« StillSecure, After all these years, Podcast #12 | Main | Friends (and competitors) who blog »

August 24, 2006

Pigs (Three Different Ones) and Sheep

Pf_animals My friend, Mike Rothman recently blogged on adding capabilities to an existing platform and how it is driving the UTM market and away from best-of-breed solutions.  He calls the post "security is just another brick in the wall." In keeping with the Pink Floyd theme, my other friend (I have more than one), Chris Hoff, fresh from vacation and sharp as ever, responded with a comment entitled, "is there anybody ... out there?".  Chris takes Mike to task for daring to suggest that there is not a strong and growing market for UTM that delivers BOB (best-of-breed) solutions with true enterprise class functionality.  So keeping in the Pink Floyd motif, let me reach back a little further.  I am slightly older than Mike and Chris and my favorite Pink Floyd album (using the word album should show you how old I am) is Animals.  Certainly one of their finest pieces of work that is often overlooked. Two songs on the album are Pigs (three different ones) and Sheep.  I think this pretty much sums up the current state of the low-end UTM market and the vendors, resellers and users of this stuff.  I will leave it to you to speculate which UTM vendors are the Pigs, but the Sheep who are pushing and using these boxes and singing their praises need to have a closer look.

The bottom line here is that on the low end of the market these boxes are more often that not, Pigs.  Once you turn on IDS/IPS and anti-virus if you are pushing any kind of bandwidth they are going to grind to a halt.  Yeah, if your idea of a corporate connection is a DSL line maybe, but beyond that, to paraphrase Ben Franklin, "if you are willing to sacrifice a little security for a little integration, you are entitled to neither security nor integration". What these low end UTM's bring is only integration and frankly it is not much of an integration.  In my old neighborhood in NY, we would call this seeing how high we can pile this sh%#$.  Putting multiple applications on a box is not integration.  Taking a collection of open source software and slapping a pretty GUI on it, is not integration.

So you ask what does the future look like?  Here are I agree and disagree with both Mike and Chris. I do think there will always be a certain segment of the high-end market who go for single silo, best-of-breed applications that do not run on a common platform or share any common interface.  There is going to be another segment of the carrier and enterprise market who are going to use a Crossbeam type of solution that is a collection (offering a selection) of BOB software, running on a common platform.  Some carriers may put this in the cloud and in doing so bring this type of functionality to another segment of the market who otherwise would not be able to afford and/or manage such a sophisticated offering.  What about the rest of the Sheep out there?  They are going to eventually want more than the Pigs offer today.  They are going to want real integration between the security products collected on the box.  Single packet inspection for multiple technologies, common log file formats, singular reporting on the box.  A real integrated GUI that is not just a frame with the other products GUI running inside.  Policy definition and settings across the multiple applications are but some of what these next generation UTM's are going to offer.  Mike mentions security switches.  I agree that is going to be part of it.  The convergence of security and networking is going to continue and accelerate.  There is no reason that on a single platform a SMB or SME should not expect basic network functionality and true integrated security that is easy to set up, easy to use and doesn't cost a lot.  When someone can offer this and the Pigs try to sell the current UTM vision to the Sheep, to use another WHO phrase (like Mike), the Sheep "Won't Get Fooled Again"

Chris Hoff has his own post up on this now that goes much deeper into Chris's views on the BOB/BIB market and why Crossbeam's unique approach to UTM continues to be viable. You can read it here.

Posted at 11:19 PM in Security Incite, UTM |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83451e4d369e200d8342a9bf453ef

Listed below are links to weblogs that reference Pigs (Three Different Ones) and Sheep:

» Best of Breed Says: "Rumors of my death have been greatly exaggerated..." from Rational Security
[Editor's Note: You should also check out Alan Shimel's blog entry regarding this meme. I'll respond to some of his excellent points in a seperate entry, but he beat the crap out of Mike and my Pink Floyd references! I [Read More]

Tracked on Aug 25, 2006 2:36:38 AM

» A walkon part in the war from TheConvergingNetwork
Okay, I can't stand it. Even at the risk of brain damage I have to comment on this whole UTM, BoB, integration by friends Rothman, Hoff and Shimel. Yes, best of breed will continue to be utilized for point solutions,... [Read More]

Tracked on Aug 28, 2006 3:25:31 AM

» http://rationalsecurity.typepad.com/blog/2006/08/you_can_forget_.html from Rational Security
You can forget any amount of nicey-nicey in this response. I don't mind debating topics, but generally, I do my homework before I post rather than generalizing or debating via analogy. Mitchell Ashley just got my goat with his post [Read More]

Tracked on Aug 28, 2006 1:04:41 PM

Comments

My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.

Search

Lijit Search

Attend a Computer Forensics Boot Camp to better your skills and become a better worker

Categories

Track my blog stats

Blog powered by TypePad
Member since 10/2005

About