No security-conscious company would be caught dead without a firewall. But these days, having a firewall isn"t enough.
Technically speaking, the firewall is the first line of defense that sits between a company"s network infrastructure and the World Wide Web -- security-wise, meaning all viruses, hacking and other threats posed by the Internet.
As these threats improve and become even more widespread, and the with the emergence of new threats like phishing, for example, vendors are coming up as well with a laundry list of security solutions marketed towards users.
The firewall indirectly becomes the engine from which these solutions are deployed. Last year saw security vendors like Fortinet and SonicWall, for example, introduce appliance-type firewall devices that include solutions like antivirus, content filtering, and virtual private network (VPN) security into a single hardware box.
The Philippines is actually not far behind its neighbors in purchases of security solutions. A recent Frost and Sullivan report predicted that the firewall, virtual private network (VPN) security and intrusion detection systems (IDS) market in the Philippines posted US$7.3 million in revenues in 2004. Revenue is predicted to grow 25 percent in he next six to seven years , the second largest growth rate in Asia Pacific next to Vietnam.
While the Philippine market is largely driven by hardware spending, which, according to recent report by IDC Philippines, extends gradually down to small and mid-sized companies, a top priority for software acquisitions is security. Naturally, the mindset among users would be to protect their hardware investments.
But in terms of adoption, bigger companies like banks, for example, still lead other industries. Yancy Picson, a local consultant for software firm Computer Associates (CA), mentioned during an interview that a number of local banks have moved into the "third layer" of network security.
By CA"s definition of information security, the first layer is physical security of the infrastructure and the second layer is the firewall, or the "reactive" solution against external threats. CA sells security solutions under its e-Trust Threat Management suite.
Picson, who covers the banking and telecom sectors for CA, singled out tools like password and identity management currently looked into by banks. "Banks are moving into LAN (local area network) consolidation and identity management, For the past two years, these products are
not that hot as they are now," he said.
Most companies, according to Picson, are still in the second layer, the firewall being the centerpiece of their security infrastructure. As users begin acquiring several solutions, security now becomes a management issue.
As a result, "unified threat management" or UTM has emerged as an industry buzzword. Appliance-type products seek to adhere to this user approach with all-in-one firewall products that incorporate a number of solutions in a single box.
"The other direction is integrating (your solutions) it and seeing your operational infrastructure from a single software management platform," Picson noted. The latter approach suits users who already have existing solutions, more often than not deployed on independent servers.
Aris Coronel, a senior security consultant at CA, acknowledged that it becomes tedious for the user to manage a heterogenous security environment. "The way for you to become secure is not in the number of solutions you have but in how you manage them," he said, mentioning that CA"s local customers are now actively looking at the single-platform approach.
Randall Lozano, president and general manager of Techwave Corp., a local security company that carries solutions from U.S.-based Secure Computing, noted a misconception among local companies that a simple firewall is enough security measure.
Although a large portion of local spending on security is on firewalls, Lozano cited an IDC report that predicts UTM devices will replace firewall solutions within the next five years.
With a wide array of solutions available in the market (even Windows XP has a built-in firewall), how should users fire up their existing firewalls?
Lozano recommends that users look for a UTM devices with a "hardened" operating system built specifically to run a firewall, not some proprietary software like Microsoft Windows. "Ideally, the OS should be proprietary to the vendor which sells the product," he said.
He also recommends that the user deploy solutions within the "application layer" such as content filters, for example, that not only allows the firewall to accept only restricted users, but scans email content as well.
Lozano noted that the primary benefits of the unified management approach lie in total cost of ownership and managing required skills sets. "Users typically have separate boxes for each solutions. If you could train your people to run a single technology, it will lower your costs in the long run," he said.
But the inevitable reality vendors have to contend with is that most users have heterogenous environments, meaning security solutions bought from different vendors. Lozano added that users normally have preferences in what brand of solutions to use.
Thus, potential clients cannot be readily asked to throw away previous investments. "We promote third party integration for non-CA applications. We realize that new products are coming out every month so we"re constantly adding new products to our set of supported solutions," CA"s Coronel said.
Allan Jay Garcia, product manager for data security at ePLDT,which carries firewall solutions from Checkpoint and SonicWall, noted that all-in-one hardware devices appeal to smaller companies due to budgetary constraints.
"The obvious advantage is that it is easier to manage to deploy," Garcia noted. "But the features of UTM solutions,for example content filtering, isn"t so extensive as those offered by stand-alone solutions."
On the other hand, enterprise users are more likely to go for the "single platform" approach because these users have the required technical skills.
But Garcia said his company (the IT arm of telecom giant PLDT), as a system integrator does not readily result to "box pushing" or selling a single UTM device right away.
He added:"We do scoping where we check the clients existing environment and recommend several brands. We see to it that the user has a choice."