The Fall and Rise of Security Agents

Michael Vizard

Current conventional thinking concerning security is heavily focused on the role of the security gateway. The basic idea is that IT organizations need to reduce the total cost of security by consolidating as many security appliances as possible into gateways that people sometime refer to as next-generation firewalls. As a bonus, these gateways are typically a whole lot more useful than legacy security systems, especially when it comes to firewalls.

But Trend Micro CEO Eva Chen warns that while this approach to security has merits, gateways are really a secondary line of defense, and she argues that customers and the security industry as a whole need to start thinking about relying more on agent technologies on the client to stop attacks at their point of origin. After all, most malware makes it onto the corporate network because of an infected endpoint. Rather than let all those infected devices consume bandwidth by attempting to send malware through gateways, it would be a whole lot more cost-effective to rely on agent software to eliminate the malware on the endpoint in the first place.

This approach runs counter to previous lines of security thinking because the argument has always been that agents introduce too much overhead on the client. That may have been true in the past, but Chen argues that there is now more than enough processing power on the client to start deploying agent technologies much more aggressively.

One of the problems with security in general is that IT organizations get addicted to showing the same defense day after day. It's like a football team that deploys the same defense pattern on every play; it doesn't take long before the opposition figures out how to exploit the team in that defense. Ultimately, what Chen is making a case for is a more balanced approach to defense that not only provides higher levels of security, but also reduces the cost of all the bandwidth that is now being consumed by mindless malware all over the network.
 



Add Comment      Leave a comment on this blog post
Mar 15, 2011 11:03 PM Bill Frank Bill Frank  says:
We should not be thinking either agents or appliances. We need both in a defense-in-depth architecture. Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data