Networking companies are increasingly integrating more security features into products and it's trickling down...
to alter the makeup of enterprise IT departments worldwide.
George Hamilton, a senior analyst with Boston-based research firm Yankee Group, said IT staffs are forced to adapt to changing vendor strategies such as Cisco Systems Inc.'s acquisition of Protego Networks Inc., part of the networking giant's ongoing effort to foster self-defending networks.
Hamilton said security is usually a separate IT silo -- meaning IT pros with different skill sets manage it -- and now, due to the integration of security into networking tools, security groups are working more closely with their networking and systems management colleagues.
"But it's very positive to have that happen," he added. "You always want to make security transparent to the end user, and integration on the product and management side does that."
As the line between networking and security vendors blurs, Zeus Kerravala, a vice president at the Yankee Group, said the technology's maturity level should dictate which type of vendor a user turns to for security.
"If it's a fairly leading-edge technology, you're better off going with a niche vendor whose sole purpose is developing that," he said. "But once it's past the mass market adoption, I think you're better off getting it from your networking vendor. They just have more resources to be able to develop it."
Kerravala said, for instance, intrusion prevention systems are still on the leading edge, so best-of-breed products are the best option right now. However, he said, the trade off with best-of-breed is that those offerings are more difficult to manage.
According to Stephen Elliot, a research manager in IDC's enterprise systems management program, networking vendors have increased their awareness and capabilities in security but are still not up to par yet. He said more acquisitions and internal development over time will better extend the networking vendors' security offerings.
Kerravala said IT managers shouldn't be fearful of depending on networking vendors for security because security effectiveness is largely dependent on how it integrates into the network.
As IT organizations mature, Elliot said, expect more security and infrastructure management integration through application programming interfaces and emerging standards.