Well, another week at the RSA Conference is in the books. I must say that this was the best conference that I’ve been to in many years. I was thrilled to see the security industry back and stronger than ever. After a few slow years, the conference was packed and there was excitement in the air (our friends Alan Shimel (here) and Mike Rothman (here) agree).
Of course, we saw the mega-trends (cloud, virtualization, big data) in full force. But I was struck by how strong the firewall segment of the industry continued to be. It was good to see our friends at Juniper, Check Point, McAfee and Fortinet be so well represented with big booths and even bigger attendance. Next-generation firewalls continued to have a lot of buzz around them, led by our partners at Palo Alto Networks, and it was exciting to get a closer look at the newest entry into the enterprise firewall market, a datacenter firewall from our long-time friends at F5 Networks.
What I took away from the conversations that I had, including leading a panel discussion on the state of firewalls to a packed house of 600 (more here), was that firewalls continue to have an important place in the network. And I say that for a very practical reason, because I realize the we could secure every host on the network individually. But the explosion of computing power that has led to incredibly dynamic, ever-expanding virtual datacenters has further solidified for me that we need a common place to enforce our access controls — and the network is the right place to do that. Now, how we enforce controls will change (purpose-built firewalls are quickly becoming a reality), and you should choose the right tool for the job given the particular problem you face. But there is still a great economy of scale to controlling a few ingress/egress points instead of managing a policy on every host.
The other theme that I heard from the folks who stopped by our booth was that they were overwhelmed by the vulnerabilities on their networks. One gentlemen confided in me that he had 85,000 hosts on the network and even more vulnerabilities than that. I showed him our new Risk Analyzer product, and how it could map those vulnerabilities in context of the network security protections he already had in place and measure the true risk of exposure from his threat sources. My message to him and others was simple: stop managing vulnerabilities and start managing risk.
That’s the vision behind our Risk Analyzer product. Risk Analyzer is a proactive, complete network attack simulation and risk measurement solution allowing you to assess the security of your most valuable assets. Ready to change your perspective on network security? Learn more about Risk Analyzer at http://www.firemon.com/riskanalyzer.