Advanced security management solutions are an important next step in the ongoing fight against IT security threats. Info-Tech survey data shows that enterprises of all sizes understand this message and intend to adopt these solutions. Enterprises that have not yet investigated these solutions need to do so sooner rather than later.

Security is a ubiquitous topic with IT managers today. This note helps build understanding of how much of the IT budget is being allocated to security and further divides this expenditure into technology acquisition (i.e. purchases) and operational expenditures, of which the largest is staffing.

The prevailing opinion in regards to security threats is that the most significant ones originate from within the enterprise, and yet external threats are simply not going away. Malware continues to exist, vulnerabilities continue to be found, and e-mail threats continue to circulate. While enterprises must protect themselves from insider threats, they cannot ignore external threats to do so.

Info-Tech Research Group has developed a better way of addressing enterprise security through a model called Adaptive Security. This model goes beyond not only traditional security tools, but also recently proposed endpoint security frameworks. Adopting the Adaptive Security framework for security management will yield more consistent and higher levels of IT security.

By integrating with all aspects of the enterprise’s IT infrastructure, Security Information Management (SIM) provides a comprehensive view of enterprise security. This integration also allows the tool to more efficiently and accurately provide the information necessary for regulatory compliance audits. Mid-sized and larger enterprises, particularly those that are regulated, must investigate this...

Intrusion Detection and Prevention (IDP) continues to mature and is becoming an essential component of the corporate IT security infrastructure. Picking the right IDP solution is the key to achieving the greatest performance at the best price.

Information Risk Management (IRM) is the evolution from disparate IT security and compliance initiatives towards a more holistic approach to the protection of information assets and business continuity. Enterprises that continue to attack IT security issues in a purely tactical manner will find it increasingly difficult to manage the often complex and interrelated compliance, intellectual...

Microsoft’s focus and commitment to the security space is evidenced by the breadth and depth of its security strategy. While the tool set is capable, its focus is currently limited to Microsoft applications and networks so it is unsuited for deployment in mid to large sized enterprises. These organizations should not move on Microsoft’s vision yet, but should be mindful as coverage and...

An increasingly mobile workforce, partners, and contractors require remote connectivity to files and applications that reside behind the corporate firewall. Secure Socket Layer (SSL) VPN solutions provide enterprises with flexible, easy to manage, secure access to corporate resources, and should be on the network manager’s radar today.

Info-Tech Research Group’s Adaptive Security model improves the security of the enterprise while facilitating regulatory compliance. To achieve this, changes in the enterprise’s processes, technologies and organization are all required. Breaking the effort into a series of phases simplifies the work and spreads the cost, but requires careful planning. Start that planning today in order to begin...

Providing remote access to corporate resources for business continuity and disaster recovery scenarios has evolved in the past few years. For many enterprises, SSL VPNs are the ideal technology platform for remote access. However, SSL VPNs alone do have some limitations, and desktop virtualization options are available that warrant attention.

Laptop encryption is an extremely important security project that realistically should be undertaken by every organization that uses these extremely portable computers. A number of factors exist that will influence this decision and therefore must be carefully considered. Making the right decisions will allow the enterprise to achieve the most security, both today and tomorrow, for the fewest...

Microsoft released its Windows Vista operating system at the tail end of 2006. Many organizations opted to wait until Microsoft released Service Pack 1 for Vista, before considering adoption. On the eve of SP1’s general release, Info-Tech queried early adopters about the motivating factors for Windows Vista adoption. Understand the factors that are influential to peer organizations before...

Cisco’s Network Admission Control (NAC) is an integral component of the Cisco Self-Defending Network strategy. It provides access, endpoint, and network security through either a comprehensive framework or standalone appliance. Enterprises considering implementing Cisco NAC must evaluate their existing infrastructure to see if it can support this comprehensive NAC framework.

Intrusion Detection and Prevention (IDP) systems can be valuable security tools. Getting the most out of one requires careful implementation, which in turn requires a significant amount of planning. Understanding how to deploy sensors, where to place them, and how to monitor for alerts are three elements essential to a successful IDP implementation.

Intrusion Detection and Prevention (IDP) systems are an invaluable component of the security toolbox. While firewalls lock the doors, IDP systems act as network burglar alarms when the door is bypassed. The ITA Premium IDP Total Cost of Ownership Calculator can be used to determine the approximate Total Cost of Ownership (TCO) of an IDP implementation according to various models.

