IT Security is complex and trying to work out whether it is better to use dedicated best of breed systems or solutions that deliver a range of capabilities in a single appliance can be a difficult decision to make, especially if you are not a specialist in either security or networking. This is one of the reasons why network security solutions in small and mid-size businesses tend to be put in place and then left alone as much as possible. In a recent study, Freeform Dynamics asked a number of small and mid-sized businesses in the UK, Germany and France how they implemented security against the backdrop of today’s rapidly evolving threat landscape (Figure 1). Click on chart to enlarge Figure 1 As we can see, for the majority of SMBs in our survey, network management and security are currently delivered using appliances or software that combine multiple capabilities in a single solution. Only a minority of organisations make use of dedicated equipment. It is notable that given the very diverse range of security and network management areas covered, e.g. web application security, email security, DLP, web filtering, WAN optimisation etc., there is remarkably little difference in the approach taken to implementing each capability. Once a multi-purpose solution is in place, it is natural to exploit as many as possible of the functions it provides. In many ways these results are as expected given that so few SMBs are able to employ IT professionals with specialist skills in each of these complex technology areas. Multi-function solutions are often built with ease of management and ongoing administration in mind, making them well suited for organisations where IT is administered by generalists. However, when questioned on preferences, it is clear that while multi-function devices are widely used, dedicated/best of breed alternatives are perceived to be more desirable (Figure 2). Click on chart to enlarge Figure 2 The chart also indicates that the preference for dedicated solutions has become even more pronounced in recent years. This change may well reflect the fact that many of those surveyed also report a wide range of escalating pressures and requirements being placed upon their networks, with such demands also expected to increase rapidly going forwards. Against this background, the perception is that single function solutions are more capable and offer ‘better’ protection than multi-function offerings. The benefits cited include greater functionality, better performance and scalability, improved reliability and more flexibility. Beyond this, with the increasing use of cloud meaning there’s often no longer a clearly defined single border to defend, the need to protect hosted environments by deploying security in the cloud is in the front of many peoples’ minds. As multifunction solutions, more than dedicated alternatives, have historically often only been delivered as hardware rather than virtual appliances, this is another perceived reason for favouring best of breed. While such considerations can make the logic of emphasising dedicated/best of breed solutions seem clear, an important truth is that the underlying perceptions coming through are more often than not incorrect nowadays. Multi-purpose boxes may not be able to deal with extreme and exceptional requirements, but they have come a long way in the last few years. For most functions in many deployment scenarios, the difference between these and dedicated alternatives won’t matter significantly. Meanwhile, virtual appliance options of all kinds are now much more widely available in the market. You can even buy Application Delivery Controllers (ADCs) in virtual form. With this in mind, the research highlights a knowledge gap among those looking after the communications infrastructure in smaller businesses. The challenge, however, is for SMBs to be able to find the time to investigate options, understand their capabilities and constraints, and then work out which solutions would best meet their needs. For some it may mean moving towards greater use of dedicated solutions while for others multi-function solutions, especially those developed in recent years, could prove to be the better choice. From a practical perspective, getting a clear picture of the needs of the business and how different solutions match up will take time, but the investment will be worthwhile. Working with the right suppliers can help here, especially manufacturers and resellers that offer a wide range of solutions and who have no axe to grind on whether to advise you down one route or another. In summary, the common perceived need for dedicated solutions is probably the result of a lack of knowledge of the functionality available in many new multi-function systems. There is no doubt that dedicated single purpose solutions have their place, but for most SMBs it is probably as an exception rather than being the rule. The net takeaway is do your homework and/or work with knowledgeable broad-portfolio suppliers/resellers who can provide advice to help define your requirements and help you to determine the best way to modernise your capabilities. In the meantime, don’t let lack of knowledge or uncertainty hold you back. The pressures on your network will only get greater over time, and it’s always best to modernise proactively rather than wait for something to break. If you would like to find out more about the research discussed in this article, you can download the report, Future Proofing your Network here. ORIGINALLY PUBLISHED ON
Tony is an IT operations guru. As an ex-IT manager with an insatiable thirst for knowledge, his extensive vendor briefing agenda makes him one of the most well informed analysts in the industry, particularly on the diversity of solutions and approaches available to tackle key operational requirements. If you are a vendor talking about a new offering, be very careful about describing it to Tony as ‘unique’, because if it isn’t, he’ll probably know.