Performance has priority over security

McAfee has published a new report titled Network Performance and Security, exploring the challenges organisations face in deploying security protections while still maintaining an optimally performing network infrastructure. Issued at McAfee’s FOCUS 14 conference, the report uncovered that an alarming number of organisations are now disabling advanced firewall features in order to avoid significant network performance degradation.

  • 10 years ago Posted in

As part of the report, 504 IT professionals were surveyed, with 60% stating that the design of their company’s network was driven by security. However, more than one-third of respondents admitted to turning off firewall features or declining to enable certain security functions in an effort to increase the performance of their networks.


According to the report, the most common feature disabled by network administrators to avoid impacting network performance is deep packet inspection (DPI), which 31% of organisations admit to disabling. This feature was closely followed by anti-spam (29%), anti-virus (28%), and VPN access (28%). DPI, the feature most frequently disabled, detects malicious activity within regular network traffic and prevents intrusions by blocking offending traffic automatically before any damage occurs. It is essential for robust threat defenses, and is a key component of next generation firewalls, which now represent 70% of all new firewall purchases.
“When I hear about people turning off security they paid for because of performance decreases -- this upsets me so much,” said Ray Maurer, chief technology officer at Perket Technologies. “I get a bad feeling knowing I had to remove security in the name of performance. I have a hard time sleeping because it is not a matter of if a network will be compromised, but when.”


Many organisations choose to turn-off DPI because of the high demands it places on network resources, yielding upwards of a 40% degradation of throughput, according to third party research firm, Miercom. McAfee Next Generation Firewall, however, with DPI enabled sustained one of the highest firewall throughputs in Miercom’s testing. Overall, McAfee Next Generation Firewall sustained much higher throughput performance with security features enabled when compared to other products in this class. Competing products tested exhibited an average of 75% or more performance degradation for DPI, anti-virus and application control when enabled.

Ashish Patel, regional director, network security UKI at McAfee, part of Intel Security commented: “It is extremely concerning that companies believe they need to compromise their security in order to maintain high performance across the network. At McAfee we believe this is unacceptable. Enterprises should not be forced to choose between network performance and security.


“With the number of confirmed data breaches climbing more than 200% in 2014 over the previous year1 it has never been more critical for companies to take full advantage of advanced next generation firewall security features. It is important that network teams look to security systems that enable IT network managers to deploy security technology to its full potential, without sacrificing usability or productivity.”
 

The first transoceanic cable to achieve 1/2 Petabit per second capacity, and also the first to...
10-year contract forms part of East Sussex Council’s new procurement Framework initiative serving...
CommScope High Density R-PHY Shelf to support DAA and virtualization across global broadband...
Djibouti Telecom is leveraging Ciena’s GeoMesh Extreme solution to upgrade its DARE1 (Djibouti...
New dual band stabilisation technique cancels the problem of temperature fluctuations to allow long...
Aryaka Networks has introduced its latest Services Point of Presence (PoP) in Dublin, Ireland,...
The service is the first of its kind to be trialled across the Atlantic on a live network and will...
SpaceX will locate Starlink ground stations within Google data center properties, providing...