Networks have developed over the years in significant and meaningful ways and can now be found in widespread use. The management of other than very basic networks is left to information technology (IT) professionals who specialize in the management of such complex networks. A specific challenge of a network is maintaining its high level of security to prevent malicious use or even damage to the network and its various components. With this aim, many security components are now installed as part of the network, for example, firewalls, that attempt to protect the network from such malicious use. As more and more components are added to the network and as additional security components (SCs) are added, the management of such components becomes increasingly complex. SCs include, but are not limited to, firewalls, intrusion prevention systems (IPSs), network access control (NAC) systems, data loss prevention (DLP) systems, web application firewalls (WAFs), and the like.
During normal operation, SCs encounter many events that affect the operation of the network and its components. For example, a security device may exhibit abnormal load that requires prioritization of operations it performs. Such abnormal behavior is usually detected as a failure point or as an alert and requires manual intervention by the IT professional. The manual intervention may be not only slow relative to the occurrence of the event, but in many cases, may also suffer from inconsistency as well as have an adverse effect on other security components, thereby causing an avalanche effect through the network and reducing its overall performance.
In view of the limitations of the prior art it would be advantageous to provide an apparatus that would be able to overcome the shortcomings and enable optimal performance of the network, while maintaining the overall health of at least its plurality of security components.