Leaving your fate to others
Upon the conduct of each depends the fate of all. ~ Alexander the Great
In Tim Greene's NAC newsletter for this week titled "the fates of NAC start-ups", Rob Whitely of Forrester Research is advising NAC start ups not to bother with the endpoint scanning and policy setting aspects of NAC. Instead Rob says NAC start ups should sell their gear as enforcement points. Rob's justification is that bigger companies like Microsoft have the ability to do the endpoint testing and policy pieces. Whitely says that companies like Caymas, ConSentry, Lockdown, Mirage and others (one of the companies I just mentioned may be either out of business or already sold at a firesale, rumors are flying), should team up with policy and endpoint scanning partners to get them noticed and installed in real world situations.
Rob, I think you are dead wrong on this. I think leaving your fate to the good will and best intentions of companies like Microsoft is suicide. I would rather go down fighting, controlling my own fate. Providing a partial solution is never a good business model in my mind. Also, lets look at the facts here. Even Microsoft's policy and testing with NAP is not adequate. It will only work on Windows machines and it will only test for those things in the Vista security center. Namely, the anti-virus on, are the hotfixes up to date and is Windows firewall on. I think there is a tremendous amount of value to be delivered by supplementing these very basic, elementary tests. I think that is the real value of partnering with Microsoft on NAP/NAC.
The endpoint enforcement game will eventually live with the network guys. Unless your plan is to be acquired by them (there are some NAC vendors who are turning their appliances into switches who would like nothing better), concentrating on just enforcement, could leave you out in the cold.
Comments