Network Security Trumps Server Security in the Enterprise (Part 2)

I posted a blog at the end of March describing that network security processes, skills, and technical controls are often more thorough than server security processes, skills, and technical controls at enterprise organizations. As a review, recent ESG research revealed that: • 19% of enterprises say that network security processes, skills, and technical controls are “much more thorough” than server security processes, skills, and technical controls.• 37% of enterprises say that network security processes, skills, and technical controls are “somewhat more thorough” than server security processes, skills, and technical controls.• 37% of enterprises say said that network security processes, skills, and technical controls are no more or less thorough than server security processes, skills, and technical controls.• 7% of enterprises say said that server security processes, skills, and technical controls are “much more thorough” or “somewhat more thorough” than network security processes, skills, and technical controls.As part of its research study, ESG built a segmentation model that divided the total survey population into three distinct groups based upon their overall information security prowess: Advanced, Progressing, and Basic organizations. Analyzed this way, the data presented above gets even more interesting:• Network security processes, skills, and technical controls are “much more thorough” than server security processes, skills, and technical controls (45% of advanced organizations, 17% of progressing organizations, 8% of basic organizations).• Network security processes, skills, and technical controls are “somewhat more thorough” than server security processes, skills, and technical controls (32% of advanced organizations, 40% of progressing organizations, 34% of basic organizations).• Network security processes, skills, and technical controls are no more or less thorough than server security processes, skills, and technical controls (20% of advanced organizations, 36% of progressing organizations, 49% of basic organizations).• Server security processes, skills, and technical controls are “much more thorough” or “somewhat more thorough” than network security processes, skills, and technical controls (2% of advanced organizations, 7% of progressing organizations, 8% of basic organizations).So network security processes, skills, and technical controls are more thorough overall but especially at organizations with the highest cybersecurity expertise. Why? Probably because these firms have high-end networks that move tons of traffic, constantly change, and demand constant care. As a rule, these enterprises also have a highly skilled networking team skilled hands-on oversight of the network at all time. Security is one of many things these gurus manage.From a security perspective, advanced organizations surround servers with IP subnets, VLANs, ACLs, packet filtering, firewalls, IDS/IPS, etc. This provides layers of protection at the network but can also be extremely cumbersome – especially in cloud computing environments. Given this, advanced users will benefit most from integration between SDN and security at the control plane. Cisco and Juniper have an advantage here while HP and IBM could elbow their way in. Other network security vendors should monitor SDN and figure out a strategic play. McAfee and Sourcefire and also well positioned as they offer integrated network/server security solutions. Given the balance of power, these vendors should probably start on the network security side of the house.As for server security vendors, they would probably benefit from partnerships with the network security crowd. Cisco, Check Point, Juniper, and Palo Alto look especially attractive as they are all market leaders that don’t play in the server security space.