The Internet of Identities: Coming Soon and Bringing Massive IAM Changes

My colleague Mark Bowker has a concept called the Internet of identities. How does this differ from the Internet of Things? The Internet of Things is about, well things – devices, controllers, actuators, etc. But these things will perform tasks, collect data, connect to other devices, etc. In other words, each device will have an identity with multiple attributes, and each of these attributes must be understood to enable good things to occur and block bad things from happening. Thus, the Internet of identities.

Topics: Cybersecurity IoT Mark Bowker IAM Enterprise Mobility

SOAPA Video with ThetaPoint (Part 1)

In the ESG SOAPA video series, we’ve spoken with leading security analytics and operations technology vendors like IBM, ServiceNow, Splunk, and many others. In this video, I wander outside of security operations technology and interview an old colleague of mine, PJ Bihuniak, COO of ThetaPoint.

Never heard of ThetaPoint? The company provides professional and managed security operations services to large global companies so it has a wealth of experience in the SOAPA domain. As for PJ, he spent many years with security operations pioneer ArcSight and knows this space like the back of his hand.

Topics: Cybersecurity SIEM security operations SOAPA ThetaPoint

Extreme Executes Against Vision with Brocade Acquisition

For the last few years Extreme Networks has been quietly executing on its vision to provide end-to-end network solutions for enterprise customers. The latest acquisition of Brocade adds enterprise-class data center switching, routing, and network analytics. It will also come with many existing customers and enough revenue to push Extreme over the one-billion-dollar mark.

Topics: Networking Extreme Networks Brocade

Gigamon Goes Private (Equity)!

Elliot Management announced yesterday that its wholly owned Private Equity Subsidiary, Evergreen Coast Capital Partners, announced a deal to acquire Gigamon. Gigamon is a market leading provider of what it calls traffic visibility solutions and what many refer to as network packet brokers.

Gigamon has always delivered premium solutions and extracted premium pricing--the most often-quoted competitive phrase in the space is that we are <insert percentage--33-50% or more> less than Gigamon. Yet Gigamon has continued to deliver innovative solutions and grow in the enterprise and service provider markets. Recently its focus on enabling security solutions has resulted in significant growth. The company was able to successfully transition from a VC-backed private company to a public company. While this transition was not without its challenges along the way – it is difficult to keep up a 30-40% growth rate indefinitely - the leadership team has worked diligently to keep the company on track. It is now entering a new phase by returning to private ownership under a Private Equity firm. So, what does that mean?

Topics: Networking Gigamon private equity Evergreen Coast Capital Partners

The Push Toward Comprehensive Endpoint Security Suites

Traditional and next-gen vendors offer suites for endpoint protection, detection, and response but what’s needed and will customers buy?

Yesterday, antivirus leader Symantec made a significant announcement about the latest version of its Symantec Endpoint Protection (SEP) product. The new version of SEP features a range of functionality including machine learning for threat prevention, endpoint detection and response (EDR) capabilities, deception technology, exploit protection, etc. – all based upon a common endpoint security agent.

Topics: Cybersecurity endpoint security Symantec Symantec Endpoint Protection endpoint security suite

Endpoint Security: The Efficient Efficacy Design Center

Efficacy and efficiency can no longer be mutually exclusive outcomes when it comes to endpoint security. Yes, organizations want their cake and they absolutely want to eat it too – they want to detect and stop more threats, but can’t incur much heavy lifting in the process. According to recent research conducted by ESG, while organizations report poor efficacy, as expressed in their antivirus software being unable to detect and prevent new and unknown threats as an endpoint security challenge, four other issues, all operational in nature, topped efficacy as pain points, including:

Topics: Cybersecurity endpoint security

SOAPA Video with ServiceNow (Part 2)

ServiceNow comes at security operations based upon its customers, experience, and products in ITSM. This gives the company a unique opportunity to bring security and IT operations together to improve communications and collaboration. Given this, Sean was a perfect person to talk with about SOAPA since a software architecture built for integration can help facilitate this objective.

