Pros and Cons of an ITM Solution

There are a number of benefits to the deployment and implementation of a successful ITM program. Those benefits include consolidation, which typically drives cost and complexity, ease of management, and integrated reporting. The benefits of an ITM solution are not without a few drawbacks, which may include a lack of flexibility and potential performance issues if not scaled properly.

One of the most obvious and visible benefits of an ITM solution, and one of the most prevalent arguments made by ITM vendors, is the consolidation of a number of components and functions into a single, unified solution. Combining multiple functions into a single solution, and potentially a single appliance, will likely provide initial and ongoing cost savings.

Initial "capital" costs of an ITM solution are traditionally less than the costs of the individual components that comprise the ITM solution. Costs associated with vendor negotiations and licensing can be reduced from five or six vendors to a single ITM vendor. Additionally, the price of the appliance is typically substantially less than the sum of the components, through economies of scale and the use of common hardware and software. Likewise, the maintenance costs of a single appliance or solution are generally less than those of the separate components, which increases cost savings continuously over the product's life.

In the future, when the company needs another function provided by the ITM solution, it can be as simple as generating a purchase order and installing a license key that was received via e-mail. That alone often saves weeks of time and quite a bit of money for the organization. Although new policies and inputs may be needed, rearchitecting the network and lengthy vendor evaluation and negotiations will likely not be needed.

An often overlooked factor in cost savings is the cost to house the components in the data center. Just like traditional real estate costs, some organizations bill back data center costs to the business. Consider the significant reduction in costs, moving from several boxes consuming rack space to a single unit with comparable functions. Additionally, overall power consumption will be reduced, as will the cooling costs, two important factors today in data center costs. To a data center that is already at maximum capacity with existing equipment, being able to retrofit several devices to a single solution or the addition of a single box that previously would have needed half of a rack is a tremendous advantage. Adding an additional equipment rack or maintaining equipment in multiple locations adds additional costs, complexity, and overhead.

Having a single console to manage will reduce the amount of time required to maintain and manage the infrastructure. Although it is imperative to ensure that all components are regularly updated with any appropriate signatures such as antivirus and antispyware data files, equally important are the updates at the system level. Maintaining the operating system and application updates on one system will require less time and money than maintaining the updates on several systems.

Consider the benefits of deploying an ITM solution at each branch office or location when the equipment, maintenance, and management costs are multiplied across the organization. Additionally, whether conducting an audit or an assessment at one location or each of the branch offices, having one console to measure compliance and conduct audits and assessments will be tremendously useful and beneficial to the organization.

A unified console to manage the ITM components also requires less training and shorter timeframes for employees to learn and understand. Many ITM solutions also provide for granular user-account provisioning (including roles and responsibilities) that allows individuals to have access to maintaining or monitoring their respective components. Depending on the configuration of the ITM infrastructure, logging and alerting may be "unified" as well or at least provide for a consistent and uniform notification process that can be easily integrated into an SEM architecture. Likewise, the management of the ITM infrastructure from a single console allows an administrator to view all aspects and parameters of the system without needing to hop from system to system. The benefits of an integrated ITM reporting system can help with metrics, troubleshooting, return on investment studies and compliance, audits, and assessments (as noted earlier).

Some organizations consider the lack of flexibility of an ITM solution to be a significant drawback. For example, consider the ITM solutions that are available today. Although most vendors often do not attempt to develop their own solutions for all ITM functions, they partner or form alliances to deliver that integrated solution. If you are an organization moving toward an ITM infrastructure, are you willing to use the antivirus software that the vendor has chosen versus the one that you have or want to have? What about the firewall or the VPN connectivity solution? Although you do not have to license and use all of the components offered within an ITM solution, the cost savings, management, and benefits of an integrated solution may outweigh the inconveniences. It is unlikely that each component of the ITM will have been voted "best in class," but it is likely that the overall benefits of a well-integrated solution have that vote.

Some organizations are concerned with performance issues with available ITM solutions and feel that a single appliance cannot efficiently handle all functions without significant trade-offs. Just like any other solution, corresponding requirements need to be developed individually for each function. Once those requirements are developed, ITM solutions can be evaluated. Design and architecture of the ITM solution can be evaluated. Questions such as whether specific functions are sandboxed and managed to ensure that the required memory and processing power are provided should be answered. Having a significant peak in messages with large attachments that need to be scanned should not cause the firewall to block traffic or, worse yet, allow traffic to pass without the defined screening.

Although many of the ITM solutions today are appliances, there are some software-only platforms that operate on top of hardware and operating system platforms provided by the user. Although the vendor typically provides the specifications of those systems, it may or may not define security requirements to help ensure that the platform itself is secure. Customers should understand that if a system is an appliance, they may be prohibited by licensing or may not even have access to perform security updates to the core operating system.

0 comments:

Popular Posts