Security over sell can't go on

Experts call for better security provision in network equipment

The IT industry has made too much money selling too many security systems to enterprise buyers for too long, say experts, who have called on security products to be embedded in network equipment rather than sold as additional products or services.

“How long will enterprise buyers accept security as an additional cost point? The idea that you buy a car but the seat belts cost extra is ridiculous – you need security embedded as part of the package,” said Jeremiah Caron, vice-president of Current Analysis, at today’s NetEvents industry conference in Portugal.

Jan Guldentops, director of BA Test Labs, said it is lamentable that significant network security problems still plague IT managers, with few issues completely solved during the past decade.
“Security is quite an old game, and after 10 years you would imagine that we would have got it fixed by now. But we still have a big problem and the industry has made millions of dollars from it,” he said.

Some vendors have combined security functions like firewalls, antivirus and intruder detection/prevention systems (IDS/IPS) into unified threat management (UTM) devices. But Guldentops said core equipment manufacturers must go further by integrating these functions for free into new switches and routers alongside user authentication and network access control, something that HP ProCurve and D-Link have already intimated they plan to do in the future.

In the meantime, security vendors are shifting their attention to protecting the growing number of public access and private company wireless LANs (WLANs), according to Dave Endler, director of security research for TippingPoint and chairman of the Voice over IP Security Alliance.

“Wireless brings new security challenges, but we’ve seen this story played out many times before; a new killer technology emerges, but only an elite few know either how to take advantage of or abuse it. Then, as user numbers and accessibility increases, more hackers start to target it,” he explained.