Security solutions that are context-aware can see and intelligently correlate extensive amounts of event data related to IT environments - applications, users, devices, operating systems, vulnerabilities, services, processes, network behaviours, files and threats. This correlation provides the context necessary to automatically and flexibly tune and protect organisations from today's advanced threats.
Nevertheless, it isn't enough to see and correlate data. Essential to context-awareness is the ability to learn and quickly respond. Yet, not only do traditional security models lack the context to understand the security implications of new events, they are also typically static - designed for a time when IT environments were fairly stable - and hence, lack the ability to adapt accordingly. Ill-suited for the demands placed on them today, they fall further behind in their ability to combat advanced threats. The latest network security platforms must be agile in order to adapt to not only today's threats, but tomorrow's as well.
Network security platforms are increasingly being defined by awareness, context and agility. From the endpoint to the network, as threats become smarter and faster, and as computing environments become more complex, organisations can no longer rely on first-generation solutions for adequate protection.
Context is everything in security.
Ammar Hindi is Managing Director for Asia Pacific at Sourcefire, now a part of Cisco.
Sign up for CIO Asia eNewsletters.