Archive for December, 2006

People Are Tools…Not Appliances

December 13th, 2006 2 comments

AppliancesAlan Shimel is commenting here on his blog in this post titled "People are not appliances they’re flexible."  In this entry he muses on about vocational "flexibility" and what appears to be the "cosmic humanity" of folks in the IT/Security space.

He also keeps talking about the need to keep buying COTS hardware appliances…he’ll never learn!

Specifically, Alan’s argument (which is orthogonal to the actual topic) is that as specialized appliances proliferate, he disagrees with the fact that the operators and administrators of said appliances must also specialize.  In fact, he waxes on about the apparent good-natured ebb and flow of utilitarian socialism and how ultimately we’re all re-trainable and can fluidly move from one discipline to another irrespective of the realities and vagaries of culture and capability.

Using that as an example it seems that a help-desk admin who deploys patches from one appliance can just pick up and start doing IDS analysis on another?  How about that same  "appliance" technician reading PCI for dummies and starting to manage firewall appliances doing policy manipulation?  Sure, they’re re-trainable, but at what incidental cost?  Seems a little naive of a statement for my tastes.

Mike Murray from nCircle on the other hand suggests that Enterprises inherently gravitate toward silos.  I totally agree — emphatically as we speak about larger Enterprises.  Operationalizing anything within a big machine means that you have political, operational and economic silos occuring naturally.  It’s even a byproduct of compliance, separation of duties and basic audit-output mitigation strategies.  Specializing may be "bad" but it’s what happens. 

Appliances don’t cause this, the quest for money or the love of what you do, does.

Even if Alan ignores the fact that you don’t have to keep buying individual appliances (you can consolidate them) the fact is that different elements within the organization manage the functions on them.   Even on our boxes…when you have firewall, IDP and AV in an X80 chassis, three different groups (perhaps more) manage and operate these solutions.  Silos, each and every one of them.

Nature of the beast.

That being said, this doesn’t mean I don’t disagree that I’d *like* to see more cross-functional representation across solution sets, but it’s just not reality:

Evolution teaches us that too specialized a species is a recipe for
extinction. That is what we need from our appliance models, flexibility
and adaptability, not more silos!  We need to break down the silos and
have interaction among them to improve productivity.

One could take that argument and extrapolate it to explain why people are so polarized on certain issues such as (for example) security and its ultimate place in the Enterprise: in the network or in specialized appliances.   

Innovation, specialization and (dare I say) evolution suggests that survival of the "fittest" can also be traced back to the ability to not just "survive" but thrive based upon the ability to adapt in specificity to what would otherwise be an extinguishing event.  Specialization does not necessarily infer it’s a single temporal event.  The cumulative or incremental effect of successive specialization can also provide an explanation for how things survive.  Take the platypus as an example.  It ended up with a beaver’s tail and a duck’s bill.  Go figure. 😉

What’s important here is the timing of this adaptation and how the movie plays forward.


BeanSec! December 20th 6-9pm…

December 13th, 2006 1 comment

We’ve now established a regular schedule for the BeanSec! events; the third Wednesday of each month.
So you can mark your calendars now for December 20th at 567
Massachusetts Ave. Upstairs at the Enormous Room from 6-9pm.

For the uninitiated:

BeanSec! is an informal meetup of information security professionals and academics
in the Cambridge/Boston area. Unlike other meetings, you will not be
expected to pay dues, “join up”, present a zero-day exploit, or defend
your dissertation to attend.

The location is the Enormous Room (map) in Cambridge. 

— The BeanB0yz!


Categories: Uncategorized Tags: