Most IT Security Pros Disabling Security Functions In Favor Of Network Speed

[InfoSec News <alerts () infosecnews org>]

http://www.darkreading.com/vulnerability-management/167901026/security/perimeter-security/231002280/most-it-security-pros-disabling-security-functions-in-favor-of-network-speed.html

By Kelly Jackson Higgins
Dark Reading
July 21, 2011

More than 80 percent of organizations disable functions in their network 
security products because they slow the network, according to a newly 
released survey.

Crossbeam Systems surveyed 500 network security, IT, and C-level 
executives at companies worldwide and found that 90 percent say there's 
a trade-off between security and throughput. Around 67 percent say 
security is a higher priority than throughput performance when 
evaluating a security product.

It's the age-old problem of balancing security and productivity. "We 
found in the survey that they are having to make significant trade-offs 
between security and performance ... They are having to switch off 
functionality they paid for to meet their performance goals," says Peter 
Doggart, director of product marketing at Crossbeam.

Organizations are keeping their firewall, IDS, network access control, 
and IPSec functions turned on, but they are shutting off application 
control, user identification control, and some anti-malware features. In 
next-generation firewall products, for instance, 91 percent are using 
stateful firewall features; 73 percent, NAT; 71 percent, IPsec; and 65 
percent, IDS/IPS.

[...]


___________________________________________________________
Attend Black Hat USA 2011, hosted at Caesars Palace in
Las Vegas, Nevada July 30-Aug 4, offering over 60 training
sessions and 9 tracks of Briefings from security industry elite.
To sign up visit: http://www.blackhat.com