All-in-one Vs. best of breed

Very early in my professional career I have learned the rule and the importance of best of breed. The rule is simple, if there is one vendor better then the other, technology wise, for a particular product you go with the best of breed solution (there are other parameters to the equation like price, deployment, etc.).

This rule also nicely combines with another. The defense-in-depth rule which mandates the use of multiple solutions from multiple vendors for the same problem. It is to prevent a situation in which a flaw or a technological limitation would prevent a solution from defending the organization against a certain attack.

For example, the use of firewalls from multiple vendors, the use of different A/V product on the GW, on the mail server and on the desktop, etc.

Today, the best of breed approach is sometimes shadowed by the all-in-one approach.
Putting everything, or a lot of things, inside a single box, sometimes look as an advantage for many. Firewalls with embedded IPS, A/V, and anti-spam are a good example. Are all of those features can be considered best of breed?

In most cases they are not.

For the majority of vendors the protection level these all-in-one products provide is not more then the average. The false sense of security is the one winning the battle for many here.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: