Using a managed security provider is one option, but the more common approach is to let a software vendor choose your security software and settings. No, it is not the ideal approach, but neither is it ideal to leave it in the hands of already overloaded IT staff.
“I’ve never found that any one vendor has a panacea for security,” said Howard Backus, network administrator for Delta Dental Plan in Little Rock, AR.
“Our initial firewall is managed by Bell South, and we run a Cisco PIX firewall on top of that which is configured to block hacking, before it goes to a security appliance,” Zane said.
Why the added appliance? A few months ago, Zane noticed a huge spike in the amount of spam. He’s not the only one who noticed. In mid-November, the European Union advised its member-states to boost their anti-spam capabilities, estimating that the worldwide cost of spam in 2005 was 39 billion Euros.
And that figure is far less than what it will be in 2006 as spam loads continue to skyrocket. Email service provider Postini, for example, reported recently the amount of spam it had detected nearly tripled between June and November of 2006.
“I was desperate about the amount of spam we were getting,” Zane said. “We had our Exchange server cranked down, were running a black-list and rDNS, and I was still getting thirty-to-forty pieces of spam per day.”
(rDNS (reverse domain name service) is an anti-spam method that involves verifying whether the IP address in an email matches the domain name. If they don’t match, it is considered spam.)
He spent time investigating different anti-spam solutions and opted for a security appliance as the best way to solve that problem and also augment his existing layers of security.
“The appliance took five minutes to configure, and now I get, at tops, maybe four to five pieces of spam a day; if I get any at all,” said Zane. “It has cut down our spam by 90 percent at least.”
Although his new box includes Internet content filtering, he doesn’t subscribe to that service. Instead, he continues his multi-vendor approach: Panda’s GateDefender for spam and an iPrism appliance for content filtering made by St. Bernard Software Inc. of San Diego, CA.
“One thing I like about the iPrism is that it integrates with Active Directory so I can, for example, give the executive group unlimited Internet access,” he said. “GateDefender I have to give an IP address.”
He said the iPrism is far more costly it allowed him to recoup 60% of his bandwidth the day he blocked MySpace.
With the above actions, Zane has managed to keep his network virus free, minimize spam and bandwidth waste, but he still recognizes that he can’t afford to relax.
“Will I someday have something that gets through, some strange variant that comes out?” Zane asked. “Yes, I might, but I have armed myself as well as I can.”