Vendors love to offer one-stop shopping. Many promise that if you buy their all-in-one solutions, your security worries will be over. But the truth is no single product even comes close to doing it all. In fact, all-in-one suites consistently come up short.
The choices and amount of overlapping functionality are dizzying. Many firewall vendors offer packet filtering, protocol anomaly checking, content filtering, anti-virus, VPN security, and intrusion detection. Anti-virus vendors offer security suites with IM security, a firewall, intrusion detection, and anti-spam functionality. E-mail security suites offer content filtering, anti-virus, anti-spam, and digital rights management. And dozens of security appliances offer all of the above in one box. Other vendors such as Check Point Software Technologies offer interfaces that allow most any other product to work with theirs.
But even if one solution could do all the security inspection in one place, it's not an ideal strategy. Why? Performance. Suppose a firewall was capable of inspecting every incoming network packet for malware. If each byte in every packet speeding by on the wire had to be inspected against more than 60,000 malware signatures, network throughput would crawl to a halt. Anti-virus vendors use optimized inspection techniques that accelerate file scanning but cannot be applied to scanning network packets. On the other hand, firewalls with built-in anti-virus scanning typically scan only a few popular protocols -- and then for only a small subset of malware programs.
Another shortcoming of all-in-one products, of course, is that they make your network vulnerable to a single point of failure. But this is not to say that comprehensive solutions should never be considered. They do have a place among small and midsize businesses with limited budgets and staff.
"All-in-one solutions are great for companies without a lot of resources," says Radford Piver, senior consultant at GlobalStrata Solutions. "I used them even in companies with existing best-of-the-breed point products as a defense-in-depth, layered solution."