Would combining network and security operations reduce the negative impact of silos?

Wide Area Networking This newsletter is sponsored by Secure Computing Webinar: Securing up network access Learn how token-based, one-time password authentication systems can help enterprises reduce business risk, better comply with regulations, are easy to manage and most importantly keep networks secure. Tune in to this webinar. Network World's Wide Area Networking Newsletter, 09/13/07 Would combining network and security operations reduce the negative impact of silos? By Steve Taylor and Jim Metzler In our last newsletter, we pointed out that a lot of enhanced capabilities have been added to the IT function in general, and to the network in particular over the last few years. But adding functionality increases the tendency of IT to be organized around silos which makes many aspects of IT, notably troubleshooting, more difficult and time consuming. We also pointed out that we do not see senior IT management taking aggressive steps to mitigate the impact of these silos. Today we’ll discuss an organizational change that many vendors propose as a way to reduce the impact of silos. That change is the combination of network and security operations. One of the arguments raised by these vendors is that the majority of security incidents are not caused by some malicious person outside of the organization but are caused by an employee who is either disgruntled and intentionally seeks to harm the organization, or is naïve and accidentally induces a security incident. The logical conclusion to this argument is that because of the need to monitor internally for security issues, security operations and network operations have a lot of overlap and should be combined. One vendor which takes this position is Q1 Labs. In an Aug. 24, 2007 press release Q1 Labs discussed the results of its survey of over 9,000 network and security managers. One of the conclusions is that internal malicious behavior and employee carelessness is the No. 1 concern for network and security managers. In that press release, Tom Turner, Q1 VP marketing states: “The old siloed approach to monitoring network, security and identity information separately is outdated and inefficient, especially in light of the recent rise of inside threats.” Network World Buyer's Guides Find the right products for your enterprise - fast. With seven categories - security, storage, convergence and VoIP, network infrastructure, network applications, wireless and LAN/WAN management - you can quickly pinpoint the hardware or software you need. With the side-by-side comparison tool you can evaluate product features and make the best purchase decisions for your enterprise. Click here to go to the Buyer's Guides now. At one level, we buy into that argument. It does seem to make sense to combine two functions if indeed there is a lot of overlap. But we also have some serious reservations. Security still remains a more complex discipline than is network monitoring. As such, security is more suited to second and third level support personnel who typically do not reside in the network operations center. We would appreciate your input. Has your organization made any attempt to combine network and security operations into one group? If so, has it been successful? If you have not attempted to combine these functions, why not?   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Does 802.11n spell the end of Ethernet? 2. NASA silicon chips handle intense heat 3. Cell phones at school: To ban or not to ban? 4. IBM uses Microsoft code in open-source effort 5. Internet domain name outlaw faces 20 years 6. AT&T going orange? Color me puzzled 7. Analysts: Apple network doesn't make sense 8. IBM backs OpenOffice.org 9. Is free nationwide wireless broadband dead? 10. Boston College's big data breach recovery MOST E-MAILED STORY: Cisco unveils 802.11n wireless LAN access point for enterprises

Contact the author: Steve Taylor is president of Distributed Networking Associates and publisher/editor-in-chief of Webtorials. For more detailed information on most of the topics discussed in this newsletter, connect to Webtorials, the premier site for Web-based educational presentations, white papers, and market research. Taylor can be reached at taylor@webtorials.com Jim Metzler is the Vice President of Ashton, Metzler & Associates, a consulting organization that focuses on leveraging technology for business success. Jim assists vendors to refine product strategies, service providers to deploy technologies and services, and enterprises evolve their network infrastructure. He can be reached via e-mail. This newsletter is sponsored by Secure Computing Webinar: Securing up network access Learn how token-based, one-time password authentication systems can help enterprises reduce business risk, better comply with regulations, are easy to manage and most importantly keep networks secure. Tune in to this webinar. ARCHIVE Archive of the Wide Area Networking Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007