rvlsoft - Fotolia

Manage Learn to apply best practices and optimize your operations.

What's the best way to handle multivendor security system management?

Multivendor security system management can be challenging, but getting it right can help your enterprise reap the benefits these systems offer.

Enterprises can choose among a wide array of technologies to handle every aspect of IT security, from malware defense...

and identity and access management to intrusion detection and distributed denial-of-service mitigation.

At a time when IT security has become a top priority for more organizations, security vendors are courting prospects by applying advanced technologies, such as behavioral analytics, in their systems to add context, improve accuracy and accelerate time to resolution. Enterprises are lured to offerings by promises of proactive defense, streamlined management and limited downtime.

On paper, IT security looks sleek and streamlined. But the reality is too many under-resourced security organizations are straining to handle multivendor security system management. Typically, heterogeneous security portfolios are populated with a variety of appliances, systems and tools purchased on an ad hoc basis. These systems often don't work together in any way to help the enterprise establish a cohesive defense. 

To have effective security system management, an enterprise needs a variety of protections and controls that contribute to the common objective of supplying vital intelligence and response capabilities. IT security professionals complain of sifting through a deluge of alerts from their security portfolios -- notifications dominated by false positives -- only to miss an actual breach in the flood.

Suppliers adding integration platforms to boost security system management

In some cases, organizations may need to enlist third-party advisory services to redesign the way they use existing systems.

More vendors and managed security services providers are trying to remedy this situation by offering platforms that act as integration points for more comprehensive and collaborative security practices.  There is nothing new about the concept of security vendors and managed security services providers pitching their underlying platforms as mechanisms to facilitate the integration of the functionality of multiple point products. But security suppliers are stepping up their efforts to work with third-party vendors to improve integration between technologies in security portfolios. 

That said, there is still room for progress in security system management. The best way to improve the outcomes from an existing investment in security technology is to try to map out objectives and look for new ways to leverage point products to address existing gaps. Look for ways to improve the use of current technologies. For example, find a way to sift through vast volumes of data captured by a security information and event management product using an analytics tool, or apply trending data to develop better policies to eliminate common user errors that result in data leakage. 

In some cases, organizations may need to enlist third-party advisory services to redesign the way they use existing systems. Ultimately, what IT needs to do is to look at security system management as a holistic practice that requires orchestration, communication and collaboration across both devices and personnel to succeed.

Next Steps

How a security portfolio helps enterprises

Trimming down a security portfolio

Resolving security system interoperation

This was last published in June 2017

Dig Deeper on Network management software and network analytics