it reaches the internal
mail server, and the VPN feature ensures secure remote access to the ERP
server and other network resources. It generates graphical reports of
Web access, usage, and time of day, thus facilitating policy making.
Easy to manage
After the product was installed the company has been able to deal
effectively with spam; it has also proved to be a time-saver for staff
members. Managing the network has become easier with the adoption of an
integrated approach towards securing the network. Sha explains: "We
can manage an integrated appliance with just three people, whereas if
we had to go for separate boxes we would have had to deploy a person to
manage each of them. Moreover, we would have had to pay for each function
separately."
The company has also been able to manage the appliance
remotely in case no administrator is on site. Remarks Sha, "Due to
the remote access control feature of this appliance, we can access the
appliance from a remote area in case that is required. This feature really
eases manageability of the system."
Along the way, the company has been able to improve network
performance. The product interface is simple and easy to understand, with
advanced logging and reporting. Its features include visual live time
monitoring and management functions. One can control the sites that users
can visit. There is an option to upgrade the firewall without having to
buy new hardware, and manage multiple firewalls from one location. The
product also has VPN capabilities for travelling executives, a feature
which the company found quite interesting. Advanced application proxies
to remove bad traffic, and notification of security vulnerabilities from
time to time are some of the benefits the company is reaping after deploying
the product.
|
More in one
"Security appliances are not licenced based on the number of users
but on the throughput parameters, whereas software solutions are licenced
based on the number of users"
-Digvijaysinh Chudasama
Vice-President, Sales
Cyberoam |
As bandwidth prices continue to drop, SMBs are giving Internet
access to a wider base of employees, suppliers and dealers. Comments Digvijaysinh
Chudasama, Vice-president, Sales, Cyberoam, “Due to the increasing SMB
presence on the Internet, the rise in B2B and B2C commerce, and communications
via the Internet, SMBs are prone to rising security threats, internal and external.
In order to ensure high security while granting Internet access in accordance
with the business requirements of the individual user, a lot of SMBs are opting
for the appliance approach.”
These days the role of SMBs has changed as they are doing business across geographies.
Observes Shubhmoy Biswas, Country Manager, India, SonicWall, “SMBs are
becoming more innovative and are able to define their e-mail security policies
more effectively. Many vendors are working on adding more capabilities to a
single box.”
Many SMBs are also using leased lines and broadband connectivity, and want faster
throughput while accessing the Internet. Explains M Hayath, Business Development
Manager, Network Security, India and SAARC, Cisco Systems (India), “Many
SMBs want their employees to be in touch with them through remote connectivity.
SSL-VPN and IPSec, which are now part of security appliances, seem to be becoming
quite popular among SMBs that want to offer secure connectivity to their employees.
We have also seen that appliances give better throughput, and work better with
other devices.”
Saving on licence costs
Appliance vendors feel that their solutions score over software-based
solutions in certain areas. Opines Chudasama, “Security appliances are
not licenced based on the number of users but on the throughput parameters,
whereas software solutions are generally licenced based on the number of users.
At the gateway or perimeter level, it is not possible to identify the actual
number of user licences in use. Generally, software solutions are deployed on
hardware along with many other applications, hence it is not advisable to deploy
other applications on hardware where security software or solutions are deployed.”
Many also feel that hardware solutions are generally optimised at the hardware
level, and they run a fine-tuned and secure operating system that’s been
written specifically for the underlying hardware. Many say that software-based
security solutions work better in a host-based scenario where they are deployed
on a server, but that they are not recommended as gateway or perimeter solutions.
Awareness levels of security appliances have risen among SMBs, creating huge
potential and accelerated growth. The booming IT and BPO markets have been like
a shot in the arm for the security business. Companies are increasingly replacing
their firewall and anti-virus solutions with integrated appliances.
|