Intrusion Detection and Prevention (IDP) systems are complex security tools that cannot just be bought and installed. To be effective, a significant amount of planning must be invested before systems can even be purchased. This tool can help in this process. Essentially, this decision guide can be used to determine how many IDP sensors are appropriate for a given enterprise and where those...

Enterprises that need to provide secure network connectivity for remote employees, guests, partners, and contractors should evaluate SSL VPN solutions. For new VPN remote access deployments, or upgrading existing IPSec or PPTP VPN implementations, SSL VPN technology provides the most attractive TCO of all currently available remote access solutions.

With more organizations migrating from legacy Closed Circuit TV (CCTV) security monitoring to IP-based video surveillance, the IT function is taking on an increasingly critical role when it comes to physical security. To minimize the operational impact on IT, prepare for future changes by working closely with facilities teams towards an appropriate solution.

Many enterprises complicate business-critical application security by failing to identify and apply suitable end-to-end security measures on a per application basis. IT executives should consider using a top-down approach to security based on information derived from corporate security policy, business application importance, and potential liability.

Even though malware has been surpassed as the most significant threat that enterprises face, it has not been eliminated and continues to grow. Enterprises must remain vigilant when it comes to protecting themselves from this threat. To achieve the needed protection, thorough planning and careful deployment of a set of tiered tools must be undertaken.

Intrusion Detection and Prevention (IDP) is an essential weapon in an organization’s IT security arsenal. However, knowing exactly which solution to choose for the organization can be a complex issue. This comparison of ten top solutions simplifies that process by outlining the features to look for and indicating key decision making criteria.

Though generally being pitched at larger enterprises, Security Information Management (SIM) solutions have definite value for mid-market companies. Selecting the right solution from those available requires thorough understanding of enterprise needs and goals to ensure alignment with tool capabilities. While ArcSight and Symantec are the clear winners in this comparison, few of the evaluated...

The Info-Tech Research Group recently completed a comparison of eleven top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieved Competitor Zone placement is Cisco’s IPS 4200 Series. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP...

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is ForeScout’s ActiveScout. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP...

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention appliances. One of the solutions that achieves Competitor Zone placement is Intrusion’s SecureNet. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP solution.

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is Juniper Networks' IDP. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP solution.

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is NFR Security’s Sentivist. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP...

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is NitroSecurity’s NitroGuard Intrusion Prevention System (IPS). A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would be a good choice for an...

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is Radware’s DefensePro. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP solution.

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is Sourcefire’s Intrusion Sensor. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP...

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Competitor Zone placement is Top Layer’s IPS 5500. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP solution.

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Leader Zone placement is McAfee’s IntruShield. A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization implementing an IDP solution.

The Info-Tech Research Group recently completed a comparison of ten top Intrusion Detection and Prevention (IDP) appliances. One of the solutions that achieves Leader Zone placement is TippingPoint’s Intrusion Prevention System (IPS). A deeper evaluation of this product examines its specific strengths and weaknesses to determine to what degree it would make a good choice for an organization...

For organizations looking to implement a full-featured Security Information Management (SIM) solution, ArcSight ESM is difficult to beat. Though the company is smaller, it is well focused and has a solid ability to deliver. The product itself is feature-rich, highly scalable, and part of a well-designed and integrated family of products.

For organizations looking to implement a broadly capable Security Information Management (SIM) solution, CA’s Security Command Center makes a solid choice. The company is well established and the product is capable, though the solution is held back due to a high price.

For organizations that already use Tivoli software and are looking to implement a Security Information Management (SIM) solution, Tivoli Security Operations Manager (TSOM) makes a solid choice. For all others, it is acceptable at best. While the product itself is not the highest regarded solution, the company’s size and stability alone mean the solution will maintain viability.

Organizations looking to implement a Security Information Management (SIM) solution should consider Intellitactics’ Security Manager cautiously. While the product offers good pricing and solid capabilities, the risks of its low market penetration may make it inappropriate for some enterprises.

Though netForensics nFX Open Security Platform (nFX OSP) is an established and mature product, it is difficult to recommend it given the greater applicability shown by its competition in the marketplace. Those looking for a high-end solution would be better served investigating an alternate solution.

While NetIQ is an established and well funded company, it has relatively poor focus in the Security Information Management (SIM) market. Furthermore, its Security Manager product simply has too many negatives to be recommended. Those looking for a SIM solution would be better served with an alternate tool.

For enterprises looking to implement a full featured Security Information Management (SIM) solution, Novell Sentinel is a viable choice. Though there may be concerns about the stability of the company, Novell appears to have turned the corner and the solution itself is both mature and capable of high levels of performance.

