Like the mosquitoes that relentlessly swarm across the 49th state every summer, plagues of viruses and hack attacks continuously assault the University of Alaska-Anchorage’s network. The school’s CIO, Richard Whitney, hates hackers as much as he hates insects that bite. That’s why, like a growing number of CIOs, he’s decided to take an aggressive, "Swiss Army knife" approach to network defense by installing an integrated security gateway (ISG). "We like the idea of [having] intrusion detection, firewalling and inbound virus detection in one box," he says. "Most CIOs are in a position today where they’re being forced [by cost and convenience issues] to consider this [approach] really seriously."

To help enterprises that are battling network threats on multiple fronts (worms to spam to application vulnerabilities) several hardware vendors are now offering ISGs that combine an arsenal of security capabilities?such as intrusion detection and prevention, virus scanning, spam blocking and Web content filtering?in a single box. Many integrated products also incorporate a firewall and VPN support.

For many CIOs, the technology’s biggest drawing card is its cost. A single box is generally less expensive than an amalgamation of dedicated security appliances. ISG vendors also tout enhanced performance. A single ISG is less likely to create a network bottleneck than an array of standalone hardware and software products. Other looked-for and promised benefits include simplified security management from a single interface and enhanced network protection, as a properly designed ISG should be less vulnerable to security gaps than an ad hoc collection of boxes and software.

The Case for Integrated Packages

"ISGs are a trend that’s been gathering steam over the last three or four years," says Phil Schacter, vice president and service director of the directory and security strategies service for IT research firm the Burton Group. "Multifunction security appliances are definitely a growth market." The field’s major vendors now include BorderWare Technologies, Fortinet, Inkra Networks and Internet Security Systems. Other important players are CipherTrust, Mirapoint, NetScreen Technologies and Symantec. ISG prices range from about $10,000 to $50,000, depending on a product’s functions and performance level. Such prices can be tempting to budget-conscious CIOs, as a standalone entry-level hardware firewall and VPN box can run anywhere from $3,000 to $10,000.

ISG vendors are also taking advantage of the fact that CIOs now view security as a multifaceted strategic issue?for instance, when weak spam filters can also make a network more vulnerable to virus attacks?rather than a series of isolated problems. This trend is motivating many CIOs to turn away from dedicated security boxes and software tools and move toward integrated products.