Breach Prevention Systems and the Importance of Interoperability

Breach Prevention Systems and the Importance of Interoperability

Few products operate in isolation, and this is especially true of security controls. The push and pull of information between products provides the agility that is needed in our increasingly mobile and dynamic digital world. This is why a security control’s interoperability readiness, i.e., its capacity to interact with adjacent technologies, is important to consider during product purchasing decisions.

NGFW and BDS QuoteWhen disparate products are integrated, they become greater than the sum of their parts; breach prevention systems (BPS) are a good example of this. A BPS is defined by NSS as a combination of network traffic analysis technology (e.g., next generation firewalls, or NGFWs), sandbox technology (e.g., breach detection systems, or BDS), and malware identification. The coordinated visibility into threats that the BPS provides is enabled by extensive data sharing within the system.

Interoperability Formula

A security control’s interoperability readiness is its out-of-the-box capability to transfer information outside the GUI. In other words, when we discuss interoperability, we are referring to the ways in which a product consumes, shares, and transports data.

Interoperability plays a key role in NSS’ security product testing. Once a product is installed in the lab, the alert information it generates is factored in to scoring metrics such as security effectiveness. Understanding a product’s interoperability capabilities is key during product selection; results from the 2017 NSS Labs Cloud Security Study indicate that ease of integration is the second most important consideration during security product purchase decisions (44.0%); cost is considered most important (53.6%) by US enterprises.

Enterprise requirements graphicInterestingly, not all security control vendors prioritize integration capabilities. Before purchasing a product, evaluate whether the product’s API functionality aligns with your needs. For products that require heavy integration (such as cloud access security brokers, or cloud security gateways), make sure you have executive buy-in and make sure your DevOps team can access the products. This will help to reduce the friction typically associated with large-scale deployments. A failure to factor in integration effort during product selection is likely to result in long-term dissatisfaction with a product.

This year, the Enterprise Architecture Research Group (EARG) will dive deeper into the concept of security control interoperability. We expect our research to reveal enterprise sentiment toward interoperability at the time of purchase. We’ll be categorizing enterprise requirements, capturing current use, understanding employee skill sets, measuring integration efforts, and gathering feedback on the deployment of specific security products. We welcome your input—if you’d like to share your thoughts on interoperability, reach out to the EARG

NSS Labs has recently published papers on interoperability and cloud security, as well as results from the Breach Prevention Systems Group Test. These and all other reports can be found in our Research Library.

Follow us on Twitter (@NSSLabs) to keep informed as new research is released.

TAGS: Interoperability