More value please, not just low price

28 Sep , 2006  

I’m not sure what Alan was disagreeing with me about in his comment on Matt Assay’s post about open source routers. (Some times Alan just likes to disagree, but you already knew that, lol ) Alan’s right, leading with price is a loser. It means you are totally a commodity option with insufficient or no (more likely) value above being a cheaper option. At best that might prompt interest by someone who would never by Cisco but that could a very small market. My comment to Matt was that a story from consultants using Xorp is good but real end-customer experiences are much more valuable.

Rothman has it “right-er” in his response that price is just one lever. (Sheez, this is my 2nd positive post about Mike in the same day!) I’m all for a robust open source router but a me-too open source router is a yawner. There’s got to be new innovation, functionality, a significantly better user experience, or delivering an alternative to the market in some new innovative way. Now, that’s interesting. Mike’s Firefox example is a perfect one.

It’s more than new/additional features too. Making the network easier to manage, taking less time and resources, increased flexibility in deployment options, cross-vendor or platform support are examples of attributes that can bring value to customers beyond the incumbent. Maybe then we can talk about possibilities of breaking past the vulnerable 20% of the incumbent’s market.


Quote of the Day – goes to Rothman

28 Sep , 2006  

I always love those little things that make you burst out with a good laugh. My day started out with Alan telling me a joke I can’t repeat here. Then Rothman prompted a good laugh from me in his post about Richard Stiennon‘s infactuation with extrusions (leak prevention). That inspired me to want to get a QOTD (qoute of the day) posting going.

When you have total VC funding in a market outstripping sales in the category, you are in an early market. – Mike Rothman

Have a great day, everybody! 🙂

Blog, Podcasts

Don’t read this book – devour it!

26 Sep , 2006  

Podcasting is something relatively new to me. My friend Alan Shimel started the StillSecure, After All These Years podcast and recently asked me to co-host it with him. I have to admit – it’s a heck of a lot of fun. Mostly because I enjoy talking shop and seeing what interesting places Alan’s and my personalities take the conversation. (Thanks to those of you who have commented you enjoy our fun banter on the podcast.)

Okay, now about the book. I was fortunate enough to be introduced to Eric Green, Larstan Publishing group publisher, while at Interop last week. Eric knows Alan and some of my company’s marketing team. Eric told me about one their new books just released about podcasting, Promoting Your Podcast by Jason Van Orden, forward by Robert Scoble (Microsoft podcast fame). Eric offered to send us a free copy but I couldn’t wait – I bought a copy at Barnes & Nobles first thing after returning from New York and enjoyed reading it this weekend.

Not to give away all the great info in the book, it covers tips on social networking, search engines, tagging, directories, cross promotion and a whole host of other stuff.

If you are into podcasting or want to learn more about how to really do it well, pass up the other books and dive right into this one. I highly recommend it.

Congratulations Jason, Robert and Eric. Here’s to new friends and a successful book!


Another helping of open source, please :)

26 Sep , 2006  

InfoWorld columnist and Foundstone (Symantec) employee/instructor Roger Grimes has a nice article about open source and free utilities. Beyond the typical snort, nessus and nmap utilities, Roger covers some interesting newer free tools, Fscrack, HackPack, Hacme Platform, SiteDigger. (See Roger’s article for a full discussion of tools). Let me know about the latest new free or open source tool you’ve come across and I’ll share it here.

Open source is a great enabler for delivering useful, handy tools. Neil McAllister in his InfoWorld column dives into why there aren’t more open source graphics developed by graphics artists. Something I didn’t know that Neil discusses is the past disputes over copyrighted icons and current limitations of use in the Firefox open source web browser. Neil makes an interesting point; using open source inspires others to create even more open source. That’s certainly true in the software world and Neil’s would like to see it in the design world too.

Both are good articles for followers of open source. Thanks Roger and Neil.


Windows Vista secures controversy

22 Sep , 2006  

As predicted (on a previous SSATY podcast) the squabbles have already started between the AV vendors and Microsoft over Vista’s security additions.

