Defending against threats with a componentable solution PART 1

Posted by Michael Mon, 11 Dec 2006 11:12:07 GMT

We’re going to apply to put “componentable” in the dictionary.

Just what is “componenetable” you ask?

We’ve been looking at a score of “Unified threat” solutions for the last few months. On a VERY broad scope there are a few major components of a security architecture that need to be addressed:

threats_1.jpg

In this example we assume things like firewall/vpn/network based external attacks to the network are covered somewhere.

There are two basic solution groups to solving the above problem areas:

components_1.jpg

Appliances are:

  • Easy to install and manage
  • Typically have one interface

but:

  • Have questionable scaling issues
  • Typically make it difficult to replace one component

Software solutions:

  • Have good scaling solutions (it’s trivial to buy better hardware)
  • Make it easy to swap one product for a given solution

but:

  • Require multiple interface to control, manage and report
  • Require operating system management on top of the component’s management requirements

In PART 2, we’ll talk about some ways to select solutions that have some advantages of both approaches, then later in the series we’ll talk about how to develop your apps to do a hybrid of both approaches.

Posted in , , , ,  | no comments | no trackbacks

Comments

Trackbacks

Use the following link to trackback from your own site:
http://weblog.imapenguin.com/trackbacks?article_id=defending-against-threats-with-a-componentable-solution-part-1&day=11&month=12&year=2006

RSS feed for this post trackback uri

Comments are disabled