Topics: Cybersecurity SIEM ServiceNow security operations SOAPA

Best Practice:  Security Operations Automation before Orchestration

Based upon numerous conversations with CISOs, there is widespread interest in automating and orchestrating security operations. In fact, lots of enterprises are already doing so. According to ESG research, 19% of enterprise organizations have already deployed security operations automation/orchestration technologies "extensively,” while another 39% of enterprises have done so on a limited basis.

Topics: Cybersecurity SIEM security operations automation incident response automation and orchestration

Apps coming back? Finding the balance with the cloud.

There is an old saying that the three most important things in real estate are, “location, location, and location.” To paraphrase that for today’s IT infrastructure buyers, the list would seem to be, “cloud, cloud, and cloud.” (If this list were for a CIO/CEO, it might be, “security, security, and security,” but more on that later.) 

Topics: Hybrid Cloud Storage Public Cloud Service

Storage Trends Research – The Impact of CI/HCI (#3 in a series) - includes video

ESG recently completed in-depth research on the state of the storage market; its own technologies and market trends as well as its key intersections to other notable IT implementations and shifts. We are presenting some of the extended highlights from the findings in multiple ESG Briefs (each focused on a particular topic), as well as tighter summaries of those Briefs in accompanying ESG videos. These will be rolling out over the next few weeks and we’ll capture all the available links in these blogs each time a new piece is posted.

Topics: Storage Converged Infrastructure storage trends research hyperconverged infastructure

SOAPA Video with ServiceNow (Part 1)

ServiceNow in security? Yes. The company has built upon its successful IT service management (ITSM) SaaS offering to bridge the gap between security and IT operations teams in areas like vulnerability management and incident response (IR). This places ServiceNow in the catbird seat. I expect big things and great success moving forward. 

Topics: Cybersecurity incident response ServiceNow vulnerability management incident response automation and orchestration SOAPA

What I Expect from AWS re:Invent 2017

AWS (Amazon Web Services) re:Invent is a large show. So large, in fact, that it won't fit into one venue. While not a crazy event like some consumer-oriented technology shows in Las Vegas, it has a key enterprise-oriented cloud show forum for understanding the scope of cloud computing solutions and integrated solutions from partners. While Microsoft has its main Ignite conference and splits off developers into Build, and Google has different conferences focused on cloud or developers, in this case, AWS puts it all in one venue. What do we expect here? Here's my snarky answer:

Topics: Cloud Computing Amazon AWS AWS re:Invent

Few People Know it's National Cybersecurity Awareness Month. That’s a Problem.

Did you know that it is National Cybersecurity Awareness Month (NCSAM)? Yup, every October. To remind US citizens of this fact, the White House issued its annual press release on September 30. In that document, President Trump states:

“This month, I encourage public and private sector organizations to work together to provide Americans with the information, guidance, and tools they need to improve their safety and security in the digital age. I also encourage every American to learn more about how to protect themselves and their businesses through the Department of Homeland Security's Stop. Think. Connect. campaign.”

Topics: Cybersecurity POTUS NCSAM National cybersecurity awareness month

Data Management Is Undeniably the Future of Data Protection

ESG has historically referred to "data protection" as a spectrum of activities that include backup, snapshots, and replication, as shown here:

Topics: Backup Data Management Archiving Copy Data Management

What Happened to the Store with Incomplete Digital Transformation

People asked me to follow up on my experience at Best Buy. Spoiler: The particular store where I had my bad experience has closed. I'll give you some details

Topics: Networking Digital Transformation

Dell’s IQT – A New Work State of Mind? (Video)

Dell hosted at least 3 varied events (that I know of) in New York last week. In terms of the future, the most important was its “IQT Day”…IQT is the acronym-progeny of IoT and IQ (“Making Things Smarter” as Dell expands it). You know that something matters when it is launched with both a new term and a new acronym.

