So, just like airlines who need to know their most important customers, who habitually arrives late at check-in, who uses multiple airlines, and who is loyal, security gateways can show what each user does, for how long, and where they go. Then the company's management can ascertain whether there is a problem that needs to be addressed.
Implications For The IT Function
The most significant capability on security gateways is the quantum leap in security sophistication that they deliver to the enterprise. Essentially, they allow organisation to upgrade or downgrade their security curtain as circumstances dictate, just like an airport.
Picture this: a new virus is spread by visual BASIC files, and for a few crucial hours there is no solution to it. Management can insert a specific rule for 'block all'.VBS (visual BASIC) files, and implement it immediately. When the virus vendors have an update to their scanning system, this can be deployed and the block removed from the security gateway.
Alternatively, month-end in a multinational company could bring with it some crucial communications that need to be made between several systems. These may start at 6:00pm GMT, during the North American working day. To ensure bandwidth is not consumed during this time for non-crucial work, a rule could be set up that starts automatically at 6:00pm and stops again at midnight GMT. During this time, streaming support is limited to a lower level of performance, access to news web-sites are redirected to an internal web page saying 'month end - don't go here until tomorrow'. Without anyone needing the access the management system at midnight the rule automatically gets rescinded, making maximum use of available resources while security is tightened.
It is this level of sophistication that the modern enterprise is seeking, but unable to achieve with firewalls alone, and that security gateways are delivering.
Infosecurity Europe is Europe's largest and most important information security event. Now in its 8th year, the show features Europe's most comprehensive FREE education programme, and over 200 exhibitors at the Grand Hall at Olympia from 29th April - 1st May 2003. www.infosec.co.uk