Reply to post: Sir

SDN to bring new round of internecine office wars to IT shops

Sir Runcible Spoon
Stop

Sir

I started out in network software and then that became 'commoditized' by the tcp/ip stack being bundled with windows.

I moved into networking and that went the same way, but this time by the process of time and number of people getting CCNA certs with their breakfast cereal.

So I moved into security and I have been noticing the same kind of process happening again.

However, the further down this path we go, the more conceptual some of the actual details and the harder it is to just throw bodies at the equation (well you can, but the quality goes down).

So, the next level appears to be security intelligence - the application of security in complex environments - which requires specialist tools and knowledge - neither of which come cheap.

I'm currently involved in deploying some security products for a large client and they are all starting to talk to one another and to logging/alerting systems and it's all looking pretty good - but we are still at the stage where we are bolting all these things together and bending virtual wires with our brains to make them into the shapes we want - and the software licences aren't exactly cheap either.

For example, a multi-billion profit organisation is penny pinching and trying to cut as many corners as possible to deploy all this kit. All told it will be about $10m up to testing and BAU handover.

The problems really start then, because you need specialists to manage all this equipment and there are no 'experts' yet - so we become experts in the process of building it all and normalising the client network etc., but this means that the high level support that will prevent all this stuff turning into shelf-ware will cost about $1m/year.

Doesn't sound that much considering the assets it will be protecting, but this multi-billion dollar profit organisation is quibbling and considering outsourcing a lot of it just to save a couple of hundred $k.

So, if we have big organisations deploying expensive tools that need specialists to bolt it all together and keep it working (think of a team of racing car mechanics) trying to pinch a penny - what is the likelihood of smaller organisations a)buying the stuff in the first place and b)spending the money to make it run properly?

"SDN could allow a change in network configuration that is transparent to the attacker"

..and also transparent to the owners of the network until it is too late perhaps? Or not at all if they don't have the real-time tools to tell them what is going on and to ensure a gaping hole hasn't just been punched through their network.

Still, the more people do this kind of stuff, the more of a market it creates for people like me, but I shudder to think of how much will get broken before this level of the security tree gets commoditized.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon