Thursday, April 30, 2009

Last RSA thoughts ...

The attendance was way down, but RSA has always been a vendor-to-vendor show to encourage open discussions on security. This year seemed to focus on all things cloud, and aligning security with business requirements. With that, here are a few loose ends from last week …

AVG, a nifty endpoint security player, reports that 60% of infected Web sites disappear in less than 24 hours. Cisco is doing a nice job of incorporating Ironport’s reputation heuristics into its security offerings, applying the technology to IPS devices to dramatically boost performance and filter short-lived transient attacks. It looks like this bold move by Cisco could work out for their customers.

I really liked what I heard from Citrix and TrendMicro, and even Microsoft (though it takes them an insane amount of time to ship any security product). Together with Cisco and IBM it is good to see the major infrastructure vendors with product roadmaps recognizing that coordination between host, network, and cloud is the way forward.

I have gone almost full circle on Web application firewalls. I was a huge advocate back in my Yankee Group days, but now I am less sure. WAFs all but died off because IT preferred to fix applications the right way – in the source code – rather than putting a band-aid in front of the app. WAFs are challenged penetrating deeply into the applications chain of Web servers, application servers, and data base servers to thwart SQL injection attacks. PCI threw a lifeline to the segment, but IBM will put a hurt in it with its free version. IBM can do that because scanning and fixing the source code is the Rational route.

Finally, a thanks to Greylock. I’ve been critical of VC’s not venturing new startups over the last two years. Their reception was the networking highlight of the week. There were quite a few friends I would’ve missed had it not been for Greylock’s generosity!

Thursday, April 23, 2009

My RSA Conference is over

The RSA Conference is over for me. I managed to pack in over 30 formal meetings and a big number of informal conversations. Great week! I'll be winging home at 8:30 tomorrow morning, but before I go here is a link to an article on the Innovation Sandbox.

RSA Conference 2009 shines spotlight on security innovation

More from Re-union of Security Associates conference

This has been a fabulous week at RSA. The weather has been outstanding - my favorite briefings were outside in Yerba Buena gardens surrounded by sun, green grass, and flowering azaleas. Way better than a booth discussion - thanks to Citrix and Safend for getting me outdoors yesterday! I have really enjoyed catching up with people that I only get to see once a year.

A couple of my favorite articles were posted this week on SearchSecurity. Check 'em out:

Gartner gets NAC wrong, again

Mimic the IBM approach to security at RSA

A big surprise at the show is the abstraction of VMware's marketing communications teams. They choose to make a major vSphere announcement on the first day of the show when security press and analysts are at their busiest (hint: Monday was better timing), announce VMsafe on the last day of the show when press and analysts are done for the week (hint: next Monday was better timing), and do not have a presence on the show floor (hint: EMC is your parent; RSA is your sibling - ask to borrow a corner of their booths). I did however manage to chat with a VMware person at the Greylock reception.

Kudos to Greylock for hosting the best event of the conference!

Tuesday, April 21, 2009

Nice move to the C-Suite by Lumension to start off RSA

Lumension started off the week with a bang by announcing the acquisition of SecurityWorks at 10:00 Monday morning. This is nice move to add compliance and risk management tools to an already strong portfolio of patching, device control and endpoint security products.

One of the major trends I'm already seeing this week is applying GRC capability to map business goals into automated IT directives. This purchase positions Lumension to have deeper conversations with prospects about the managing and securing the infrastructure, and also gives the company flexibility in driving revenue through additional product lines. Lumension still has to execute, but this is a promising addition.

I'm looking forward to another sunny 80 degree day here - can't wait to see what today's news will be!

Sunday, April 19, 2009

On my way to RSA

I am writing this as the six foot three guy in the middle seat as Virgin America is bringing me to RSA Conference 2009. For an analyst, this is a week jammed with briefings and networking sessions. It is my best chance to meet people I have enjoyed talking with on the phone, catch up with friends I don’t see often enough, and deepen vendor relationships in the pursuit of business. It is all about talking with people this week for me. I do tour the exhibit hall, but to be honest I’ve been briefed before the conference by most of the savvy vendors and it is challenging to have productive conversations in a trade show booth. And there is never time to actually sit in on a session.

RSA is the ultimate networking conference in the security industry. RSA has always been about the best vendors getting together to improve security and business propositions. Be sure to put on your networking hat If you are at the conference – this is the one time to meet people with common interests that can help you in the future.

If you are working a booth, be prepared for a quiet week. Economy-driven travel restrictions that are now in vogue means you should not expect hordes of customers crawling through the exhibit hall. When members of your installed base aren’t stopping by to see what’s new, be sure to check out startups for new ideas and introduce yourself to people.

It is going to be 80 degrees and sunny in San Francisco. Should be a great week!

Saturday, April 18, 2009

Citrix XenApp may seem complex, but streamlines security management

April 17 posting on SecurityBytes, a blog:

Citrix Systems' XenApp, its flagship application delivery product line, can appear to require a complex chain of moving parts of moving parts that can be difficult for prospects to understand. However, existing customers that are saving operational expenses consolidating data centers may also find improvements in the latest version of XenApp to manage user authentication and access control and conduct application auditing as a result of delivering applications from fewer virtual data centers.

Securing Smart Grid: How solution providers can help

April 9 posting on TechTarget's

The Obama administration is setting aside $54 billion to modernize the national electronic grid infrastructure, which represents a number of opportunities for security solution providers. The goal of what's being called the Smart Grid plan is to bring the communications power and flexibility of IP networks to the management of the electricity supplier's network. The modernization effort for Smart Grid would involve extensive modernization of security technology and processes to be successful. Solution providers specializing in security technologies or in the utilities vertical will have to expand their knowledge base to be successful.

Cloud computing group to face challenges ahead

April 15 posting on TechTarget's SearchSecurity:

The new Cloud Security Alliance (CSA) has a number of hurdles to climb if it expects to foster a meaningful discussion about cloud computing and provide useful data for organizations planning cloud implementations. The organization announced its formation earlier this month and plans to release a whitepaper in conjunction with its official launch at the RSA Conference in San Francisco.

Monday, April 6, 2009

Conficker leaves security industry looking clueless

Posted on TechTarget on April 4, 2009:

The Conficker-fed doomsday scenarios fed to us by security vendors and trade press has come and gone without the big disaster. The IT world on April 4 looks a lot like the IT world on March 31. It is almost disappointing, just as a forecasted winter storm that misses the mark - nobody wants to see property damaged, but a good storm is captivating and fun to watch. Conficker, also known as Downadup and Kido, was primed to start seeking its payload using a wider range of domains on April 1. The over-hyped storm has thus far turned into a dud, leaving the security industry looking clueless once again.

Press quote for CoreStreet

CoreStreet has very interesting and innovative authentication technology that is finding traction particularly in government organizations. This quote supporting their
CoreStreet Announces the CoreStreet FIPS-201 Solution was an easy one as the CoreStreet FIPS approach can reduce costs in consolidating authenticated ccess for both physical and logical systems.

“The CoreStreet FIPS-201 Suite provides government agencies the critical capability to fulfill the promise of converged physical and logical security as envisioned by HSPD-12,” said Eric Ogren, founder and principal analyst of the Ogren Group. “As an effective upgrade to legacy PACS systems, this solution allows government employees and contractors to use their FIPS 201 credential for secure access to federal buildings.”

Special Report for AccelOps

AccelOps is a new company dedicated to bringing IT service management to mid-tier firms. This special report is based on qualitative survey research conducted by the Ogren Group on the needs of IT for a pragmatic All-In-One management tool. Check out the special report here.