Two decades countering the Threatscape

Ken Xie, CEO of Fortinet, describes 20 years of tackling emerging security threats and the ever-changing nature of security issues.

Tags: Fortinet IncorporationUnited Arab Emirates
  • E-Mail
Two decades countering the Threatscape
By  Ken Xie Published  February 17, 2010 Network Middle East Logo

I’ve always believed that network security has, and probably always will, follow the growth and adoption of Internet applications.

Over the past 20 years, we’ve seen this realized. Prior to wide-spread Internet use, securing IT assets was much easier, as networks were closed. Information was largely spread via floppy disks and, thus, threats were minimal. IT security was fairly simplistic and infinitely easier to manage than it is today.

The emergence of the Internet in the early 1990s dramatically changed security requirements by opening up networks and making them vulnerable to new threats. With all the benefits that Internet-based applications enabled, the security risks it created were also plenty. Network security has been challenged with having to adapt to and protect against a constant barrage of new threats and keeping pace with vastly increasing network performance.

As the Internet went mainstream, it created the need for connection-based security – affecting network Layers 3 and 4. As a result, software firewalls and VPNs were adopted as the primary method for securing networks. As network speeds increased, hardware-accelerated firewall/VPN security appliances began to gain market acceptance largely due to cost. Computer systems with pre-installed software were less expensive compared to mainframes and additional installation process.

As new Internet applications were adopted and introduced content-based threats (email, web, etc.), Layer-7 inspection was required and further taxed network performance. The market, at this time, was flooded with point solutions aimed at addressing only individual parts of the problem (AV, IPS, anti-spam, firewalls, URL filtering, etc.). It became clear that single point solutions couldn’t address the growing sophistication of blended attacks and were complex and expensive to manage and maintain. The industry required an integrated network and content security solution to keep up with new and emerging threats without crippling network performance or administrative resources. This gave rise to the unified threat management (UTM) market, which has quickly become one of the largest and fastest growing markets in the security space.

Internet applications have driven the most revolutionary advances to network security over the past ten years, including (1) the shift from software-based security to security appliances, (2) integration of multiple network and content security functions into a single UTM appliance (3) implementation of dedicated content and network processors to accelerate performance and (4) security deployed as a service.

The security landscape continues to evolve because applications that touch the network change every day, creating new opportunities for attack. Hackers won’t cease in their inventiveness with ever-morphing attack modes. As a result, the security industry cannot let up in innovating new and better solutions that improve security, efficiency and performance.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code