I appear to have touched a nerve with Alan Shimel and inspired him to get out his FUD gun. A trait that he apparently dislikes in others, but is ok when he is holding the double barrelled, fully automatic, laser guided version with the big bullets.
Let me first say, "Those that can, do, those that can't, teach". Alan has spent a good number of column inches devoted to pontificating about our second rate this and that, how we have mashed up a bunch of old technology, and ends by giving me a history lesson in NAC. Alan, I bow down to your superior historical knowledge, but I'm not interested in being a history teacher, I'm interested in shaping the future. So you keep teaching history to the young 'uns, but try to avoid teaching subjects like "Other People's Technology Innovation 101" when you are not in possession of the facts. Our technology is neither old nor second rate, but if it let's you sleep better at night believing that, so be it.
Come on Alan, get back on point. My "tirades" are arguments based on technology and architectural approaches to solving a problem. At no point have I ever said that "pre-connect posture checks and such are useless". What I have said is that it's not a hard technology problem to solve. Look around, there are a myriad of vendors out there all claiming to do it, you and me included. Hell, there are even some organizations building it themselves from Open Source in their spare time. I'm a great believer in posture checks, I just think that it's one element of the solution. So if there is an approach that can extend the scope of the NAC solution and offer deeper and broader security, while enabling other benefits such as increased IT cost savings, and new business initiatives, isn't it worth looking at? You were in New York in June Alan, and heard our customer from Upper Canada District School Board describe how he has saved significant IT resources and solved the problem of Cyberbullying in an entire school district with 40,000 students by deploying 5 of our appliances. I didn't hear a single other customer from that panel describe such an extensive deployment, articulate tangible IT cost savings or talk about the fact that they are now able to do things that they couldn't achieve before.
Now to deal with some of the FUD:
1) Yes, I disagree with Alan and Mike Fratto on a couple of issues. It's called debate and it's healthy
2) We have plenty of customers, thank you very much. In fact I just spent an entire analyst inquiry day with Gartner and shared a lot of information with them on this topic. You really lose credibility when you have to resort to mud slinging about someone's business, especially when you're wrong.
3) Yes we sit in-line, no that doesn't mean your network goes down if the appliance fails. Like any other in-line device we have high availability options, some of which are very innovative and won't cost you extra.
4) No our firewall is not based on IPtables, our IPS is not a bunch of 30 day old SNORT signatures and our switch is not a second rate Linksys or D-Link (we have customers who have selected us over Cisco so I think that speaks for itself). I'd love to understand where Alan gets his deep insight into the technology innovations that we have made. Again, you lose credibility when you pontificate about things without possession of the facts.
5) We have a team of 8 dedicated security research engineers in our Nevis Labs group who have been credited with finding 11 vulnerabilities in major OS's and applications in the past 6 months. So, we're not just enforcing patches to vulnerabilities in the pre-connect posture check, we're out there contributing to the security community as a whole by finding the vulnerabilities in the first place.
6) Don't even get me started on the FUD around performance. Let me simply state that the reason we spent 2 years building an ASIC is because we believe that performance is at the heart of the solution and how it relates to the real world problem. There are a host of patents filed and our innovation in this area is exceptional (even if I say so myself :-))
7) You know what? I'm tired of responding to FUD. If someone wants to have a debate about architectural approaches to solving customer problems, please let me know.
At the end of the day, our product is not perfect, nobody's is, but adding more features to a solid architectural foundation is easier than trying to change that foundation after the house is built.
//Dom
Comments