Network security appliances typically include a number of security functions along with acceleration hardware to improve overall system performance compared to standard server hardware.
Common security features include:
- Anti-malware (antivirus, antispyware)
SSL or IPSec VPN
Web filters/content filters
For large enterprises with complex networks, implementing a secure, reliable and centrally managed network is critical to maintaining business continuity. Deployment of a range of individual end point security solutions brings in issues of management and control, particularly when a security incident occurs. Although desktop antivirus and antispyware programs provide a certain amount of protection, a security appliance deployed at the Internet gateway can help reduce the likelihood of malware getting into the network in the first place, which in turn reduces the likelihood of maliciuos programs infiltrating desktops as well as critical business systems such as ERP systems, corporate file servers and manufacturing control systems.
Today's malware programs include viruses, worms, spyware, and other malicious software. They are used in mass attacks to disable or steal computing resources and in stealthy, targeted attacks to steal information. And they do so not only through email traffic but also increasingly through real-time web traffic. Additionally, as the threat from viruses and hacker intrusion continues growing, malware programs are becoming more creative and sophisticated, making use of multiple components to attack in a blended way. It is now not unusual for worms to include Trojan horse and backdoor spy programs and to attack through both email and the web. Today's threats blend multiple malware and multiple attack vectors to achieve their increasingly criminal goals.
Clearly, network security is an increasingly important concern for network administrators. Security appliances provide increased peace of mind - knowing there is a device constantly protecting the network from a wide variety of Internet threats adds value to the entire network infrastructure. They also provide a number of other benefits, including convenience, reliability, etc. Not only are network security appliances more convenient than distributed software or installing software on a server, they are also more reliable, less prone to user error, and easier to troubleshoot. Usually, when a network problem occurs, the IT department has to first identify whether it is a hardware or software problem. With appliances, this troubleshooting step is eliminated: is it the appliance that's causing the problem? Simply disconnect or bypass the appliance to find out.
Reliability is also a major concern, and today's network appliances are more robust than general purpose servers for several reasons. First, the appliance is customized for the specific software that will run on it. This reduces the likelihood of overloading the hardware with processing-intensive software, and leaves the burden of making sure the hardware and software do not conflict with the appliance vendor, rather than the end user's IT department.
Second, appliances can be built with a number of fail-safe features preinstalled that would not be automatically included in a general purpose server system. Features such as redundant power supply, automatic data backup and recovery, hardened operating systems and embedded security subsystems reduce the chance of device failure and provide additional peace of mind to the customer.
Perhaps most importantly, network appliances provide intangible benefits by being tangible products. In contrast to software - either delivered as a box of CDs or served as Software as a Service (SaaS) - network appliances are physical objects that the user can see and touch. This brings value to application branding because it places a visible reminder in the customer's server rack. Every time the system administrator walks by the server room and sees the security appliance sitting there quietly doing its job, without him having to maintain it, his appreciation of the appliance (and its brand) grows.