One of the most difficult problems in managing a large network is the complexity of security administration. The deployment of individual security products such as firewalls, intrusion detection systems, network traffic analysis, log file analysis, or antivirus software is never going to provide adequate protection for computers that are connected to the internet.
For example, a good network intrusion prevention and detection system (such as Snort) does an exemplary job at detecting attacks within traffic. However, this type of detection does not offer any sort of damage containment. Equally, a firewall offers an outstanding method at defining what type of traffic is allowed in a network, but does not offer any deep protocol analysis.
A more coordinated approach is needed to ensure that an organisation retains data integrity and security. A popular approach is to deploy the 'onion' technique whereby multiple, overlapping layers of security are used to protect a network or computer. Using this technique, a system or network will have much more resilience from attacks.