The war of words has now moved onto the security dashboard playing field (Windows Security Center vs. 3rd party AV vendor dashboards). Microsoft says third parties can tie into and report status through the Windows Security Center but that it always must be enabled. AV vendors are crying foul since it can’t be disabled and replaced by their own dashboard (as was the option in Windows XP.) Both sides have valid arguments. If you disable the security center, then what about reporting patch status or firewall (if a 3rd party one isn’t installed)? On the other hand, two security shields / dashboards doesn’t make sense either.

The bottom line? Clearly, the AV gravy train is coming to an end. This is really about losing the ground AV vendors have had for many years and just as importantly creating the console that serves as point for valuable security applications.

Microsoft should be able to compete in the AV market and give current AV vendors a run for their money. Current AV vendors of course should be able to compete to maintain their foothold and attempt to win the hearts and minds of Vista users. But just fighting over the security dashboard isn’t going to win the game for AV vendors. I’m afraid that AV vendors are missing the point here. Keeping the dashboard doesn’t mean you keep the underlying security apps too. Not if Microsoft’s apps are better.

Vendors are playing all sides of this issue; sticking Microsoft in the eyes by marketing the vulnerabilities they find in Microsoft products, taking advantage of loopholes in the kernel to develop security products, and making $’s hand over fist on AV, firewall and spyware products. Quotes like “Why does Microsoft have to the be the sole voice about [Vista] security?” from Symantec are a bit ridiculous when they are the ones making such an issue about the security issues in Windows in the first place. There is a bit of a conflict of goals having a vulnerability research team joined at the hip with marketing when what they are doing is pointing out flaws in the host system’s OS.

Similarly, complaints are being lodged against the new Kernel PatchGuard and fixed-layout document standard (XPS) document formats. Cisco has also weighed in the press about their views on the new Vista security features subject.

Now the issue is being taken to the EU where it could garner some attention, where they previously determined that Microsoft was a “near” monopoly and fined them $600m. (“Near” right, EU.)

And this is only the beginning. Symantec seems to have taken the lead in voicing concerns in the public about the threats Vista posses to it’s markets. So hang tight for some real controversy over all these Vista security enhancements. It would be surprising if all of them don’t come under attack at some point in time.


Podcast #15 – All-star security panel

22 Sep , 2006  

This week’s podcast #15 is posted and ready for play in an mp3 or web page near you.

As I mentioned in some previous posts, this week’s podcast topic is “Selling Security up the Ladder” and we interview an all-star panel of very well know security samurai; Martin McKeay (Network Security Blog, ComputerWorld), Michael Farnum (Information Security Place, ComputerWorld), Bobby Dominguez (Sykes, online shopping companies and Lycos) and Mike Rothman (SecurityIncite, NetworkWorld).

I think anyone who has had to ask for budget for security (that’s everyone isn’t it?) will benefit from this podcast. Check it out and give me your feedback.

Remember to email you questions for Alan and I to answer on the air.


Interop NYC – Thursday’s conclusion

22 Sep , 2006  

Jeff Beck

Thursday was a short day for me at Interop. The morning began with an in depth conversation about deploying our Safe Access product inside an international financial services company. It is always a pleasure to learn about customers’ networks, the challenges they face, and to really understand their interest and needs for NAC. The lengthy customer meeting was followed by an analyst session and then a dash to La Guardia airport.

Unfortunately I missed the session with Symantec’s CTO discussing their new Symantec 2.0 announcement. I have to admit, the announcement seems rather confusing; dropping out of the security appliances business, now back in them with Juniper, NAC’s a back burner and now lets add support for TNC, etc. Mike Rothman made some pretty intelligent comments about this that backs up why this all seems so confusing. Maybe in the next few months we’ll get more clear insight into Symantec’s plans and what exactly all this means.

I was contacted by a Symantec representative about a survey Symantec did at Interop. According to the representative, “the most startling response was that 40% of those surveyed said their organizations experienced at least one breach during the past 12 months.” Actually, I’m not surprised at all. Every breach doesn’t get publicized and there are so many that happen which most of us just don’t know about unless we are insiders at that company. Anyway, thanks Frank (who contacted me) for sharing a bit of the survey. Hopefully we can learn more about the survey and possibly blog or podcast about it. (If anyone would like to be put in contact with Frank, please email me and I’ll be happy to do so.)

