Is a Platform Security Strategy Realistic?

The choice between using a single vendor platform, and integrating best-of-breed point products from different vendors is as old as computing – but is particularly pertinent to cyber security. In April this year Fortinet commissioned a survey of IT decision makers in 10 countries around the world, with particular reference to firewalls; and discussed some of the findings in a blog post yesterday.

The key finding for Fortinet is that 59% of approximately 1,000 respondents described their greatest challenge in achieving automated and consistent security policies across their networks is down to the numerous firewall solutions deployed within their network infrastructures.

The precise results varied slightly between geographic regions. The US and EMEA (comprising the UK, Germany and France) were almost identical at 55% and 54% respectively; with UPAC (comprising India, China, Korea, Japan and Australia) at 64%.

This response dwarfs other problems. Insufficient staff skills to implement standard procedures and problems from different security requirements throughout the network all returned around 20% – with only EMEA standing out with 26% for differing requirements.

In its blog, Fortinet concentrates on the difficulty in integrating different security solutions. The problem, it suggests, is that security managers already need to monitor an average of 14 different security consoles, and frequently have to hand correlate events and incident information in order to detect and respond to threats. “This is a strategy that clearly will not scale as the volume of traffic and number of devices on their network continues to grow,” it warns.

In response to this problem vendors have started to sell the advantages of single-vendor solutions on a single platform (which Fortinet calls in its blog, ‘The Myth of the Platform Security Strategy’). Single vendors cannot develop a complete range of security solutions, and consequently expand their platform by buying other companies and their technology. 

But, suggests Fortinet, “While these vendors may offer a wide range of security tools, their solutions are hardly integrated. They often run on different operating systems, use different management tools, and cannot provide unified visibility, control, response, or reporting. And their lack of standardization makes integration with third-party solutions difficult if not impossible.”

This view is supported, it adds, by the survey responses. Sixty-one percent “of IT leaders said that the lack of ‘standardization of security technologies’ from such vendors was still a barrier to re-architecting their infrastructures with the advanced security solutions they need to protect themselves.” This ranged between 55% in EMEA and 65% in the US.

Fortinet’s conclusion is that security managers and IT decision-makers should ask themselves whether a single-vendor strategy is any solution if the resulting deployment is just as complex and resource-intensive as the multi-vendor approach.

Fortinet’s approach is to integrate its own firewalls and other technologies interconnected by a single unified operating system. It calls this a Security Fabric, and provides open APIs for other vendors to integrate their own products. This architecture, it claims, “actually delivers the benefits of standardization claimed by ‘platform’ vendors.”