For any enterprise planning to implement Security Information Management (SIM), Symantec’s Security Information Manager represents a very good choice. The solution is feature rich, attractively priced, and will serve enterprises of every of size. The present diffusion of company focus and the fact that the solution is only in its second revision are the only things keeping this tool from being...

For organizations looking to implement a simple SIM solution, TriGeo Security Information Management is ideal. The small size of the company does raise some concerns, but the clear focus of the solution on the mid-market and the excellent price point makes it a great choice for smaller enterprises.

When comparing specific Managed Security Services Providers (MSSPs) price should be one of the last factors considered as it’s often a case of “you get what you pay for.” Info-Tech’s ITA Premium “Managed IDP Evaluation Questionnaire” is a document that outlines imperative questions to ask of MSSPs when evaluating potential partners.

Using a Managed Security Services Provider (MSSP) for Intrusion Detection and Prevention (IDP) services can be a cost-effective choice when compared to a self-managed infrastructure. When comparing specific providers however, price should be one of the last factors considered as it’s often a case of “you get what you pay for.” Other criteria become far more important once the decision to use an...

No matter how large or small the enterprise, anti-virus (AV) is a solution that must be deployed. Even though the market is commoditized, sufficient variability exists between the available products for every enterprise to choose the one most appropriate to its needs. Weighing features, platform coverage, and price is essential to that choice.

With the rapid proliferation of Wireless LANs (WLAN) in the enterprise, the demand for Wireless Intrusion Detection/Prevention Systems (WIPS) is growing in kind. Enterprises considering augmenting the security features of the existing WLAN with a pure-play WIPS should scrutinize vendor technology partnerships as well as features and functions.

Passwords. Just saying the word invariably makes both users and administrators cringe. Whether they arise from forgotten passwords, compromised passwords, weak passwords or a number of other issues, problems exist. The most important step in resolving these issues is using a rigorous password policy.

Endpoint security has become the new frontier in protecting IT assets from vulnerabilities and threats. A number of competing, yet eerily similar, models have been proposed by some of the biggest names in IT to address this issue. Ensure appropriate alignment of security spending by understanding the principles of endpoint security.

Creating a formal enterprise security policy can be a lot of work, but until that policy is implemented, it will provide no benefit. While that implementation process can be time-consuming, it does not have to be overly complex. Make clear decisions now to save hours of aggravation later.

Historically, delivering virtual desktops to remote users required a separate connectivity and virtualization infrastructure, but that is starting to change. VMware recently announced its VMware Desktop Manager (VDM) add-on to its Virtual Desktop Infrastructure (VDI) product offering, which will help ease implementation headaches.

Creating a security policy can be a lot of work, but until that policy is implemented, it will provide no benefit. While that implementation process can be time-consuming, it does not have to be overly complex. Use this tool to determine the order with which changes should be implemented.

An enterprise security policy is a document of too much importance to be without. It defines not only the overall stance that the enterprise will take in protecting its assets, but also the methods it will use to enforce that stance. The creation of such a document can be a time consuming process. By first developing a framework, under which the policy creation will occur, the work can be...

Public Key Infrastructure (PKI) is an important encryption technology as it ensures trust between unknown parties. It also allows the enterprise a greater level of control over internal encryption processes. Though long considered scary, implementing a PKI does not have to be complicated due to the inherent facility within Microsoft Windows Server 2003. Using these guidelines, any enterprise can...

Given the frequency with which vendors can release critical fixes, a structured approach to applying new firmware and software updates within an enterprise IP Telephony (IPT) deployment is essential. Protect against IPT vulnerabilities with a comprehensive patch management plan.

Businesses continue to benefit by offering shared access data centers to partners, suppliers, and clients. The issue in this method of organization is ensuring that each category of user has access only to appropriate and authorized data. Create a tiered data center structure to provide physical and logical layering and to offer efficiencies and security that more distributed structures do not...

As the importance of IT security continues to grow, every enterprise will benefit from assigning dedicated security responsibilities. Recognizing which skills are required and the order in which they are needed is essential to building the security team in the most efficient and cost-effective manner.

Providing the appropriate employees with mobile devices and remote access capabilities typically has a positive effect on workforce productivity and overall business operations. However, a growing fleet of mobile devices operating outside of the enterprise perimeter can represent a significant security concern. Establish a high level of mobile security awareness across the user base to minimize...