Dave Greenstein (StillSecure Chief Architect) had some very nice coverage in the press about his participation on the NAC deployment experiences panel with Joel Snyder. Again, I think many of the attendees (but certainly not Dave) got lost in the Cisco / Microsoft slight of hand messaging that NAC is something we’re all gonna do in the future. It’s here now. We are just waiting for the 800 lb. gorillas to start tap dancing (iffy) so we can teach them the tango next (not likely). While they are still talking about what they’re gonna do, the rest of us will be deploying Safe Access in Cisco, Extreme, Nortel, Enterasys, … and Microsoft networks using product that’s available today.

I am happy to also report that my day wrapped up one of the best ways possible (that is if you are a guitar player, like I am anyway.) Upon returning to Denver and spending time enough to share a meal with the family, I drove downtown to attend the Jeff Beck concert. Wow, 2 1/2 hours of unbelievable musicianship, talent and just pure guitar fun entertainment. It makes you want to rush home and start practicing for hours (or just drop the guitar and pick up a different instrument all together – that’s not gonna happen for me though.) I wish every trip capped off with a concert like that. Jeff Beck is a one of a kind and a spectacle to see in concert.

Thanks for reading and I hope sharing some of these thoughts about Interop NYC ’06 over the past few days were interesting and insightful. As always, please email any questions or feedback! 🙂


Interop NYC – the Wednesday results

20 Sep , 2006  

StillSecure booth action

Another very successful day at Interop in New York City. The traffic by the booth was brisk and many people stopped by because they’ve heard about StillSecure’s success in the NAC marketplace. It makes a big difference when you can talk about specific experiences with NAC over the last 3 1/2 years (we started working on Safe Access back in 2003, before MS Blaster hit and before anybody heard of C-NAC or NAC) and the successful experiences customers are having today. I’m struck by how Interop has changed, how security is a much more dominant theme of Interop now.

Again, a day full of customer meetings and media/analyst briefings. Alan and I were able to meet up with Mike Rothman (SecurityIncite) during lunch. All three of us commented about the podcast recording Monday night with Rothman, Martin McKeay, Michael Farnum and Bobby Dominguez. It was a pretty amazing conversation (we should have the podcast posted by Friday at the latest.)

Rothman posed an interesting question to me; why supporting industry efforts like TNC/TCG would be important to us, since one of Safe Access’ differentiators is working across all of the various vendor architectures and product technologies. Customers certainly are looking for support of standards and frankly it is a way for customers to hedge their bets against being locked into the wrong solution. It also means your stuff will work with their existing stuff. It is also very important to technology partners, such as OEMs, so they are ensured compatibility in a heterogeneous world of network infrastructure, protocols and software.

That’s one of the reasons I’ve been working with and supporting the Trusted Computing Group. Alan has also been nominated for the TCG board of directors so please jump in and offer your support if you can. I know he would bring a lot of real world experience in NAC to the table and be a valuable asset to TCG.

The best highlight of the day was listening to Kevin Porter’s (of HP) presentation at the Trusted Computing Group briefings. Kevin has a real way with words and did a great job of communicating how the various aspects of the TCG architecture works and the value this brings to customers. Following the last presentation there was a TCG “social” get together with various members of TCG. Great job, Kevin, and thanks for your continued involvement and support.

We wrapped up the business day with a dinner with a customer in NYC who has deployed Safe Access at multiple locations within their enterprise network. I can’t think of a better way to end the day than to spend it listening to a customer.

Alan and I then made a quick trip down to the new Apple store in front the of the GM building. The store is open 24 hrs a day! It’s more than a store, it’s a hangout. The Apple store is actually underground but the entrance is a big glass cube above ground with a clear spiral staircase and clear glass elevator. Apple’s always been a cool company (my first computer was an Apple II) and they have a great sense for style in their products and how they do business.

Blog, email, review some documents, to bed, and then get up for my last day at Interop NYC.


Interop NYC – the Tuesday results

20 Sep , 2006  

Empire State Bld

Day one at Interop was a busy one already. After some analyst and press meetings I finally made it over to the newly designed StillSecure booth. Wow, what a difference. The marketing team has really outdone themselves on the new booth design. Kudos to Tova, Jeannine, John, Rick, Sonya, Courtney and Jayson. My only feedback is that the video screens need to be much larger (you can’t see anything unless you are right in front of the screen) and the product flash tour needs to match the aspect ratio of the monitors we are using. Adjustments and tweaks we can make going forward.

