E-Handbook: Can holistic cybersecurity deliver the needed protection? Article 2 of 4

What holistic network security tools offer an organization

Tools that provide a holistic approach to monitoring the IT infrastructure come in a variety of configurations and delivery models. Learn what's available.

A class of holistic network security tools promises to safeguard an organization's IT infrastructure by bringing multiple point products under one umbrella. Increasingly, vendors are delivering these combined services as a cloud-based platform and offering them as an on-premises product. Some vendors also package these platforms along with consulting and operations capabilities to deliver holistic cybersecurity monitoring as a managed service.

These latest holistic network security products can provide significant benefits for organizations, but at the same time, they also have limits and drawbacks that enterprise security teams need to consider before opting to deploy them, according to industry experts.

This class of security tools essentially rolls up into one offering a number of point products -- from antivirus software to email filtering capabilities to a traditional firewall. They also generally include an intelligence component -- that is, a software component that can be trained to recognize, or even learn, what's likely a security issue versus what's a false alarm. As such, these platforms have the potential to bring significant benefits to enterprise security leaders.

First, they can create efficiencies and simplify operations by reducing the number of products within an organization. (That could potentially yield cost savings, too.)

They also can decrease the need for a wide range of expertise on the security team by reducing the number of different tools used, a particularly attractive benefit as most security leaders struggle to find the security talent they need in this tight job market.

Moreover, these platforms generally deliver more comprehensive security layers than what a typical organization had in place prior to their deployment. That then enables the security teams to shift from nuts-and-bolts work to higher-value tasks.

"They're definitely more secure and more efficient than what any organization can build out themselves," said David Chou, vice president and principal analyst with Constellation Research.

Limits to holistic network security products

We need to be wary of those who promise a one-size-fits-all capability.
Gregory TouhillBoard director, ISACA

Still, experts do see limits on what these holistic network security tools can deliver to organizations. "We need to be wary of those who promise a one-size-fits-all capability," said Gregory Touhill, a board director at the IT governance professional organization ISACA. (If Touhill's name sounds familiar, it's probably because before joining ISACA, he served as the first federal CISO in the United States.)

Touhill, who is also president of Cyxtera Federal Group, a secure infrastructure company offering data center services and cybersecurity capabilities to federal agencies and departments, added, "Your information is everywhere: on premises, collocated, in multiple clouds and on a variety of mobile devices. All the tools I've evaluated that advertise themselves as 'holistic' don't actually scale across all the platforms where your information resides. Some get close, but can't truly monitor everywhere and everything."

Enterprise security leaders also may find making the shift to these holistic network security tools easier said than done. Many are finding that they can't use these tools because their own IT environments aren't updated enough to support them. "Organizations will have to invest in their infrastructure first, and then they can think about using next-generation security tool sets," Chou said.

Gregory Touhill, Board director, ISACAGregory Touhill

Additionally, security leaders implementing cloud-based versions of these tools will need to ensure their security team is equipped with the skill sets needed for a cloud deployment.

And they need to consider whether their organizations will be affected by any of the potential downsides of shifting to one of these platforms. Those downsides could include vendor lock-in over a larger portion of the security infrastructure, loss of full control and creating a large single-point of failure within the security program.

In the end, experts said, security leaders must analyze whether they'll actually get the benefits they want from these holistic network security tools and whether the potential gains outweigh any concerns or potential drawbacks.

Dig Deeper on Compliance

Enterprise Desktop
Cloud Computing