Coviello said security can be broken down into four functions that are best centralized in a network rather than reproduced in each security product. They are policy management; policy decision making; enforcement; and policy auditing.
With these functions being performed by individual products in isolation from others, it is more difficult to assess and manage risk based on real time behavior, he said.
"We need to decouple the individual four functions," Coviello said. Decoupling policy monitoring from individual products can give a holistic view of network risks, he said.
He likened the architecture he described to mashups, in which Web applications are cobbled together to support new services.
Sign up for Computerworld eNewsletters.