Subscribe in a reader
Day 1 of Incite: No Mas Box
Submitted by Mike Rothman on Tue, 2006-01-10 22:16.
Users will increasingly revolt about adding yet another narrowly focused security appliance into their network and actively examine new “simplification” architectures. New Unified Threat Management (UTM) products, using blade servers and virtualization technologies, appear in 2006 putting vendors that license key intellectual property at a disadvantage. Management of the integrated UTM environment will remain difficult through 2007.
All you need to do is take a peek into your typical enterprise data center to get a feel for why the explosion in the number of appliances is a problem. Equipment is overflowing. For every new exposure, there seems to be a new appliance. Just like Roberto Duran, say “No Mas!”
Administrators are the ones who get to manage all of those appliances with their different interfaces and different data models. When the data gets out of hand, what do you do? Of course, buy a management appliance to integrate all the data. An appliance to manage the appliances, clearly the Department of Redundancy Department is at work.
So is the answer to all our prayers the integrated UTM box? Not if you ask the vendors, who have pigeonholed UTM into an SMB market segment. With all of the sophisticated hardware available today, it’s hard to fathom that they can’t make it run fast enough. It’s just vendor spin. One man’s opinion is that vendors position the UTM box as a low end solution because they wanted to continue selling separate boxes for LOTS more money.
Remember that great quote from the movie Contact: “Why build one, when you can build two for twice the price.” Right, it’s all about economics. Vendors will work to maximize profits. That’s what they are supposed to do. But users can vote with their dollars. That's how free markets work. Unless there is a monopoly in place, but let's not go there...
So what is UTM? Simplistically, it’s putting all of the requisite security functions on a single piece of equipment. I’ll add that management integration is a key requirement as well. Sure there you’ll use less power and take up less space on the rack, but those are secondary benefits. The true benefit is in finally getting integrated management of your perimeter defense.
Now the whole licensing issue is definitely an Incite. Basically, licensing software to integrate onto hardware is not a sustainable business model for the hardware provider. End users should think very carefully about committing to a vendor who does not control the intellectual property that provides the functionality that protects your network.
You need to look no further than ISS and CheckPoint, who compete with their OEMs, to see the writing on the wall. The software is the engine that makes it all go. Sure you can differentiate because your tires are better and your suspension is highly tuned. But no engine, your car is pretty much a door stop.
And if the engine manufacturer decides they want to build their own car? OEM is out of luck. Oh well, time for Plan B. Once again, customers get screwed. They would need to either change software or hardware. Either way there is a learning curve and there is cost.
Sure there are source code agreements and other protections. Sure they issue joint press releases supporting each other. Everybody is singing kumbaya. Let’s be clear, a vendor’s responsibility is to its core constituencies (employees, customers, shareholders), NOT to the OEM. So they’ll toss the OEM out with the daily trash. It’s happened before, it will happen again. Mark my words.
So, management is the critical piece of the puzzle and key dependency. Fewer boxes hits the mainstream when you get integrated management of all the pieces. Oh crap, am I really betting an Incite on integrated management? It’s not perfect yet because the big security hardware guys (Cisco, Juniper, etc.) are still digesting a lot of stuff they’ve bought and keep buying. We should be there already, but my hedge is that it will take until 2007, and then you’ll be hearing a cacophony of “No Mas Box.”
That’s Day 1, looking forward to your comments.
All you need to do is take a peek into your typical enterprise data center to get a feel for why the explosion in the number of appliances is a problem. Equipment is overflowing. For every new exposure, there seems to be a new appliance. Just like Roberto Duran, say “No Mas!”
Administrators are the ones who get to manage all of those appliances with their different interfaces and different data models. When the data gets out of hand, what do you do? Of course, buy a management appliance to integrate all the data. An appliance to manage the appliances, clearly the Department of Redundancy Department is at work.
So is the answer to all our prayers the integrated UTM box? Not if you ask the vendors, who have pigeonholed UTM into an SMB market segment. With all of the sophisticated hardware available today, it’s hard to fathom that they can’t make it run fast enough. It’s just vendor spin. One man’s opinion is that vendors position the UTM box as a low end solution because they wanted to continue selling separate boxes for LOTS more money.
Remember that great quote from the movie Contact: “Why build one, when you can build two for twice the price.” Right, it’s all about economics. Vendors will work to maximize profits. That’s what they are supposed to do. But users can vote with their dollars. That's how free markets work. Unless there is a monopoly in place, but let's not go there...
So what is UTM? Simplistically, it’s putting all of the requisite security functions on a single piece of equipment. I’ll add that management integration is a key requirement as well. Sure there you’ll use less power and take up less space on the rack, but those are secondary benefits. The true benefit is in finally getting integrated management of your perimeter defense.
Now the whole licensing issue is definitely an Incite. Basically, licensing software to integrate onto hardware is not a sustainable business model for the hardware provider. End users should think very carefully about committing to a vendor who does not control the intellectual property that provides the functionality that protects your network.
You need to look no further than ISS and CheckPoint, who compete with their OEMs, to see the writing on the wall. The software is the engine that makes it all go. Sure you can differentiate because your tires are better and your suspension is highly tuned. But no engine, your car is pretty much a door stop.
And if the engine manufacturer decides they want to build their own car? OEM is out of luck. Oh well, time for Plan B. Once again, customers get screwed. They would need to either change software or hardware. Either way there is a learning curve and there is cost.
Sure there are source code agreements and other protections. Sure they issue joint press releases supporting each other. Everybody is singing kumbaya. Let’s be clear, a vendor’s responsibility is to its core constituencies (employees, customers, shareholders), NOT to the OEM. So they’ll toss the OEM out with the daily trash. It’s happened before, it will happen again. Mark my words.
So, management is the critical piece of the puzzle and key dependency. Fewer boxes hits the mainstream when you get integrated management of all the pieces. Oh crap, am I really betting an Incite on integrated management? It’s not perfect yet because the big security hardware guys (Cisco, Juniper, etc.) are still digesting a lot of stuff they’ve bought and keep buying. We should be there already, but my hedge is that it will take until 2007, and then you’ll be hearing a cacophony of “No Mas Box.”
That’s Day 1, looking forward to your comments.
Recent comments
1 week 5 days ago
2 weeks 3 days ago
6 weeks 1 day ago
6 weeks 2 days ago
6 weeks 2 days ago
6 weeks 2 days ago
6 weeks 2 days ago
6 weeks 2 days ago
6 weeks 2 days ago
6 weeks 3 days ago