Compaq 108164-003 - ProLiant - 800 White Paper page 11

W P
HITE APER
(cont.)
. .
. .
The product and technology categories for security solutions are hardware, software, and services
. .
(see figure 6). This initial categorization reveals the variety and complexity of solutions available in
. .
. .
.
the security market
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
. .
Hardware
. .
. . n Component locks/monitors
. .
n BIOS level firmware
. . Ÿ Authentication
. . Ÿ Anti-virus
. .
n Encryption chips
. . n Hardware tokens
. . n Network
. .
encryption/authentication
. .
. .
. .
The hardware category features a variety of implementations, ranging from component locks that
. .
. .
physically secure devices through high-speed encryption to chips that improve server performance
. .
of cryptographic operations. One of the most significant categories in hardware is portable tokens
. .
. .
(including smartcards), which provide a high-performance identification and authentication
. .
solution for security environments
. .
. .
. .
Software is the most dynamic category in the security market. Firewalls and anti-virus software are
. .
the best understood and furthest developed stand alone solutions on the market, although they are
. .
. .
hardly mature product categories. Recently, several notable new software approaches that provide
. .
for secure environments have begun to emerge. These approaches range from secure OS and secure
. .
. .
APIs to corporate infrastructure software such as certificate servers, single-sign-on solutions, and
. .
middleware. In addition, many of the recent innovations in cryptography have been focused on the
. .
. .
.
software category
. .
. .
Security services form an essential part of the security market. In this confusing environment, the
. .
expertise of security professionals in consulting and security testing firms is crucial to large
. .
. .
enterprises; these services are projected to grow into a $5 billion market by the year 2000. In
. .
addition, these companies have crucial ties to the other product categories as installers of solutions
. .
. .
(system integrators) or as infrastructure providers
. .
. .
The platform category groups solutions according to the types of attacks they defend against, as
. .
. .
well as the types of resources they protect (see Figure 7):
. .
. .
. .
. .
. .
. .
. .
Device (Client/Server)
. .
Implementation
. .
. .
. .
Device solutions
. .
protect access to, and
. .
the information and
. .
. . resources residing on,
. . devices (e.g., power-on-
. .
passwords, physical
. .
locks, virus scanning,
. .
file encryption).
. .
. .
11
Products/
Technologies
Software
n Firewalls
n Anti-virus
n Encryption
n Secure OS
n Digital signature
n Authentication servers
n Auditing/Management Tools
Figure 6
.
(
Certificate Authorities).
Internal Network
Implementation
Internal Network solutions
protect resources and
operations that serve a large
number of users within an
enterprise over the network
(e.g., network log-ins, access
control servers, secure
messaging, intrusion detecting,
network logging software).
Figure 7
Services
n Certificate Authorities
n Security testing
n Systems Integration
n Consulting
n Network Monitoring
n VPN services
Public
Network
External Network
Implementation
External network solutions
protect resources from
outside network attack and
enable public network
operations (e.g., firewalls,
certificate servers, VPN
software, secure web
servers).