This page contains a Flash digital edition of a book.
ASK AWAY

ENTERPRISE

UTM

CAN YOU EXPLAIN HOW NEXT- GENERATION FIREWALLS FIT IN WITH UNIFIED THREAT MANAGEMENT?

T

here’s currently a lot of buzz in security circles surrounding the term “next-gen- eration firewall” (NGFW). It is also cre-

ating some slight market confusion and leaving decision makers wondering where this fits with unified threat management (UTM). The fact is that NGFW’s capabilities are a subset of what is created with enterprise UTM.

NGFWs are generally described as a fire-

wall that tightly integrates intrusion prevention systems (IPS), as well as provides application control and virtual private network (VPN) ca- pabilities. However, the majority of these NGFWs are limited in their capacity. In con- trast, UTM appliances typically scale with a broad feature set that can encompass most or all of the features required to protect networks from today’s blended threats. These features include IPS, application control, network anti- virus and VPN but are not limited to them – they often also include web filtering, data loss prevention and a host of other security and vir- tualization capabilities. In other words, a UTM appliance can be deployed as a NGFW but a next-generation firewall is limited in its abilities. Of course, a challenge for most UTM ven-

dors is the ability to scale to large enterprise de- ployments because they may lack the hardware acceleration required to reassemble traffic, analyze it and pass it at gigabit speeds. For example, to protect against the re- cent Conficker virus, an enterprise would have needed a firewall, web filtering, network anti- virus, IPS, anti-spam and host-based anti- virus,

in addition to an efficient automatic

updating mechanism for all of these devices. Now imagine all of those features plus hard-

ware acceleration and the ability to control them all through one management console as they are truly integrated! It becomes easy to see the advantages enterprise UTM has over a NGFW.

Graham Bushkes is the vice president of sales, Canada for Fortinet, a worldwide provider of network security appliances and unified threat management (UTM) solutions.

CLOUD

COMPUTING

HOW CAN BUSINESSES CONFRONT AND OVERCOME THE SECURITY CONCERNS RAISED BY CLOUD COMPUTING?

It’s an old solution to a new problem: stay in- formed, very informed. This may sound sim- plistic, but this is really what it all comes down to. The most important step in easing the se- curity-related worries that arise when the issue of cloud computing comes up is to get to know your cloud solutions provider very well. Many cloud computing issues are the same that out- sourcing had and continue to have to this very day. To alleviate any concerns, make sure your provider discusses with you how and where they operate. In addition, ensure any issue is articulated and resolved in your contractual agreement with the cloud provider. If you have the capability of building on a

T

virtualized environment, you may want to start off with a private cloud, then move a few ap- plications into a semi-private cloud, one at a time, and grow it gradually into a public cloud solution. The trick here is to build a portable architecture, with your end goal in mind. You may have to switch cloud providers down the road, so don’t lock yourself into a solution that can’t be moved.

The economical benefits of cloud com- puting for many organizations are too signifi- cant, and you can’t afford to ignore this trend. While the old solution to the new problem is worth remembering, security architecture for cloud computing definitely requires new ways of thinking.

Amandio Pereira is director of security sales at CA Canada (www.ca.com).

he opportunity of cloud computing has raised concerns about security, but overcoming these worries is possible.

CREDIT

REPORTS

WHEN CAN AN EMPLOYER CHECK THE CREDIT RATING AND CREDIT REPORTS OF A JOB CANDIDATE?

mployers or their pre-employ- ment screening companies can check credit ratings and reports of prospective employees if the position being filled involves certain kinds of finan- cial responsibilities.

E

For example, a store manager position with responsibilities for handling store re- ceipts with no direct oversight would warrant credit checks during the hiring process. A store clerk position that, while responsible for handling cash, is directly supervised, would not justify a credit review. If there are controls in place to prevent theft and protect a company’s assets, credit checks are un- necessary and unwarranted.

Some employers have argued that credit checks help sift out applicants likely to steal, but courts have found that logic flawed. Poor credit may be the result of ill- ness, identity theft or other non-criminal causes and not appropriate justification to reject an applicant. To avoid problems with privacy laws, companies must avoid making credit check a routine part of the pre-employment screening process and, instead, use them only for specific positions where the need for credit checks are clearly justified by the responsibilities of the position.

Daniel Fallows, ALHC, is the managing director of Pre-Employment Screening Services, Records and Research

for Ontario and western Canada at Garda.

28 SECURITY MATTERS • MAY/JUNE 2010 Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42
Produced with Yudu - www.yudu.com