Firewalls will soon be history- Foundry Networks

Most Commented

Unified Communication for your Biz

Improve your contact center performance. See how you can make a difference.

Watch Now

Reach the ICT Community

Engage and build your ICT audience with CIOL online advertising.

Know more

"Firewalls will soon be history"

A must have for enterprises to tackle security threats, firewalls will soon be thing of past, contends Foundry

Idhries Ahmad

Monday, October 22, 2007

Email This

Print This

Comments

RSS

BANGALORE, INDIA: Firewalls and security software products are a must for enterprises to help them deal with the deluge of attacks from spammers, hackers and viruses.

However, deploying firewalls and other security software products in enterprises, will soon be thing of past, forecasts Chandra Kopparapu, vice-president sales, Asia Pacific, Foundry Networks.

"If I need a firewall and a switch, why do I need separate boxes for them? Why can't someone make a single box that has both?" asks Kopparapu.

Drawing an analogy with a one-arm router, Kopparapu says that companies in past made a lot of money and a lot of products around a one-arm router. "But not anymore. The same thing will happen with firewalls", contends Kopparapu.

In an interaction with Idhries Ahmad of CIOL, Kopparapu explains the trends in network security domain, and how organizations can consistently foresee a security threat and come up with a solution to tackle that.

Kopparapu also has a word or two for CIO's to deal with serious security threat posed by insiders rather than external hackers to organization's assets. Excerpts:

CIOL: One of the biggest problems for enterprise is how to foresee a threat and come up with a solution? How can an enterprise be able to do that consistently?

Chandra Kopparapu: In order to solve this problem, you need to know what you don't know -- this means research, investment, proper due diligence and time-and-effort. There are thousands of security products and solutions out there. Thousands more are waiting to be invented. Keeping up with and understanding all of them takes a lot of work.

Determining which solutions are important to your network and which are not, also takes a lot of work. Every network is different with different security needs and different security priorities, and this is the reality enterprises face.

There is no "silver bullet" in security where one product will protect your network from all threat today and in the future.

CIOL: Contrary to common belief, insiders, rather than external hackers, pose the most serious threats to an organization's assets. How does Foundry Networks look at the threat?

CK: The best protection to insider threats is having multiple layers of security. Here are some suggestions. Enable 802.1x authentication on your ports from where insiders access your network. Use a NAC or NAP or some sort of admission control solution. There are many out there to choose from.

Enforce anti-virus policies on every device used by your insiders. This can be through anti-virus software on devices or by some IPS or IDS in your network. Enable all or any DOS protection on your network. There are lots of DOS protection features embedded into switches and routers, so use them.

CIOL: Foundry Networks has this interesting assumption about "firewalls and software products" becoming outdated soon. Can you explain how is that going to happen since firewalls and other software products have become part and parcel of every enterprise network?

CK: Use the precedence set by the one-arm router. There was a time when companies made a lot of money and a lot of products around a one-arm router. Not anymore! The same thing applies to firewalls. If I need a firewall and a switch, why do I need separate boxes for them? Why can't someone make a single box that has both?

This is the approach Foundry has adopted with its embedded security capabilities that are built into all switches, and SecureIron LAN switches and perimeter traffic managers.

It is designed to deliver application level intelligence and security protection throughout the enterprise network, including at the network perimeter and inside the LAN.

CIOL: What does Foundry's SecureIron Family bring to the table that secures enterprise network?

CK: Foundry's SecureIron solution is designed to deliver application level intelligence and security protection throughout the enterprise network, including at the network perimeter and inside the LAN.

The solution consists of two distinct product families –SecureIron perimeter traffic managers for security augmentation and traffic optimization at the enterprise perimeter; and SecureIron LAN switches for inside the LAN protection against emerging threats from within the enterprise network from malicious users and machines.

The SecureIron family of products is the first-of-a-kind to embed security features into the network switch for total integration of security into the infrastructure throughout the enterprise. The switches feature Layer 2 through Layer 7 intelligence to protect against many forms of network and application level attacks at multi-gigabit speeds to deliver unparalleled security performance at LAN rates.

At the perimeter, the SecureIron traffic managers deliver critical security augmentation to traditional firewalls and optimize application performance by maximizing utilization of ISP WAN bandwidth and firewall capacity with advanced traffic management features.

CIOL: Can you share in detail some of the trends that you have been seeing in network security domain?

CK: NAC, NAP, IDS, IPS, DOS protection, email filtering, etc., things like these are well publicized and have already attracted lots of attention from vendors, customers, users, etc.

However, all this attention is necessary because these are critical security issues and all need to be addressed in any enterprise network. What about some under-appreciated network security threats? What parts of the network are we lacking protection? One area is location-based security.

Knowing where a security threat is physically located now and knowing where it has been and tracking its location as it moves. It's one thing to detect a security threat. It's also one thing to mitigate a security threat. However, the real objective should be to remove security threats. This can only be accomplished if you can physically locate it. I predict a big trend toward new security products and solutions to do this.

©CIOL Bureau

Would you like to on this article?

Read Comments

Kandarp Devashrayee said on 6/3/2008 1:36:27 PM:
We are partner of Checkpoint,Nokia,Juiper,Watchguard and Sonicwall range of products.We are only company is gujarat who are dealing only with network security products.We would like know more about your products and if suitable would like you to add in our portfolio.Waiting for reply and details.

to Kandarp Devashrayee

Name
Email
Your reply

China wooing Indian IT companies

Intuit Money Manager set to make India debut

Obama visit arouses mistrust among China netizens

I have never used Twitter: Obama

Is China speaking English to beat Indian IT?

R&M unveils new cabling module, Cat. 6A

USB 3.0: Simplifying validation and debug

Imation ships world's first wireless USB HD

NaviSite inks deal with InMobi

India, China add big buzz to wireless broadband

	Simplify Business Management. ERP solutions by IBM
	Carry your Dream, Convey your Value with ZTE
	A fault tolerant server to reduce your TCO

	A must attend event for IT Professionals
	How to make your enterprise productive
	Unified Communication can impact business. Know how

	Making Web3.0 a Reality!
	CIOL Enterprise Next :What's NEXT in IT? :
	Decrease Total System Costs With Cyclone IV FPGAs

	Reach your desired Target Audience and realize high ROI
	Effective ways of Customer Acquisition through Demand Generation
	Reach 2,500 potential Enterprise Customers!