"Firewalls have become more central to our infrastructure" than they were just eight years ago, he notes. In one Crossbeam chassis, it's now possible to run 6 independent firewalls, cordoning off internal networks. This configuration also helps cut down on "tap sprawl" related to network ports, reduce risk and not create additional latency, says McCullough. But he acknowledges the multi-application Crossbeam platform, which requires support from three members of the security team, does take time to learn and troubleshoot.
Security through the mainframe
Another older technology, the mainframe, which industry pundits in the 1990s said would be "dead" in five years, is not only still very much alive, but a foundation element in security at many places. Just ask Bridget Dancy, chief information officer at the Cook County Circuit Court in Illinois.
"We do all data entry into the mainframe," says Dancy, discussing how almost 2,000 employees in the circuit court system in Illinois rely on thin-client technology provided by HP that makes use of a Citrix farm to host XP-embedded applications related to the court's electronic filing system. This has resulted in a useful "lockdown" that not only prevents users from getting to the Internet, but also from opening harmful files that could be viruses, says Dancy. All data is entered into electronic records stored centrally in the IBM mainframe, and it can be accessed by authorized staffers at the various court locations.
This mainframe/thin client setup has meant the county court system has managed to avoid virus outbreaks known to hit other parts of Illinois government over the years, she adds. The mainframe/thin client arrangement has worked so well for the needs of the court system over the years, the same type of configuration has put in place as terminals for the public visitors for information and document review purposes only.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.