Since I first got involved in the IT Security world one
of the things which I have always found frustrating and inefficient is the
disconnect between desktop anti-virus products, firewalls, and UTM devices.
Solutions from one vendor never meshed with another so in almost every case
managing these technologies for the customer was difficult, inefficient and
frankly almost impossible. I always wondered when one of the major players
would meld their desktop solution with their edge or gateway solution. Maybe
you are asking why this is important. How
does this help my customer’s network or more importantly how does this help me
from a management perspective?
Well if you could have both the desktop and the edge or
UTM side talking to each other, feeding each side information about threats and
what to do if there was an infection wouldn’t that be worth something to you?
For example let’s say a desktop gets infected by malware and this information is
then communicated to the UTM. The UTM then makes a decision to shut down the
infected machine and quarantine it from the rest of the network. Remediation
then takes place on the infected machine and just for good measure the rest of
the machines on the network are also scanned.
I have been waiting for this technology
to become reality for many years and now it’s finally happening. Sophos has
been doing a tremendous job on the security front and later this year will be
integrating this technology into their desktop and UTM products. For my
customers their networks will not only be protected but will also be
“intelligent” when it comes to security. Instead of having desktop anti-virus
from one vendor and a UTM product from another vendor with no real ability to
respond to an attack, Sophos protected networks will be able to respond to an
attack without someone like me having to do anything!
This is really an exciting time for me being able to
offer security products to my customers which actually work together forming a
total solution with the ability to quarantine and mitigate potential problems automatically.
