When I first started working for SearchNetworking.com, network security meant making sure you had a firewall and it was positioned on the right side of the DMZ. In the subsequent years, I watched security move into the network and become the focal point it is today. When Cisco CEO John Chambers is giving a keynote at the RSA Security conference, you know that security is an important part of networking, and vice versa.
Today's networking devices come pre-installed with firewall, authentication and VPN functionality. And now the hardware vendors are offering products that are pure security -- Cisco is pushing its Network Admission Control hard and just announced the new Cisco Security Management Suite; Nortel recently launched its Nortel Secure Network Access; and 3Com bought TippingPoint and last week rolled out the Quarantine Protection product.
While buying your hardware and security systems from a single vendor makes sense on one level, I can think of a few IS managers who are cringing at the thought. Is this trend happening because security should lie in the network, or is because the network vendors want it to? End-to-end integration is great in theory, but it's frightening when something goes wrong, you need to upgrade, or you decide to make a change and find that you are at the mercy of one behemoth vendor.
In my mind, being locked into a single system or vendor is not a huge issue if you're talking about word processing or which browser to use. When it comes to protecting the sanctity of your corporate data and systems, and your livelihood, I'd think twice.
Agree? Disagree? Send me your comments.