Keeping PCs Safe on the Internet

PC Security Journal

Subscribe to PC Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get PC Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


PC Security Journal Authors: RealWire News Distribution, Denise Dubie, Lacey Thoms, Bob Gourley, Michael Bushong

Related Topics: PC Security Journal, Security Journal

Blog Feed Post

Remember when…you had to choose between security and speed?

Ah, those were the days, weren’t they? When you needed a way to add security at several layers to your network and application network infrastructure but knew that implementing a solution capable of securing those pesky applications was more than likely going to end up with poor performance and angry users. When you needed to add something to secure applications and the network against the growing wave of attacks but knew that doing so would negatively impact performance.

It was a tough choice, and most people ended up going the route of maintaining application performance at the expense of security because the choice was really not a choice at all.

Remember when you had to re-architect your network in order to add security solutions? And in the end you went the route of a configuration that would merely let you see attacks occurring, but weren’t necessarily configured to stop them? All so you could maintain performance of applications and not risk violating service-level agreements.

Remember when adding web application security, e.g. a web application firewall, meant you were choices necessarily going to decrease capacity and performance? You knew you needed one, if only to give developers time to address vulnerabilities but still maintain some sane level of protection against increasing web attacks, but you also knew that doing so was going to negatively impact your entire infrastructure in some way.

Remember the drain on your budget, too? Yeah, I remember that. You didn’t really have the budget for a stand-alone, point security solution so you went the route of an “integrated” security solution that turned out to be not so integrated after all. The only real integration was that it could be listed as a line item in the same purchase order.

Remember too the pain in tweaking those solutions? Network and application performance wasn’t the only thing impacted. You knew that trying to deploy a security solution specifically for applications like Microsoft SharePoint and Exchange, or Oracle Applications, meant that you were going to spend days if not weeks tweaking the solution until it was properly configured for your environment. Your performance was going to degrade, too, and you worried about how you were going to deploy and configure a new security solution while getting everything else on your task list accomplished.

Those were the days of niche application security products; of solutions with complex configurations aimed at addressing specific pain points like insecure platforms and application, and less than optimally performing networks. When web application security solutions were always a speed-bump in your well-performing infrastructure. When deploying security solutions meant that you were introducing choke points into the infrastructure and reducing the capacity of existing application delivery network solutions, ultimately impeding performance.

Those were painful days, when the choices you had were really no choice at all.

Aren’t you glad those days are (almost) over?

Follow me on Twitter View Lori's profile on SlideShare friendfeedicon_facebook AddThis Feed Button Bookmark and Share

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.