Internet security is a sizzler, a visit to the most recent international IT conferences confirms that an increasing number of security and network optimisation products are now available to those that want to keep their private data ... well, private.
Already smart vendors are realising that they need to differentiate their products, keeping them ahead of the rest, so to speak.
For example, firewall providers are now layering additional services on top of the security appliance, so that critical processes - performed at the corporate gateway to the Internet - such as virus scanning and bandwidth control - can be executed by the security appliances.
However, despite all this added functionality, today's corporate, especially in the wake of recent malicious virus onslaughts, now requires tight integration of security traffic control components, together with policy-based management.
This in turn translates into the managing and monitoring of the network from an application as well as network level in order to ensure optimal bandwidth utilisation and traffic prioritisation. Bandwidth management is key - becoming one of the most critical factors in ensuring the success and optimisation of company assets and ultimately, building a strong security fortress.
As more companies move to client-server networking, Internet/intranet browsing and today's GUI-based applications consume a significant portion of available bandwidth - this can affect the performance of mission-critical activities such as security.
Today's network managers face diverse traffic management considerations such as:
a. How can they guarantee users and business-critical applications adequate bandwidth.
b. Can bandwidth be adjusted to meet the requirement of individuals on a flexible and time-sensitive basis.
c. Can they accurately assign bandwidth to the appropriate departments?
Policy-based management counters the 'anything goes' approach of IP-based networks, ensuring that certain applications do not monopolise bandwidth, causing congestion and erratic performance.
Another critical issue, which is especially prevalent in South Africa, is that low bandwidth translates to openness to DoS attacks. The reality is that certain forms of DoS are more effective when bandwidth is at its lowest, again emphasising how important bandwidth and subsequent policy-based management is.
What approach should you take to ensure overall policy-based success? There are two options - network-based management or application-based management.
Network-based management addresses traffic and security issues by looking at the overall effect on the network and by requiring authentication and login for legitimate users to connect to the network, as well as QoS (quality of service) features which prioritise traffic on individual profiles. Also, with network-based management, separate logical networks can be created, therefore, enabling the support of high-performance clusters and also ensuring that viruses or hackers are confined to a single system.
Application-based management allows network administrators to monitor the network at application level, ensuring that application traffic does not create network bottlenecks or hog bandwidth.
It is also easier to identify if the traffic is work or recreational, again ensuring that network resources are allocated appropriately to the applications, based on importance or unimportance.
Graham Vorster, chief technology officer of Duxbury Networking