RSA Tuesday Keynotes

RSA 2007, Security

I’m still digesting all the info we got from the keynotes today.

Some quick and dirty observations; Microsoft’s proposal that IPSEC and
IPV6 are the next great delineation tools that will replace physical
network segregation is a lofty goal. IPV6 really hasn’t taken off yet
and IPSEC networks are stiil the stuff of military-grade networks.

The over-arching theme of the conference is securing the information
asset as opposed to securing the perimeter that they contend is
dissolving. They’re also repeating what SANS has been saying for
years; defense-in-depth is the best solution.

Of course, being an RSA conference they’re championing data encryption
as a fluid defense that is superior to the static, ‘barrier’ security
currently being deployed by the industry I agree with this whole
heartedly and the marriage of RSA and EMC looks promising in that
aspect.

Symantec took a nice jab at Microsoft by stating its aa conflict of
interest for the operations platform vendor to be responsible for the
platform’s security. That earned a solid round of applause. Now if
only Symantec could make a better AV product, they could back up that
statement.

Lastly, I can’t moderate comments on the road, so excuse the delay in
comment moderation. I’ll moderate them as soon as I get an
opportunity.

posted by Michael on 02.06.07 @ 3:31 pm |

You can turn what Symantec says and wonder about whether “defense in depth” should all be managed by one vendor, maybe even with one “all-encompassing” framework of applications?

I’m still not convinced the perimeter is dissolving. The perimeter is just being crossed more often by accepted means.

Upon reflection, I guess it just depends on how you look at it. System-centric, network-centric, data-centric…the perimeter is different for each of those questions. Sadly, I think vendors and sales/marketing use and abuse those different views to suit their needs. :(

Securing the information asset is not new either, but it is funny to hear and see such hype from the sales/marketing folks, and how excited and enthusiastically they latch onto this “new” thing.

By LonerVamp on 02.06.07 4:25 pm

I’m with you. My perimeter is still there and still needs securing and quite frankly, I’m very happy using NAT instead of having all my machines with a locally-assigned public address (IPV6).

By Michael on 02.06.07 11:33 pm

RSS feed for comments on this post. TrackBack URI