Systems and Security Management Convergence – The Two Towers


Historically desktop support has had to worry about 2 and in some cases 3 agents that require central administration and management – that is they are dynamic in nature and require consistent updates or periodic configuration changes. Centralized management, although important, has not driven the need for a single or reduced set of agents until recently. The past 3 to 4 years has seen a significant change in the threat landscape, and an increase in regulatory pressures, requiring business to deploy a minimum of 5 but usually more separate security and operations technologies, such as antivirus, anti-spyware, personal firewall, host-based intrusion prevention, NAC or policy enforcement, encryption (for laptops mostly), content monitoring and filtering (or extrusion prevention), vulnerability management, patch management (different than VM but that is a different post), software distribution, configuration management, policy compliance, and others. How does this complex set of technologies become simplified? Well, simplicity involves two major processes: eliminating redundant elements and integrating disparate elements into a common work-flow or process.

In October of 2006 I wrote that there is a battle underway for control of the enterprise desktop, a battle that will wage horizontally across security and operations. Centralized management and agent integration will define the winners as enterprises look for greater control over what has been a disparate set of desktop technologies.

Systems manageability has become the critical evaluation criteria over best of breed widgets. This has already happened on the systems management side as multiple technologies have been brought together under the banner of PC Lifecycle management. On the security side we have seen the shift from multiple disparate agents to integrated endpoint protection platforms. With the two well-defined towers will come unification across systems and security management.

Although traditionally agnostic or at least accepting of shared desktop real-estate, traditional security vendors push into operational aspects of desktop support and traditional operations vendors will provide more security-oriented capabilities. They will all market integrated, centrally managed agents or a single agent, that promise to address a broad-set of functions.

Market convergence

The reality is that none of these companies offer the key element, which is a framework or platform that can easily provide enterprise agility, think of a blade system for the desktop that minimizes agent bloat, resource consumption, service disruption and contention issues that significantly impact the average computing experience today.

Best-of breed battles will be fought but not won. Emerging threats and the dynamic nature of business and technical innovation will create a need for new desktop solutions, but the companies that offer the broadest set of security and operations functions delivered through an agile, extensible framework, will win the war for the desktop. One agent to rule them all and through a console bind them! I will leave it up to the reader to define which vendors represent Sauron and which ones represent the fellowship.

Of course we could just go back to a thin-client architecture leveraging enterprise applications delivered through web services, producing an 80% or more reduction in security issues and significant reductions in costs…but that level of elegant simplicity would just be silly.

3 thoughts on “Systems and Security Management Convergence – The Two Towers

  1. Pingback: Systems and Security Management Convergence - The Two Towers | Patch Management

  2. The idea that we still have to add a handful of third party agents for what should be basic operating system functionality is really, really disappointing. That problem should have been solved a decade ago. It’s sort of like buying car and having to stop on the way home to get headlights and brakes added on to it because the factory didn’t include them.

    On the thin client thread, I had a vendor attempt to sell me a large thin client like infrastructure based on oversubscribed blades in the datacenter running desktop operating systems with thin terms on user desktops. They kept insisting that I calculate ROI to prove that their stuff would pay for itself. I kept insisting that they needed to market their product to me as a security solution. I’m more than convinced that the desktop security battle isn’t worth fighting to the point where we have desktops that are secure enough to be trusted.

    The solution is to put thin client and/or remote access in place for access to critical data, and build out the rest of the user-land network/desktop space assuming that it is somewhat hostile.

    I’m a SunRay guy. 😉

  3. Pingback: Security as an Operational Problem « Amrit Williams Blog

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s