There were two major highlights of the day for me. First was Dave Greenstein’s appearance on Joel Synder’s panel about experiences deploying NAC. Dave, StillSecure’s Chief Architect, appeared along with representatives from Cisco, Microsoft, Juniper and Trusted Computing Group. I have to say that frankly Dave was the only one that appeared to have any real hands on experience deploying NAC solutions. All Cisco, Juniper and Microsoft could talk about was how it’s “going to be” in ’07 (can you say ’08 in reality) when they ship NAC products. The Microsoft representative had set up 802.1X once in the lab at the office. Not quite what I’d call “experience” deploying NAC.

Dave’s message was that you don’t have to wait, we’re already implementing NAC for customers today with Safe Access. Not only that but we also work with other vendor’s technologies (switches, Radius, DHCP, VPNs, NAC products, etc.) so while the 800 lb. gorillas work on getting to market, we are implementing customers today. I do have a bit of a beef with Joel though as he played right into Cisco and Microsoft’s story that NAC isn’t here. That tells you who is really shipping product and who is selling vaporware. I guess I can take it up with Joel when he appears on a SSATY podcast after he returns from his upcoming travels. Congratz Dave on an interesting and succesful panel.

Highlight number two was meeting Chris Hessing in person. I’ve blogged about Chris before. He’s the developer at the University of Utah who developed the Open1X open source 802.1X supplicant. I admire guys like Chris who do projects like this on their own time, unpaid. They do it because they love it. It looks like we’ll have Chris on an upcoming podcast which I can’t wait to do. Thanks, Chris. Guys like you are the fuel behind some really cool innovations in the market.

I wrapped up the day by taking a walk from my hotel across from Penn Station/Madison Square Garden down to the end of Times Square during rush hour. There’s no other place or people as fascinating and interesting as New York and New Yorkers. It was a great walk and I enjoyed just losing myself in the city crowd and becoming a part of the scene. The evening concluded with a late night executive team conference call discussing our product strategies, customer initiatives and upcoming activities with our OEM partners.

All in all a very successful day. Thanks to all the StillSecure team for making this a great day. Now for some sleep and then getting up to do it all over again.

Update: I added a picture of the Empire State Building (that I took with my phone) which is around the corner and some number of blocks down from my hotel.


Interop NYC – the early Tuesday returns

19 Sep , 2006  

I am at Interop ’06 in New York City this week for analyst, press and customer meetings and to help with the launch of our release of Safe Access 5.0. I’m really looking forward to the conference as well as catching up with some friends in the industry here. I’ll try to recap any interesting events and findings over the next few days.

Here’s an early look at some announcements I’m following at the Interop conference:

  • Trusted Network Connect of Trusted Computing Group makes the debut of some new participants (pdf) along with interoperability demonstrations. I would particularly like to welcome a partner of StillSecure’s, Extreme Networks, to the TNC family of supporters.
  • Big iron UTM vendor Crossbeam and ISS (now IBM) announce an alliance to offer carrier and enterprise IPS (intrusion prevention system) on high performance switches for large networks.
  • StillSecure announces “the best gets better” with Safe Access 5.0’s single-pane-of-glass management, high availability, load balancing and role-based access for enterprise NAC. Last week StillSecure announced it’s supports for the Cisco and Microsoft NAC-NAP integration.
  • Dave Greenstein, StillSecure’s Chief Software Architect, appears on a “deploying NAC” panel moderated by Joel Synder of Opus One along with Microsoft, Cisco, Juniper, and the Trusted Computing Group.
  • Foundry announces plans for its ServerIron 4G to speed up client interactions (by taking on SSL encryption, layer 4-7 server load balancing and application firewalls) with web and application servers.
  • On the heals of it’s recent partnership with Microsoft to go after the SMB branch-office-box market, Citrix announces two appliances based on the same WANScaler network acceleration/optimization technology.
  • Misc. new company and product entrants into the NAC market space. (Frankly, its surprising VCs are still funding “me too” NAC companies this late in the game.)

I’ll keep you posted as more unfolds during Interop. If you have any questions or news of your own please email me at