Security

Combating Threats

Although the region has emerged as one of the fastest growing segment in world, but bandwidth is still an issue in the Middle East as compared to Europe. Organizations are proactive towards establishing cutting edge security infrastructure and looking for new solutions. André Scheffknecht, Sales Director International of Astaro, exclusively discussed the market trends and issues of the region with Faiz Askari, Head –Online & Features of Network World Middle East.

How is the UTM market in Middle East?

The Middle East is one of the fastest growing security markets in world at the moment. Companies are developing fast but are aware of the importance of security so are proactively looking for solutions like Astaro, as we are able to fulfil all the security needs that a typical customer has.

Bandwidth is still an issue in the Middle East as Internet connections are much more limited compared to Europe. This is another area where mature product offerings such as ours show their value. It is clearly very important for all customers to have full control over their bandwidth use. Beside the security functionality, we also provide a proxy solution to reduce the bandwidth requirements of security.

What are the drivers of this security tool with respect to this market?

Astaro provides an all-in-one security approach. Our technology provides robust protection across all major risk categories, blended with ease of use and simple administration. The best argument to go for UTM is really the simplicity of managing security.

Our European team tour the Middle East twice a month to visit our partners; demonstrating how to configure our solutions and helping them close projects. All the services we provide to our partners are around our product families Astaro Security Gateway (ASG), Astaro Mail Gateway (AMG) and Astaro Web Gateway (AWG).

Can you share some of the enterprise threats that can be handled through UTMs?

Email and web surfing are two communication tools that are part of everyone’s working life. They may be very convenient but they are also highly insecure.

Email is responsible for spreading the majority of harmful content and is often used to transmit highly confidential company information unprotected through the Internet. Spam is still the number one security and productivity issue for any business, (worldwide, spam volume increased by 100% last year so that now more than 80% of all email is spam). In addition to email, new web applications are rapidly being developed, for example Blogs, Google Apps, IM/P2P and social networks, and finding their way into company networks unchallenged. New attack methods, as well as legal liabilities, inevitably develop at a similar pace. With all the publicity these complex threats gain, many companies turn to UTM to control and simplify the management of them.

Existing Firewall and Intrusion Protection systems are no longer sufficient to protect against all these threats. Additional protection mechanisms are needed, but adding further point products is not a good choice, as they will exponentially increase the management complexity as well as the total cost of ownership. The intrinsic extensibility of the architecture of UTM appliances means that whenever a new Internet tool or application is developed, its threats can rapidly be controlled by the introduction of new protection types into the UTM appliance. UTM appliances are ideally suited to adapting to the changing threat landscape by integrating new countermeasures as needed and making all applications easy to use

What are usual security level complexities that occur in an enterprise environment which typically runs VPNs, Wireless networks and diverse business applications?

Managing different access methods (e.g. via VPN or Wireless), access rights (for different applications and/or servers) and bandwidth priorities for various user groups or individual users within a company is a huge administrative burden. Using centralised user directories like eDirectory or Active Directory reduces the complexity of user and rights management to a single component. However, integration of different security products into such an environment is often a major undertaking for administrators. The administrator has to make sure that all important business applications are always available. Therefore, he not only has to make sure that the communication links are always available (e.g. through redundant failover mechanisms) but also needs to prioritise the available WAN bandwidth (which is often the bottleneck) for the most important business applications

What are the critical measures one has to consider when deploying an UTM?

As most UTM products can appear very similar when just inspecting their datasheets, you need to look very closely at the details.

Users need to consider how individual security applications are integrated and how they can be managed within the UTM’s GUI. The aggregation of many different functions provides only a small benefit if they are not integrated into the management system at the same time. The downside of many UTM solutions is the lack of such “Unified Management” architecture – they can require several tools (software clients or even a command line interface) in order to manage all available applications.

Time needs to be put into considering the capabilities of individual applications and their ability to address the problem they are targeting. Too often products implement a bare minimum of application functionality in order to tick boxes on a marketing data sheet. For instance, Spam protection can be done using many different approaches and technologies. Some UTM appliances claim that “Spam protection included”, even if it's only based on a single mechanism like real-time blackhole lists. These solutions will fail to control spam, as individual filtering methods need to be complemented with multiple means of detection using a variety of tools.

Upgradability and scalability to address future needs are key aspects of a UTM solution. As the security market faces new threats, manufacturers respond with new tools, versions, updates, technologies and entire platforms. Being able to scale a purchase made today to accommodate solutions introduced tomorrow is often overlooked. Being able to upgrade the firmware of the device to run the latest version is a major benefit. A good feature is the ability to purchase more appliances and cluster them together to share load, all while maintaining a single management console that gives the appearance of a sole platform to the administrator.

To avoid failures, what are the do’s and dont’s for CIOs in terms of setting up an enterprise UTM?

Do not take all marketing claims at face value – look into the details of each important application.

Do evaluate the considered UTM product before purchase, by either requesting an evaluation unit or attending (on-site or online) demonstrations. Spending at least a few minutes with the actual solution in order to get a feel for the management interface, how it is laid out, and how it performs will help immensely in making the right selection.

Do ensure that you have completely understood the licensing scheme and ensure there are upgrade options available so that the most can be made of an investment in UTM in the months and years to come.

Do make sure that easy integration into existing directory services (like eDirectory or Active Directory) is available.

Don't plan to replace existing point solutions with the new UTM product all at once. Select a product that allows slow migration to the new integrated solution by replacing existing point products one by one. Sophisticated UTM solutions ease this process by offering transparent modes that allow them to be easily plugged in and out of an existing environment, without requiring any major configuration changes.

What do you think where is this market heading towards?

The Middle East market will be one of the biggest growth markets for security in EMEA and as a result we expect that more security vendors are going to prioritise the regions, providing more expertise and support to local users.

We expect that more European and US companies will have offices in the Middle East and Middle Eastern companies will work closer with them. All of these companies and going to need to deploy secure networking and communications channels and Astaro can help them do that cost-effectively and simply.

Previous ArticleNext Article

Leave a Reply

GET TAHAWUL TECH IN YOUR INBOX

The free newsletter covering the top industry headlines

Send this to a friend