After years of having their enterprise systems victimized by outside threats, IT managers are changing gears and beginning to use tools that prevent intruders from gaining access in the first place.
Microsoft and third-party security vendors are arming the offensive with new technologies that give IT managers a fighting chance. Some of the technology is coming in the new versions of Windows -- both on the desktop and the server. Others are in the form of networking technologies that protect the enterprise perimeter.
One expert has identified the shift as a major change in the IT industry. John Pescatore, an analyst with Gartner Inc., the Stamford, Conn.-based consulting firm, cited the trend as a new phase of product development where vendors "will integrate security into each new wave of technology when it enters the market, not after a security attack."
Pescatore pointed to Cisco Systems Inc., which has been adding security capabilities to its line of network switches and routers so networks can self-diagnose their problems.
He also highlighted changes to the new Windows desktop operating system Vista, due out later this year. "That's important. After all, the operating system is like the foundation of a building," Pescatore said. "If there are cracks in the foundation, there are going to be other problems."
Many IT managers say they don't want to rely on the OS as the single source of security. "I think as the maintainer of an IT system, I would be reluctant to put all my eggs in one vendor's basket," said Robert Taylor, chief information officer for Fulton County in Georgia, which is a beta site for Microsoft's Vista and Longhorn servers.
As part of his arsenal, Taylor uses software that scrutinizes where network users go on the Web and blocks access to sites known to harbor viruses or other problems.
Taylor said he is looking forward to features in Microsoft's Network Access Protocol, or NAP, technology that makes sure any device that tries to hook up to the network is safe and free of viruses and other threats. NAP won't be available until the Longhorn version of Windows Server becomes available in late 2007. Symantec Corp., maker of antivirus and antispam software, also gets his nod because the company's leadership said that its product roadmap would include security features on all products, no matter where they are used by an enterprise.
"In Microsoft's new Vista operating system, they've included BitLocker, an encrypting technology," said Joanne Kossuth, chief information officer at Franklin W. Olin College of Engineering in Needham, Mass.
In addition to BitLocker, though, Kossuth and her IT team combine products to get several layers of perimeter protection. They use Web switch front-end processors for server farms and firewalls for different levels of e-mail filtering. They also use traffic shaping technology to help monitor network traffic over a WAN to help improve application performance.
Still, for IT managers, the biggest challenge continues to be keeping up with the technology that's needed to stave off escalating threats. The problem is surviving the lag time between new technology and its adoption by security vendors, according to Brett Osborne, a systems engineer most recently for Lockheed Martin Corp., in Orlando, Fla.
"The network firewall was the most important thing 10 years ago" he said. "The war has changed."
Back then, the threats were coming at the network level, and now the warfare takes place at the applications level, Osborne said. "Now they're crawling up to you with a tank and taking aim."