Security

Can Microsoft, Cisco and IBM work and play well together?

30 May , 2007  

That’s what customers what – better interoperability between Microsoft, Cisco and IBM, according to Peter Galli’s eWeek article following Microsoft’s recent Interoperability Executive Council attended by large Microsoft customers. Microsoft claimed that attendees feel Microsoft’s web services are well put together but that IBM and Cisco could use help from Microsoft. I find that hard to believe, at least in the case of IBM’s BEA, but hey, they only talked to Microsoft for this article.

I can relate. Integration and interoperability are huge challenges, especially for large enterprises where so much effort in these organizations are put into making products and technologies work together. I spent the first half of my career doing just that for telecom and financial companies. Those lessons learned are a lot of what’s gone into the Cobia Framework, the underlying software architecture within Cobia that gives Cobia modules all of the open, plug-n-play, distribution transparency and other key capabilities. I’ve learned, through past hard knocks, that throwing a bunch of software on an operating system and plastering it over with a nice GUI does not an architecture make. It’s one of the reasons I believe some vendors don’t want you under the hood of their appliance. You might see what a mess things are or how much real proprietary technology (or lack of) you are paying for.

Interoperability is a challenge. Vendors usually only give customers APIs – the details (and you know what they say about the details) are left to the customer. Reminiscent of the phrase; "Some assembly required." Without some real partnerships and alliances, there’s not much likely to come from the Interoperability Executive Council’s request to Microsoft to work with IBM and Cisco. Asking Microsoft to do this may just be an exercise of tilting at windmills.

This is an area where I believe open source and architectures like the Cobia Framework will play a role. Customers want ease of use but they also want something that will "work and play well together" in their network. Innovation like this is not likely to come from the big vendors, especially when it requires they enable their competitors to compete more effectively against them. Open source projects and products are in a much better position to solve this problem, and that is my aim with Cobia. By creating an open source platform with a well defined software, operating system, network, distributed and interoperability architecture, it is much more feasible to bring networking, VoIP, security, video onto a converged platform and network. As we reveal more plans and capabilities in Cobia I think we’ll see how this can happen and fit in with the goals of the vendor community and users.

Hardware

When crapware turns bad, things get ugly

29 May , 2007  

If you’ve had a new computer, you’ve experienced "crapware", the annoying software hardware manufactures are paid to ship on your new computer. AV software, online services, image software, trialware, etc., etc.

I recently purchased an HP dv9000. I was very pleased with my previous dv5000 and the new computer is even better. (It’s great to run a virus scan with the dual core CPU and not have the entire system lock up). Of course one of the things you have to deal with on any new computer is the crapware, sometimes also called craplets, that come with your computer. We used to complain about the time it takes to update Windows on a new system. Now removing the crapware takes even longer.

One of the craplets on this system was a popup to get you to buy the extended service plan. This is where things went bad. Suddenly, after having the computer for two months, the extended service plan pop up started coming up endlessly and wouldn’t go away. It didn’t matter which option you selected, including the "I already purchased the extended service plan" – the dumb thing wouldn’t go away. In effect, now my computer is spamming me with endless pop ups!

A modest amount of digging showed an entry in the Windows Task Scheduler and with a few clicks, it was gone (and I deleted the .exe to be sure.) Needless to say, I wasn’t inclined to buy the extended service plan and this experience didn’t exactly endear me to the idea.

Security

Greenborder is about Google Web 2.0

29 May , 2007  

There’s much ado this morning about Google”s purchase of Greenborder (here, here), a sandbox technology for web browsers (Alan and Mike commented about this already too.) Rothman’s on the right track, btw, that this is about Google’s online apps.

Web 2.0 means many things (blogging, podcasting, etc.) of which online, web delivered applications is one that Google has invested in significantly. While these apps haven’t hit the main stream and taken over the world (the model hasn’t yet proven out), we are beginning to see more and more web apps that behave much more like regular thick client apps. (Try MS Outlook’s web interface for starters.)

Some see Google’s acquisition of Greenborder as their first entre into the security market, and while that may technically be true, this is really a preemptive move by Google to secure Web 2.0 apps before security becomes a barrier for them. What better way than to sandbox the browser, much like many SSL-VPN connections do, to help secure the environment the web app operates in from malware. Smart move on Google’s part, and even better for not relying on Microsoft to do this for/to them. (Take note, Microsoft.)

Will Google move further into security by offering AV, firewall or other traditional security products? It’s possible (and they’ve surprised us before) but I think not. Greenborder is a tactical move in their Web 2.0 strategy for providing online web apps, not about Google becoming a true security play.

General

Emerging from the dark ages of Chemo

28 May , 2007  

I hope that you never have to experience the trials and challenges of battling cancer as we have with breast cancer in our family. I’ve written before about my wife, Mary Ellen’s, successful battle to emerge from stage 4 breast cancer with no detectable cancer. That’s not the usual outcome for most diagnosed with stage 4 cancer.

