There is a battle underway for control of the enterprise desktop, a battle that will wage horizontally across security and operations. Centralized management and agent integration will define the winners as enterprises look for greater control over what has been a disparate set of desktop technologies.
Historically desktop support has had to worry about 2 and in some cases 3 agents that require central administration and management – that is they are dynamic in nature and require consistent updates or periodic configuration changes. Centralized management, although important, has not driven the need for a single or reduced set of agents until recently. The past 1.5 to 2 years has seen a significant change in the threat landscape, and an increase in regulatory pressures, requiring business to deploy a minimum of 3 but usually more separate security and operations technologies, such as antivirus, anti-spyware, personal firewall, host-based intrusion prevention, NAC or policy enforcement, encryption (for laptops mostly), content monitoring and filtering (or extrusion prevention), vulnerability management, patch management (different than VM but that is a different post), software distribution, configuration management, policy compliance, and others. How does this complex set of technologies become simplified? Well, simplicity involves two major processes: eliminating redundant elements and integrating disparate elements into a common work-flow or process.
Although traditionally agnostic or at least accepting of shared desktop real-estate, traditional security vendors will push into operational aspects of desktop support and traditional operations vendors will provide more security-oriented capabilities. They will all market integrated, centrally managed agents or a single agent, that promise to address a broad-set of functions.
Best-of breed battles will be fought but not won. Emerging threats and the dynamic nature of business and technical innovation will create a need for new desktop solutions, but the companies that offer the broadest set of security and operations functions will win the war for the desktop. One agent to rule them all and through a console bind them! I will leave it up to the reader to define which vendors represent Sauron and which ones represent the fellowship.
Of course we could just go back to a thin-client architecture leveraging enterprise applications delivered through web services, producing an 80% or more reduction in security issues and significant reductions in costs…but that level of elegant simplicity would just be silly.