I wrote a Security Gateway Buyer's Guide, which you can download (free reg required) over at the Dynamic Perimeter. I continue to believe that Security Gateway's are an essential part of security architecture, border security that stops at the communication channel level are insufficient, the Gateway must have visibility into the system's data and application method attack surface.
Of course security and gateways are not one size fits all, in the Buyer's Guide I examine five common use cases - Enterprise Integration, ESB Security, B2B, Mobile and Cloud. Each deployment has unique set of security concerns, and the security gateway must deliver different services in these conditions. The Guide then looks at core security architecture considerations including Communication Channel, Detection Services, Message Security, Identity & Access Management, Security Policy Lifecycle, and Message Processing.
Its not so much that boundaries are disappearing, just that they need to form fit to that which they are protecting. The days of Network address translation being a singularly useful boundary are logn since past. Now its all about understanding your threat model, and delivering a cost effective security architecture that's engineered for real world capabilities and constraints.
Comments