Dark_agesWhen a close family member is diagnosed with cancer, you learn more about the disease than you ever thought you wanted to know. That has certainly been my experience. Unfortunately, one of the things you learn is that in many ways, most cancer treatments seem they are still living in the dark ages. Chemotherapy is a good example of what I mean. Most chemotherapies are a cocktail of 2 or more drugs that kill cells in the body. While cancer cells can be more susceptible to some chemo drugs, these drugs kill all kinds of the cells in the body, both good cells and cancer cells. It’s the best we’ve had for quite some time.

The good news is that new targeted therapies are starting to emerge and many others are on the horizon. Targeted treatments are those that are actually directed at specific types of cancer cells and locations of cancer, rather than killing most any kind of cell in the body. Mary Ellen was very fortunate to receive Avastin, an anti-angiogenesis antibody originally theorized during the 1970’s, which restricts cancer cells’ ability to form new blood vessels, thus starving their blood supply and killing the cancer. While first thought to be a wonder drug for cancer, Avastin plus traditional chemo only inhibited the breast cancer’s growth an additional 5 or so months, which in the world of cancer treatment is still a significant breakthrough. In Mary Ellen’s case it worked miraculously as her cancer was not detectable after 6 months.

Avastin is really just one of the early drugs in a long line of research which will create many other targeted drugs. Without targeted cancer therapies and drugs, doctors basically use study information (which takes a long time to compile) and trail and error to hopefully find the right drugs before the patient dies. Many new targeted drugs are being developed and will hopefully show enough promise to move into the medical trial phase. Nano technology is being applied to help deliver chemo drugs directly and over time to the targeted area. Some research has shown that lower doses delivered over a longer period of time are more effective than slamming a mega-dose into the patient every 3 or 4 weeks.

While it is something that is a ways off, I’m excited about epigenetic treatments. Epigenetics is the understanding of how genes can be activated or deactivated to stop cancer cell production or increase healthy cells that fight cancer. If effect, the body itself could be put back into balance and not produce cancer cells, or cells could be activated to fight the cancer with the capabilities within the body. Epigenetics is not gene manipulation, but rather the modification of the state of specific genes so they become active or inactive. It’s not clear at all that epigenetic drugs are a cure but helping the body help itself seems like a good path to pursue.

Of course there are many other drugs of the targeted variety in the works. It’s a matter of time, money and drug trials but the good news is we are emerging from the dark ages. Treatments are getting better all the time.

Security

Chinese walled in by Symantec

28 May , 2007  

China_wall_symantec1An update to Symnatec’s Chinese AV products blocked Chinese versions of Windows earlier this month. Businesses in China are mad and now they want compensation for damages (from $13.6k to $13.6m per business – how they came up with those numbers I don’t know).

While not agreeing to any fines or compensation yet, Symantec announced they will open a Security Response Center in China.  Now that’s true capitalism, American style. Mess up and turn a negative into a positive – we’ll bring more jobs to your country.

I’m sure other governments, like ours, won’t be too keen on security signatures developed in China appearing in government used products. So will this work only be go into non-US versions of Symantec products or is this really window dressing where no real IP will be developed in China?

In the short term this is a good damage control move by Symantec but brings up downstream issues that will need to be addressed. 

Network, Security

A short flight home

24 May , 2007  

Interop_cherieI’d say it’s been a very successful Interop for all involved in my company. As usual today was comprised of many more vendors selling vendors, and competitors stopping by to try and to snag a tidbit or two. Now, for packing up our stuff and heading home.

I’d like to take a moment and thank everyone involved in putting together our presence at Las Vegas Interop this year. Cherie, John, Aimee, Rob and Sonya all did a bang up job and it’s really appreciated. I’d like to thank Jason, our Cobia community volunteer who worked the show with us. And of course everyone form the sales and technical team who worked the booth. Bizdev of course played a huge role bringing in the partnerships and programs we announced. Most of all, thanks to Cherie for leading the effort for our Interop presence.

Until next time (can you say "Black Hat"?) everyone, many thanks.

Update: I failed to mention one very important person in my original post and that is Tova Sand of tovadesign.com. Tova did all of the graphics and layout work for the booth, online and print materials. Fantastic job, Tova. Thanks for all great work!

Security

Caesar, Caesar Salad or Main Desktop Entree

24 May , 2007  

Alan weighs in on Rothman’s views that the TNC+Microsoft announcement was about Microsoft owning the desktop and not about Cisco. While I appreciate Alan’s views, and I think he’s right, I don’t think Mike quite understood where I was going with my post.

I’m looking past this move by Microsoft to the other collateral effect on Cisco. We all know that the Cisco / Microsoft interoperability announcement of last year was just window dressing to the question being asked by enterprise customers. Who under God’s green earth would implement the full collection of Cisco and Microsoft’s NAC/NAP products in the fashion outlined. (That wasn’t a question.) So I largely discount much of that interoperability announcement and expect something much more practical to emerge if they really are to work together.

I think the Microsoft+TNC creates a vacuum and we all know how nature feels about vacuums. Is Cisco going to rely on customers giving them a pass on the topic of integration and interoperability? Or are we going to ask for real answers, rather than white papers that paint a Cisco product potpourri picture (say that fast 3 times) in order just to toast bread? 

Microsoft+TNC begs the question, is Cisco going to continue to be an island or will they provide real interoperable solutions. There’s no delusions about Cisco’s market share here but there’s also no delusion about how many heterogeneous networks there are out there too. Lets see whether Cisco chooses to answer the call or not.

(FYI – You’ll have to read Alan’s post to understand this blog post title.)

Network, Security

I love it when a plan comes together

24 May , 2007  

I always like to get my hands dirty on the projects I work on. Not programming as much anymore (I work with too many code wizards who would show me up very badly) but more the networking, security and product design and management. And I get pretty wrapped up in it too. I can’t help it because of the sense of ownership I have, and the responsibility I feel to all the people who invest so much of themselves in products.

Interop_3Every once in a while something happens where I have the opportunity to sit back and gain another perspective on things. That’s happened this week at Interop.

Almost all of my time this week has been filled with analysts, press and partner (current and future) meetings. As a result, I’ve not been able to spend very much actual time in our booth at the show. As I walked back to the StillSecure booth on Wednesday after one such meeting, I came up upon our booth and I had to take pause. I probably observed the happenings there for several minutes.

Interop_2The booth was a beehive of activity. Demos were happening at each of our demo stations, led by members of our development and QA team. The benches were filled and even more people were standing in the back to hear the presentation by our product evangelist. Marketing team and sales team members were engaged in dialog with people in the isles.

Interop_1You’ve heard quarterbacks describe how the game goes into "slow motion" where they can see all of the playing field, and the play develop right before them. I stood there for what seemed like several minutes just taking it in. The scene was like observing the movement pieces in a fine chronograph watch, all doing their part to create such highly accurate time which we take for granted all too often.

As I approached closer I was promptly handed three business cards of interested partners who stopped wanting to learn more about our programs. Then two different parties descended into two threads of a Q and A conversation wanting me to join in. Back to real time. Time for observing is over. Get back in the game.

Interop_4Interop_5_2I tell you about this because it helped me appreciate how much hard work goes into such an event. My general rule is that when things look easy, it’s because a lot of people (here and in the office) put a ton of hard work into it. Aimee, John, Rob, Sonya and Jayson for example, put in a ton of work behind the scenes. And of course there’s our entire program management, product design and product development teams. That’s why all of this looks so easy. I’m just thankful that in the thick of things, something created that moment for me to pause and take in what everyone’s hard work has created. Cherie is our trade show leader. My hat’s off to her and the entire team for all helping make Interop a success for the the company.

I love it when a plan comes together. Better even yet, when your team members’ talents, skills and passion make that plan come to life. Thanks team.

Security

Microsoft+TNC leave Cisco to go it alone

23 May , 2007  

Microsoft announced it’s support for TCG/TNC NAC consortium this week at Interop. Most were surprised but also pleased about the announcement. If you really thought hard and could read between the lines you might have guessed (maybe) that this could happen when we had Microsoft on our podcast earlier this year.

Microsoft’s support is a good thing for NAC. But it does leave Cisco in a go-it-alone spot. This also debunks the statement that many analysts take about standards; "marketshare winners dominate, everyone else support standards." (My paraphrase I’ve heard from a few analysts.) While I think this is true up front, eventually things get worked through standards bodies – it’s just a matter of does the behemoth dominate the standard or have to work with others.

At this point it begs that question, what’s Cisco’s next move? There hasn’t been any visible give by Cisco but that could change. Or maybe not. We’ll see.

Congratz to Steve Hanna and the team working on TNC.

Network, Security

10G, NAC, Security, VoIP, SMB,”You like-a?”

22 May , 2007  

BoratAt every "show", like Interop this week, a theme emerges of what the dominate product interest and announcements are about. It seems the last several RSA and Interop shows were all about NAC…NAC…NAC. Will it be a repeat again at this show? As Borat would say (smiling); "In my country, you they would like-a, 10G, a-vera mucha. NAC? You, not so mucha." (and then stop smiling).

We’re always enthralled with the "next" thing when it comes to speed and while most networks today wouldn’t yet benefit from 10G, that’s certainly where we are all headed. Heck, I even have a 1G switch in my home network. While I think 10G will be a good bit of what we heard about at Interop this week, I actually believe that this year we will hear about a wider range of interests. VoIP of course is a big topic but SMB is picking up steam too (that’s where our Cobia is focused for course). So stay tuned and we’ll see how the week unfolds.