For small and medium-sized businesses looking to secure their networks, multifunction security systems are a better option than best-of-breed technology
IT security is complex, and trying to work out whether it is better to use dedicated best-of-breed systems or those that deliver a range of capabilities in a single appliance can be a difficult decision to make, especially if you are not a specialist in either security or networking.
This is one of the reasons why network security systems in small and medium-sizes enterprises (SMEs) tend to be put in place and then left alone as much as possible.
In a recent study, Freeform Dynamics asked a number of SMEs in the UK, Germany and France how they implemented security against the backdrop of today’s rapidly evolving threat landscape. As we can see from the chart below, for the majority of SMEs network management and security are currently delivered using appliances or software that combine multiple capabilities in a single product. Only a minority of organisations make use of dedicated equipment.
It is notable that given the very diverse range of security and network management areas covered – web application security, email security, data loss prevention, web filtering, wide-area network optimisation – there is remarkably little difference in the approach taken to implementing each capability. Once a multi-purpose system is in place, it is natural to exploit as many as possible of the functions it provides.
In many ways, these results are as expected given that so few SMEs are able to employ IT professionals with specialist skills in each of these complex technology areas. Multifunction systems are often built with ease of management and ongoing administration in mind, making them well suited for organisations where IT is administered by generalists.
However, when questioned on preferences, it is clear that while multifunction devices are widely used, dedicated/best-of-breed alternatives are perceived to be more desirable. This second chart indicates that the preference for dedicated systems has become more pronounced in recent years.
This change may well reflect the fact that many of those surveyed also report a wide range of escalating pressures and requirements being placed on their networks, with such demands also expected to increase rapidly going forwards.
Against this background, the perception is that single-function systems are more capable and offer better protection than multifunction offerings. The benefits cited include greater functionality, better performance and scalability, improved reliability and more flexibility.
Beyond this, with the increasing use of cloud meaning there’s often no longer a clearly defined single border to defend, the need to protect hosted environments by deploying security in the cloud is in the front of many people’s minds. As multifunction systems, more than dedicated alternatives, have historically often only been delivered as hardware rather than virtual appliances, this is another perceived reason for favouring best of breed.
While such considerations can make the logic of emphasising dedicated/best-of-breed systems seem clear, an important truth is that the underlying perceptions coming through are, more often than not, incorrect nowadays.
Multipurpose boxes may not be able to deal with extreme and exceptional requirements, but they have come a long way in the last few years. For most functions in many deployment scenarios, the difference between these and dedicated alternatives won’t matter significantly. Meanwhile, virtual appliance options of all kinds are now much more widely available in the market. Even application delivery controllers (ADCs) are now available in virtual form.