Unified Threat Management (UTM)

Unified Threat Management is an emerging trend in the firewall appliance security market. It is the evolution of the traditional firewall into a product that not only guards against intrusion but performs content filtering, spam filtering, intrusion detection and anti-virus duties traditionally handled by multiple systems.

When hackers were the primary focus of an IT enterprise, a firewall was sufficient to protect most networks.

Then as viruses became more prevalent, corporates took to anti-virus gateways that scanned for viruses followed by Web content filtering, and later, spam filtering. This resulted in a mess of systems that were costly to administer and took up valuable rack space.

As the hardware that powered today's enterprise firewalls became more robust it became viable to add functions that were traditionally off the box right into the firewall.

Firewalls became 'firewall appliances'. This is where Unified Threat Management comes in. Rather than administer multiple systems that handle anti-virus, content filtering, intrusion detection and spam filtering, companies can purchase a Unified Threat Management firewall appliance that integrates all of the above into a single rack mountable network appliance. The multiple functionality of the Unified Threat Management appliance can be the justification for replacing older more basic firewalls.

What do they consist of?

IDC has defined what a UTM appliance must consist of to be regarded as such. First, it must have an operating system and an installation process that requires a minimum of human intervention.

The appliance must have the ability to perform network firewalling, intrusion detection and prevention (IDS/IPS) and gateway anti-virus (AV). All capabilities need not be utilised, but the functions must exist in the appliance. A UTM appliance may also include other features such as security management and policy management by group or user.

Most Wanted Technologies

Here's a list of the technologies that CIOs are dying to deploy:

ERP - STILL THE TOPMOST

It's still the real thing for the Indian CIO. Decades after it made its debut, ERP continues to dominate corporate thinking. Of course, along the way it has managed to subsume other technologies so that you find modules as disparate as HR and supply chain management finding their way into what's still labelled as ERP.

Then, of course, there remains the fact that the migration from an ill assorted mix of legacy applications, accounting software and other sundry tools to ERP is still very much on ongoing part of the Indian IT revolution.

SECURITY - LOCK THAT SYSTEM DOWN

This isn't really a technology but it's a pressing concern related to it. IS 2005 Survey respondents voted it the second most important technology consideration on their agenda.

Living, as we do, in a world where every other day brings news of some new incidence of systems being breached with horrendous results - it's clear why CIOs think so.

India Inc. is just moving from the basic anti-virus and firewall kind of perimeter security to Intrusion Detection Systems, Access Control Devices, cryptography, identity mangement and security appliances.

In terms of security policy, more than 61 percent of organisations that have invested or are planning to invest in security have one. Unfortunately, that fervour doesn't extend to keeping tabs on the efficacy of said policy. Two out of three companies fail to conduct security audits.

(to be continued...)

Source - Network Magazine

Outsourcing - a key business decision

It is important to understand that outsourcing is a business-related decision and not simply an IT need.

The pressures of competitive market force organisations to focus on their core activities - activities that directly link-up directly to revenues and hence profitibality. In such a scenario, companies tend to outsource their non-core tasks to focus on business decision-making. And IT infrastructure easily lends itself to outsourcing.

Outsourcing is best adopted after a careful look at business needs and available options. It is essential that the outsourcing relationship provides strategic business benefits in the future. It is important to understand that outsourcing is a business-related decision and not simply an IT need. The ultimate goal of outsourcing is to bring benefits to the business and subsequently to the customer. In the past, Indian companies were not very keen to outsource their IT needs, primarily because their enterprise IT environments were relatively less complex, easier to manage, and inexpensive to maintain. Besides, few outsourcing service providers offered various outsourcing options under one roof. But now IT environments in companies have become more complex. There has been growth in terms of volume of business, range of services, number of employees, number of competitors, nationwide locations, and enterprise applications. This calls for more attention to IT as a service to provide strategic business benefits.

To help organizations get optimum value out of IT and use it as a strategic tool to further the cause of business, many CIOs think it worthwhile to outsource IT infrastructure management. Indian enterprises today have a variety of outsourcing options from which they can choose the right fit. Outsourcing solution providers offer services that include desktop client management, server management, cable management, firewall management, patch management, software license management, IT audits, backbone and connectivity, website hosting, and IT infrastructure management. Thus the available services are innovative, significantly more customised, and better aligned with individual customer requirements. An enterprise can pick-and-choose specific services and build a reliable mode of service delivery. A company can outsource basic desktop management needs, or the management of the entire nationwide IT infrastructure if needed.

Just a Question

Expand MPLS How much percentage of Indian organisations do not conduct security audits?

Please email your answers to esbmarketing@sifycorp.com and win a surprise gift. The subject should read 'Just a Question'

Here's a list of the technologies that CIOs are dying to deploy...

SOA-Glue for the enterprise :

Service Oriented Architecture (SOA) is the latest wrinkle on the Web Services front. Except that SOA goes far beyond what Web Services intended. This technology ties right into the enterprise CIO's desire to redesign, rejig or otherwise rationalise his or her IT set-up. India Inc. is taking to the concept with a healthy dose of caution.

The pilot will be in several stages where a publisher that can be used by many other applications will be identified. Stores and DNS servers will be created so that applications across the group will know that this new SOA application exists. Finally the published application will be stored, retrieved and managed.

Corporate data centres :

A data centre isn't an application, it's more of an application repository. That said, in the last few years, corporate data centres have, for want of a better word, mushroomed. They are everywhere and the server room has died, unmourned.

This is one area where government/PSU organisations are the most enthusiastic with 42 percent rating data centres as a top technology priority. Auto components, oil/power and manufacturing were other verticals that were bullish about data centres.

Accumulating data in warehouses :

There comes a time in the life of an organisation when it finds that its databases are too big to manage and it needs a fresh approach, better tools to handle this monster.

That's when CIOs start combining databases and scrubbing their data to get it ready for mining and analysis. Data warehouses aren't new, they started long ago.