By Ian Kilpatrick, chairman Wick Hill Group, specialists in secure infrastructure solutions.

As far as ‘green’ computing is concerned, the IT industry does not have a particularly good record. In the past, it has been poor in a whole range of ‘green’ areas, including power consumption, the use of toxic substances, over-packaging, air conditioning and product life cycle.

However, customer demand is now causing ‘green’ issues to become increasingly important in IT. Companies are looking more and more at implementing ‘green’ policies, both in their use of IT systems and in the design, manufacture and disposal of computer equipment. Those responsible for securing IT networks are also beginning to look at whether the solutions they choose live up to ‘green’ principles.
The first step is to look at suppliers and their approach to ‘green’ policies. Typically, a ‘green’ supplier would implement ‘green’ issues throughout the company and in product design and manufacture.
Does the supplier create designs that reduce materials usage and waste, minimise  packaging, increase recyclability, lengthen life cycles, and minimise energy consumption, in all aspects of distribution and operation? Are the company’s products designed to comply with specific environmental directives and legislation?

IT security staff might also consider the use of UTMs as a ‘green’ component of their security. According to IDC, the minimum requirement for a UTM is a firewall, VPN, antivirus and intrusion detection/prevention. UTMs have, however, evolved from this to incorporate additional capabilities which can include URL filtering, spam blocking and spyware protection, as well as centralised management, monitoring, and logging capabilities.

UTMs integrate several security functions into one single appliance and this fact alone could qualify them to be ‘green’. One single UTM appliance can replace up to five or six separate security appliances or servers. So a single UTM appliance saves space in the office and significantly reduces power consumption.

This reduction in the power needed is felt both in the rack and in the air conditioning necessary to cool multiple products. Indeed, in smaller organisations, it can completely remove the necessity for 24x7, year-round air conditioning.

A UTM could also be considered ‘green’ if it can easily upgrade to add more functionality and performance, such as solutions from companies like WatchGuard and Check Point.  These facilities would allow the UTM to grow and change with a company’s needs, rather than having to be wastefully ditched when it fails to cope with a burgeoning business.

The ability to increase performance and function is particularly relevant for companies with less than 200 users, where it is often difficult to predict traffic volumes, usage patterns, or indeed numbers of users, more than a year ahead. 

Other ‘green’ considerations, when looking at security solutions, are recycling, disposal and whether or not the solution contains toxic substances. There are two legal requirements which cover these areas. The first is WEEE, the European Community directive on waste electrical and electronic equipment and the second is the RoHS Directive.

WEEE sets collection, recycling and recovery targets for all types of electrical goods, including computer equipment. The RoHS directive restricts the use of certain substances (lead, mercury, cadmium, hexavalent chromium and two flame retardants - PBB and PBDE) in electrical and electronic products sold in the European Union after July 1, 2006.

Computer equipment purchasers should be aware that there are companies which, for manufacturing reasons, were granted RoHS exempt status rather than RoHS compliant status, and you should be careful you choose solutions with the ‘compliant’ label.

Considering and implementing ‘green’ issues is increasingly important in IT and IT security is no exception. Choosing suppliers who implement ‘green’ policies, considering solutions such as UTMs, and selecting products which conform to WEEE and the RoHS directive are all ways in which IT security can be ‘greener.’