Home > Networking, Virtualization, Virtualization Security, VMware > SiliconAngle Cube: Hoff On Security – Live At VMworld 2012

SiliconAngle Cube: Hoff On Security – Live At VMworld 2012

I was thrilled to be invited back to the SiliconAngle Cube at VMworld 2012 where John Furrier, Dave Vellante and I spoke in depth about security, virtualization and software defined networking (SDN)

I really like the way the chat turned out — high octane, fast pace and some great questions!

Here is the amazing full list of speakers during the event.  Check it out, ESPECIALLY Martin Casado’s talk.

As I told him, I think he is like my Obi Wan…my only hope for convincing my friends at VMware that networking and security require more attention and a real embrace of the ecosystem…

I’d love to hear your feedback on the video.



Enhanced by Zemanta
  1. Dave Walker
    September 1st, 2012 at 10:55 | #1

    “Software Defined Marketing” – love it :-).

    Lots of good points; many virtualisation vendors decided to make their networking interfaces look like IOS as that’s what most networking people are considered to know. It doesn’t always work, and the well-emphasised point on service insertion, about opening up data flows to insert protection mechanisms reminds me of something a friend working in early dynamic datacentre technology told me back in 2003, about why DCML wouldn’t succeed; “in a scheme designed to model a datacentre, a cable needs to be a first-class object”. That would help in separating control and data planes, too.

    Auditors and compliance folk used to like classic resilient stovepipe architectures, because there was assurance that “in order for data to get from point A to point B, it has to go down this wire here, and oh look, that goes through that firewall right there”. Separation assurance is a huge thing, and assured separation of control, one party from another in multi-tenant environments, is a huge problem you’ve written about elsewhere.

    The ACL disagreement as an example of complexity introduced by vendor differences is a good one; trouble is, putting another layer on top to present a harmonised interface just adds more complexity. If “The Network is the Computer” (I was at Sun for over a decade, and some habits die hard), the computer’s looking like a VAX; lots of complicated and specialised instructions to do things which have common ground inside them, and which may do broadly similar things. Rather than keep going down that path, the computer needs to go RISC – but that would require the vendors to get together and agree on common standards for syntax and implementation at a detailed level (and I know you’ve written about this before, too).

    With networking and security meshing the way they do, you’re spot on about the risk of developments resulting in them failing to meet up nicely; with SDN developing at the rate it is, it can’t be easy for a security product vendor to produce a roadmap for 18 months out, as the world’s changing around him so quickly. In such a context, the coming-together via merger and acquisition of networking and security companies could well be a good thing, as it’s the only pragmatic way in which one area is able to influence the other in a timely fashion, and with full disclosure of what the other is doing…

    Anyway, I’m off to watch the video of Martin Casado’s talk, now. Great panel session.

    • beaker
      September 2nd, 2012 at 11:49 | #2

      Really thoughtful comment, Dave. Thanks.

      What SDN is doing to most of the security industry is forcing them to adopt *aaS models using cloud and
      distributing the processing to the Cloud…because feature velocity — even in pure software-based on-premise solutions —
      can’t keep up.


  2. September 3rd, 2012 at 20:13 | #3

    Just finally got to watch this–thanks for the shout out in here and dancing so amusingly while I was talking prior. Someday we should gather our wits about a model of what network services a ‘paas’ should expose to each app.

  1. No trackbacks yet.