Security is just another brick in the wall
It's interesting that I am always stumbling across interesting non-security perspectives that are very relevant to our little corner of the world. In this post (here), by Seth Godin - he basically says there are three ways to gain more market share. First, get new customers by having them switch from the competition. Second, grow the market (by having new customers adopt your stuff). Finally you need to keep your existing customers from leaving, which is a commonly overlooked aspect of growing market share.
But what tactics can be used to achieve these ends? Again, Godin has great perspective on this. One path (another brick in the wall) has you adding more capabilities to an existing platform, and over time customers will get adopt the product if only not to have to continue integrating. The second is a true innovation, which would make switching too painful for customers, so they've got no choice.
So what? In the security space, we can certainly come up with examples of true innovation. SSL VPN is a good data point. It's so much harder to manage an IPSec environment, that most customers have moved to SSL VPNs. Vendors figured that out and started supplementing their existing IPSec boxes with easier to use technology to stop the bleeding. But bleed they did.
I'm betting we see a similar (but much larger) adoption of security switches over the next 5-7 years. As volumes kick up, there won't be much of a pricing distinction between security-aware switches and traditional Layer 3 gear and the pain of having to overlay and integrate access control into the campus will drive folks to overhaul their campus.
But those examples are few and far between. For the most part, Big Security has just continued adding stuff until the best of breed provider has no where to go - but away. Or into the arms of a big acquirer (ISS anyone?). UTM is very much about that nowadays. Sure there are some folks that choose best of breed because they are gluttons for punishment, but in the lower ends of the market and the larger enterprises where they have better stuff to do - for the most part they are looking at UTM boxes to provide better integration - so the customer doesn't have to.
So as you look to figure out what your security architecture looks like ahead of every budget cycle, keep in mind that all in all you're just another brick in the wall.
(Keeping in spirit with your Pink Floyd theme...)
How appropriate that the next song after "Is There Anybody Out There" is "Nobody Home" because, sadly, you aren't and yet you left your lights on ;)
I take issue (for obvious reason) that people who choose best-in-breed are doing so merely because they are "...gluttons for punishment." That's as asinine a statement as saying that everyone who drives a Ferrari is an A-hole with a compensation problem...OK, bad example. Umm....
But seriously...
Perhaps they choose best-in-breed because in terms of managing risk, the value they get from using BIB productsis is greater than the cost of stringing together less capable or robust products/solutions - however "integrated" they may be.
Sometimes you want the best coverage for your dollar spent -- and when absolutes count, people aren't necessarily willing to gamble on "relative" security.
It's all scales of economy -- comparing the Fortune 2000 with Joe's Ice Cream and Taxidermy is a stupid exercise. Different strokes for different folks, but BIB is NOT an inappropriate solution for those who can afford it.
Equating BIB as "overpriced" or bloated is simply unfair. You don't have to be a commodity (or even integrate a bunch of commoditized functions) to show value and innovation isn't only derived from non BIB players.
As you know, Crossbeam provides UTM solutions -- but we don't offer $500 perimeter widgets that are "good enough." We are the ONLY Enterprise and Provider class UTM solutions vendor that combines the integration of BIB security functions for large enterprises and service providers. We don't sell one vendor's version of the truth and that flexibility combined with performance and high-availability means that BIB and UTM are not mutually exclusive.
That's a brick in very strong wall.
-Chris