A decade ago, the IT department would probably have a voice manager and a data manager, working together but with different concerns, technologies and targets - today, those two disciplines have merged. From our research, we believe that today's Network Manager and Security Manager roles are converging as organisation demands evolve and we are looking at a future where these two teams are increasingly aiming at the same goal ? high performance and security implemented together. Until recently, networking and security management have usually been seen as separate disciplines. While many vendors paid lip service in marketechture visions of deeply integrated security with the rest of systems and application management, this vision never materialised
Instead, the security and network disciplines evolved into distinct areas with their own best of breed solutions that involved separate expertise for management. Security focused on risk mitigation and analysis while network management gained prominence in performance, speed, network infrastructure and operations. In some cases, security was considered secondary to maintaining performance and availability as companies pursued growth at all costs. However, the combination of new laws, regulations and highly visible data loss and virus attacks, has transformed security from a back room to a boardroom issue. In the past, integration between security and the network was often an afterthought that began to gain more attention as systems and security become more complex. Today, most organisations are seeking a holistic view of the enterprise and are under pressure to lower total cost of ownership while making the most of limited staff and budgets. Companies should exploit the security and networking management convergence
There are several areas where the convergence of network and security management can make a big difference in improving efficiency and effectiveness across the enterprise.
Besides consolidation, compound policy correlation would enable IT staff to manage the flood of events from monitoring tools more effectively by helping to identify problems that affect both the network and security. A common rule-set across both would allow administrators to replicate and scale management across a complex enterprise, helping to bring unity to monitoring and management activities.
The convergence can also create a more consistent approach across the organisation. One of the biggest challenges facing IT operations is to securely build, deploy, monitor and patch multiple systems. There are typically several departments involved, each with their own methods that operate independently. As systems grow more complex, the duplicated processes become labour-intensive and wasteful.
IT management is recognising that common functions should be converged through a change management and workflow process that balances the need for security with the goals of the business.
At a more granular level, unified reporting can provide IT staff with a better picture of how systems are performing as well as guide change management processes and help in consistent application of configuration, patch, and vulnerability management. IT management professionals at all levels need to work together to overcome traditional barriers built up over the past decade.
In many cases, traditional systems and security roles tend to foster separate silos of administration and management. This manifests itself in security and networking professionals buying different products from different vendors without considering the benefits of sharing systems and using common platforms. IT professionals must assume a leadership role by looking beyond their formal functions and job definitions to gain a broader perspective and sense of customer value that IT can offer the organisation as a whole.
Thinking outside the box
Obviously executive management commitment (IT and otherwise) to exploring the convergence can be a significant force in encouraging and rewarding thinking outside the traditional boxes that separate network and security management. Business service management programs, for example, need to have specific objectives for exploiting convergence opportunities in the critical areas previously mentioned.
Finally, web security vendors need to improve their tools and services with an eye towards automating the key processes of management, policy compliance, enforcement, consolidated reporting and visualisation in order to foster and strengthen the relationship between the two parties. Indeed the challenge for many vendors is to leverage the positive potential of their applications whilst protecting the corporate network from web viruses, spyware and other malware that could compromise network security. The answer is to provide a fully installed system into the complex network environment, facilitated by a flexible architecture that allows organisations to overcome the many security challenges.
Deploying products that aim to deliver in just one area risks alienating the other ? network managers don't want a device on the network that slows data down just as security managers don't need a device that speeds up malware, spyware and virus propagation and yet both types of devices are available from single-focus manufacturers. Over time, solutions are evolving to deliver benefits to both networking and security professionals. A service that provides both parties with reporting dashboards that show performance and security together; that can interpret the networking impact of security threats or see a network issue and correlate the threat inside will deliver value to both areas of the business. Where a single family of devices can both block or bandwidth manage least-desirable content while accelerating the business-critical data, IT security and IT networking both benefit.
With one view, one management interface and the ability to define policies and priorities based not only on traditional networking parameters (port, application) and security parameters (user, content) simultaneously, network managers and security managers will find natural areas of cooperation and the business will ultimately benefit.
From a security and network management perspective, companies could then adopt a solution that will mean savings in time and resources. A service that provides the two parties with a dashboard which enables information on site category, URL, user, department, number of bytes downloaded, time of day or length of download. Part of a modular approach to building these solutions comes from choosing tools that result in immediate value, measured in terms of days, not weeks, months or years. Consensus and cooperation among IT professionals can be built over time but results have to be measured and articulated as soon as possible to justify the investment. By choosing specific areas to address first and making sure solutions show rapid results, security and network professionals can build and sustain not only the momentum, but their converging relationship.
Tags: Applications, Hosting & Colocation, Design & Facilities Management, Networks & Telco , Security, Servers, Storage Networking