Jon's Network

Because the truth is nobody cares about standards – everyone cares about what you can do with interoperable systems.

Amrit wrote recently about The Birth of the Endpoint Protection Platform. Fitting for the guy that wrote about the death of AV by the end of 2007 (3 more months to go!). Amrit believes the current laundry list of operations and security agents that run on our desktops are costing far more than the value they provide when you look at them as a whole. You can save a ton of time and money by consolidating all of these into a single client. That sounds good to me and it is evident that the vendors are going that way. Symantec is trying to meet the demand and Sophos preaches the same thing. Although until now Sophos have left the operations part out of it. (I expect them to change that)

Hoff the visionary thinks the one master-agent approach is just the beginning of another problem and not a real solution:

Granted, we’re seeing the same sort of consolidation occur on the software side with “super agent endpoints,” but these pieces of bloatware can be worse than stacking individual agents up, one against the other. Security in width (not in depth) will become our undoing and the benefits of consolidation wear off when you end up with a “single vendor’s version of the truth” that ends up being a jack of all trades and a master of none.

What’s Hoff’s solution?

We all know that what we need is robust protocols, strong mutual authentication, encryption, resilient operating systems and applications that don’t suck.

I totally agree with Hoff. We wouldn’t need most of the agents if our operating systems and protocols were better designed. But what are we going to do today and tomorrow? We aren’t going to have new protocols, OSs or apps. For now, we are going to have to settle for agents that, like a doctor’s drugs, do nothing to cure the ailment but suppress the symptoms fairly well.

Hoff knows this, and settles for what basically amounts to the BigFix approach:

But because we can’t wait until the Sun explodes to get this, we need a way for these individual security components to securely communicate and interoperate using a common protocol based upon open standards.

Except the BigFix approach isn’t interoperable or based on open standards (or is it?).

There isn’t any interoperability because customers aren’t demanding it

Hoff goes on to say that he doesn’t think we will ever see this type of interoperability among vendors because of greed. I wouldn’t blame greed though, unless by greed he means an unwillingness to collaborate because they believe their value lies in their micro-monopoly patents and their ability to lock customers in their solution. (Little do they know, that they are making themselves less valuable by doing so.) No, there isn’t any interoperability because customers aren’t demanding it.

Marcus Ranum said as much in an interview over two years ago. He mentions that standards committees are too slow and vendors are too concerned about their patents and their supposed market to agree to let committees like the IETF approve standards. Marcus’ solution:

I think we could do away with the whole standards thing very easily if a few customers just exercised their economic power a little bit intelligently. Big customers have huge power, but they seem to have forgotten that. If the CTOs of 10 FORTUNE 500 firms announced that they were deferring further purchases of VPN products until they saw proof of interoperability, and open published specifications that weren’t encumbered by patents or licenses, the whole market would standardize practically overnight. Because the truth is nobody cares about standards – everyone cares about what you can do with interoperable systems. If customers just openly refused to do business with vendors that produce non-interoperable systems, the whole thing would clear up really fast.

This is the solution to the lack of interoperability. In short, let the market play out, rather than relying on and hoping for central planning. If customers demand it, it will emerge. There is no reason why there can’t be multiple standards competing for market share (look at all the different web syndication standards for example). Essentially, a standard would be collaboration between vendors to make their stuff play well together so they can win business. They create frameworks and APIs to make that happen more easily in the future so they can win business easier. If customers like it, it becomes a “standard”.

In summary, Hoff thinks we should settle on standards to allow our dozens of desktop agents to communicate, but doesn’t think it will happen, while Amrit thinks you don’t need interoperability when you can do it all yourself.

You might also like:

Network Appliances Need More Interoperability

Why Network Appliances Suck and What to Do About It.