Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Is a Platform Security Strategy Realistic?

The choice between using a single vendor platform, and integrating best-of-breed point products from different vendors is as old as computing – but is particularly pertinent to cyber security. In April this year Fortinet commissioned a survey of IT decision makers in 10 countries around the world, with particular reference to firewalls; and discussed some of the findings in a blog post yesterday.

The choice between using a single vendor platform, and integrating best-of-breed point products from different vendors is as old as computing – but is particularly pertinent to cyber security. In April this year Fortinet commissioned a survey of IT decision makers in 10 countries around the world, with particular reference to firewalls; and discussed some of the findings in a blog post yesterday.

The key finding for Fortinet is that 59% of approximately 1,000 respondents described their greatest challenge in achieving automated and consistent security policies across their networks is down to the numerous firewall solutions deployed within their network infrastructures.

The precise results varied slightly between geographic regions. The US and EMEA (comprising the UK, Germany and France) were almost identical at 55% and 54% respectively; with UPAC (comprising India, China, Korea, Japan and Australia) at 64%.

This response dwarfs other problems. Insufficient staff skills to implement standard procedures and problems from different security requirements throughout the network all returned around 20% – with only EMEA standing out with 26% for differing requirements.

In its blog, Fortinet concentrates on the difficulty in integrating different security solutions. The problem, it suggests, is that security managers already need to monitor an average of 14 different security consoles, and frequently have to hand correlate events and incident information in order to detect and respond to threats. “This is a strategy that clearly will not scale as the volume of traffic and number of devices on their network continues to grow,” it warns.

In response to this problem vendors have started to sell the advantages of single-vendor solutions on a single platform (which Fortinet calls in its blog, ‘The Myth of the Platform Security Strategy’). Single vendors cannot develop a complete range of security solutions, and consequently expand their platform by buying other companies and their technology. 

But, suggests Fortinet, “While these vendors may offer a wide range of security tools, their solutions are hardly integrated. They often run on different operating systems, use different management tools, and cannot provide unified visibility, control, response, or reporting. And their lack of standardization makes integration with third-party solutions difficult if not impossible.”

This view is supported, it adds, by the survey responses. Sixty-one percent “of IT leaders said that the lack of ‘standardization of security technologies’ from such vendors was still a barrier to re-architecting their infrastructures with the advanced security solutions they need to protect themselves.” This ranged between 55% in EMEA and 65% in the US.

Advertisement. Scroll to continue reading.

Fortinet’s conclusion is that security managers and IT decision-makers should ask themselves whether a single-vendor strategy is any solution if the resulting deployment is just as complex and resource-intensive as the multi-vendor approach.

Fortinet’s approach is to integrate its own firewalls and other technologies interconnected by a single unified operating system. It calls this a Security Fabric, and provides open APIs for other vendors to integrate their own products. This architecture, it claims, “actually delivers the benefits of standardization claimed by ‘platform’ vendors.”

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet