Here's some interesting spam that I just found in the 'home' box...
Not entirely relevant – A lot of those vuln’s aren’t necessarily – well, vulnerabilities, when your network or ‘virtnetwork’ (aka 'HyperVisor') can patch things for you. And with the onset of IPSEC in the transport combined with native 64 bit computing, the year of the ‘virtsec’ may be as short lived as the Clinton era boom of ‘whY2Kare’.
My summary, they know it too. But feel free to come to the '08 bandwagon party, "they’ll" be glad to take your money.
From: Gregory Ness [mailto:ness.greg@bluelane.com]
Sent: Tuesday, February 19, 2008 10:59 AM
Subject: CSO- Half of 2006 Vulnerabilities still not patched; 2008: The Year of VirtSec
| Dear Paul:
Last month I shared Computerworld's cover story about the sad state of net security. Last week CSO Magazine reported that half of the announced 2006 software vulnerabilities haven't been patched. That may be why you might find my latest blog about virtualization and the state of network security to be a bit provocative and yet hopefully well-grounded. In it I'm recommending something that former Gartner VP Richard Stiennon predicted in 2003: the consolidation of network IPS functionality into the firewall:
The new security equation: S= NGFW+SIPS
This new world makes perfect sense when you consider the new demands of virtsec and the strengths of new architectures and approaches. The firewall goes multifunctional and server security decouples from the tired low layer netsec hardware and signature-driven arms race. It becomes the inner circle layer that delivers security that is vulnerability-centric, that knows the software and protocols enough to protect without arresting the innocents and creating a disturbance and wasted jail space, etc.
The virtualization vendors who get this advanced view of where the data center is going should be pre-packaging NGFW with S-IPS as a way to quickly invade the data center without the complexity, noise and latency associated with the old world. That would allow them to exploit the power of the hypervisor layer across the long term while delivering a highly-focused solution set that leapfrogs the complex, FUD-ridden status quo of tired boxes we call netsec today.
Next month I'll be speaking at the Data Protection Summit and next week I'll be attending VMworld Europe. If you're around stop by and say "hello".
Sincerely,
Greg
Gregory Ness
Vice President
Blue Lane Technologies
10450 Bubb Road
Cupertino, CA 95014
ness.greg@bluelane.com
408.200.5233 |
0 comments:
Post a Comment