Network security consolidation is not only about cost

Most medium to large European companies plan to consolidate network security on a single hardware appliance in the next year, but cost is not the only driver.

Ninety per cent of IT directors polled in the UK, France and Germany say they will consolidate their networks in the coming months.

Reducing cost is one of the main reasons for the move, but simplified network security management is the biggest driver overall.

Rick Cole, IT manager at financial services firm B&CE, says the move to a single appliance for all network security is a "no-brainer".

The switch was prompted by B&CE's need to upgrade its firewall security and capacity to support new e-commerce projects.

"I could not see the sense in getting to grips with several software products, when it could be done all in one package," says Cole.

B&CE plans to run its new firewall on a single Fortinet unified threat management (UTM) appliance and then gradually add all other network security applications.

Organisations are typically able to put e-mail filtering, web filtering, intrusion prevention, network gateway anti-virus, and access control applications on a UTM appliance.

IT staff will only have one network security management console to learn how to use, there will be improved visibility of network activity, and better reporting through consolidation.

Cole says administrative benefits include having a single point of contact for support and not having to manage several separate software licences and service contracts.

Andy Hamilton, network manager at University College Oxford, says having only one set of skills to learn is a great time saver.

"Simplified training and quicker support from one company are definite benefits," he says.

Hamilton says improved security is another big benefit of having a single appliance from a single supplier.

"This means there are no interoperability issues. It is also easier to secure one box than multiple boxes," he says.

Improved security is one of the top three reasons survey respondents cite for network security consolidation, but it is the top reason given by UK respondents, ahead of improved management and lower operating costs.

Tony Dyhouse, director at Cyber Security Knowledge Transfer Network, says UTM means systems are combined, making security a simpler process.

"This means there is less reliance on experts because the product is simpler and more manageable. This is particularly useful for smaller companies that cannot afford the same level of security expertise as larger companies," he says.

Overall, lower costs is the second most important reason given for consolidating network security.

B&CE expects to cut operating costs by about half, and University College estimates that costs have dropped by a third.

Dyhouse says the recession has put great pressure on security managers to justify their expenditure.

"Moving to products which can offer multiple functions is a good way to show cost saving to the board," he says.

Richard Brain, technical director at security firm Procheckup, which operatives five UTMs, says advantages also include savings in power consumption and rack space.

Romain Foucherou, an analyst at IDC, says the recession has taught most organisations the value of a consolidated approach to network security, which frees businesses from rigid per-user licensing models.

"Once companies have invested in a single hardware appliance, new capabilities can be added with a simple hardware upgrade," says Foucherou.

This means organisations can be assured of future scalability as the business grows and the threat environment changes, without buying additional hardware.

However, Brain warns that consolidation carries the risk of having a single point of failure for all network security applications.

He also cautions against potential hidden costs. "Watch out for extras like support and 24-hour call out. This can be expensive," he says.

Foucherou says UTM appliances have come a long way in the past three years. Technological advances have enabled the security, reliability and throughput that enterprises demand.

This has been one of the main reasons UTM solutions have graduated from branch offices to enterprises, backed by a strong focus of suppliers on the higher end of the market.

The following article appears on Computer Weekly. You can click here to read it in its original source.