Looking back: What happened?
We are seeing the beginnings of an evolving security architecture standard approach, says Peter Stephenson, technology editor.
Was it just another one of those years when we in the labs plodded through endless deliveries of appliances, endless downloads of software and countless hours on the phone? Nope. Not on your life. There were a few frustrations, of course, but it wasn't those. Our frustrations were sorting out the changes in the security marketplace that were taking place under our noses, building a new lab and experimenting with new techniques for testing endless batches of products that didn't seem to be what we expected. Ever.
Judy Traub, our intrepid editorial assistant, tore out hair in batches every time she thought that she had a group of products assembled and found that the ball game was changing even as she was on the phone. SC Lab Manager Mike Stephenson built an entire new lab to accommodate the changes that we were seeing. Director of SC Labs Operations John Aitken moved far fewer boxes through the lab because many of the appliances we received were virtual, not physical.
And the lab dogs? They got petted and cuddled a lot more than usual. It really is true that petting a dog or cat has a calming influence on us humans. Ask the SC Labs crew. Before you get the idea that it was a chaotic year, I should say that for all of the changes we saw, there were none that really put us off. Overall, it was the smoothest year we've seen in the SC Labs. One of the reasons was that almost everything we received worked and worked well. We learned to cope with change pretty quickly and it became our modus operendus.
I would characterize 2009 as a year where we saw our industry's products really mature. What, exactly, do I mean by maturity? We saw products that knew what they were, did what their developers said they would, and were harder to differentiate from each other than at any time I can recall since the mid-1980s when I started doing reviews. When you get 10 or 15 products in the lab and they all work well, you are hard-pressed to select a Best Buy and you really have the makings of a pretty solid marketplace.
This month we look back on our selections over the year and we invite you to see them in a new light: the light of products that are intended to support the defense-in-depth of the enterprise as a group. We saw an increasing tendency for products of different types to interoperate. We saw products that were designed more as platforms for snap-in modules than full-blown one-size-fits-all appliances. And we saw the emergence of a new buzzword: ecosystem.
One of my favorite products, for example, is expanding its capabilities by letting its ecosystem partners do it for them. Not only is this very smart business, it is very good news for us users. What really is happening here is that as the perimeter gets fuzzier and fuzzier, the tools we use to protect the enterprise are becoming more and more aware.
Never in my 45 years in this business have I seen such fine examples of "coopetition." Competitors are becoming friends, products talk to each other, APIs are the order of the day, and if you don't play nice with others you are not going to make it as a product. Our top products this year all fit this mold and, moreover, they succeeded where other, more proprietary and closed products did not.
What does this tell us about the future? I'm not sure. If I take the past year in the context of our innovators, I would say that we are likely to see more of the same and it will become more refined. An example of this is something about which I have been – needlessly it turns out – concerned over recent years: the tendency to put everything at the perimeter causing a single point of failure and defeating defense-in-depth.
First, single point of failure has become a no-brainer. We have better fail-over and redundancy capabilities than ever before and they are more universal on products of every kind that must go on the perimeter.
The second problem is both far greater and a far greater opportunity. As the perimeter shrinks to nothing, how we protect our enterprises is more critical than ever because we are creating – on purpose – a potentially dangerous porous environment. Along comes defense-in-depth and demands that we create a synergy between the perimeter protections and the endpoint.
That works well, and now we are seeing the beginnings of an evolving security architecture standard approach. A good thing, too. We have all of these new products standing by to implement it.