Topics: Storage Internet of Things Dell IQT

Trend Micro’s Case as an Enterprise Security Vendor

ESG research points to a few growing trends in the enterprise security market:

Topics: Network Security Cybersecurity endpoint security trend micro antivirus SOAPA

SD-WAN Should Not Be a Scary Thought

Despite the hoopla related to SD-WAN, the concept is still alien and scary to many network service providers.

At a panel discussing SD-WAN at INCOMPAS 2017 (speakers by Multiapplied Communications, TPx Communications, VeloCloud, and Windstream; chaired by Dave Malfara, CEO, ETC Group), the speakers asked the audience "Who here is very familiar with SD-WAN?" Only a few hands went up. 

The issue is that many of the people in the audience have businesses selling the older technologies that are being supplanted by SD-WAN, such as MPLS circuits. 

But they know that changes are afoot. The title of the panel was "SD-WAN: Killer App in the Making." Are they resisting change, embracing change, or just plain confused?

I have a feeling that it's the "confusion" part since SD-WAN is so ill-defined. Is it software, devices, or the network? Or all of the above?

I bet you know the answer.

Topics: Cloud Computing Networking

RCS and Universal Communications - This Time, It May Work

An annoying fact of modern inter-personal messaging is that there are many methods. A glance at any smartphone may show many apps for messaging, video conferencing or teleconferencing such as Allo, Duo & Meet (from Google), Messenger & WhatsApp (from Facebook), Signal, Cisco WebEx, built-in Dialer & SMS text messaging, Zoom, Skype, LinkedIn, LINE, Twitter, Facetime, Messages & Facetime (from Apple), GoToMeeting, WeChat (prominent in China), and Join.me. Plus, there are many many more.

Extending to the desktop, we might find SIP softphones such as Bria, RingCentral  and cousins of the above apps that allow for multi-endpoint logins. These apps provide voice, screen sharing, and text messaging but in this blog, we're talking about the need for universal messaging.

Thus, if you want to send a quick note to someone, it’s hard to figure out what to use. Many young people don’t use voice calls anymore, so they resort to messaging. Phones do a reasonable job of associating contacts with different platforms, but you never know if they are properly logged-in to a particular system. So, messages will fail to get delivered, or auto-converted to emails that get delivered later.

Topics: Cloud Computing Networking Cloud Platforms & Services RCS

Wrap-Up on Backup from Veritas Vision 2017

It would be easy to assume that because the Veritas name has been around for more than 20 years, its products are all legacy and no longer suitable to modern data centers or IT scenarios; you would be wrong. Veritas is “back” after its divestiture from Symantecwith a laser focus on data management that very effectively narrates a comprehensive portfolio to its customers and partners.

Topics: Backup Data Protection NetBackup Veritas

SDN and Network Virtualization Revisited

The concept of SDN evolves over time. At the beginning, it was all about OpenFlow and many switch vendors adopted OpenFlow support in their devices. Later on, network virtualization overlays became popular, and characterized by products such as Cisco ACI, Juniper Contrail (and OpenContrail), Nuage Networks VSP, and VMware NSX, and open source projects such as OVN.

Topics: Cloud Computing Networking

How Enterprise Organizations Benefit from SOAPA

I’ve written about SOAPA for almost a year now, here’s a link to the original blog I posted last November. The concept seems to be catching on in the industry. I’ve had lots of industry leaders participate in SOAPA videos with me and there are many more videos in the works. 

Topics: Cybersecurity SIEM SOAPA

Box is a Platform, Not a Storage Provider

One of the quandaries of a company so well associated with one solution is that it obscures all the innovation they are working on to evolve. At Box’s BoxWorks, they continue to add to the platform with capabilities that take them away from being identified as a storage provider. It’s now fundamentally an enterprise content management and governance system. They are also a cloud platform, but not in the sense that AWS, Google Cloud, or Microsoft are. They are a cloud platform for aggregating the resources from other providers and providing structure to the content.

Topics: Cloud Computing Cloud Platforms & Services

Storage Trends Research - Flash Storage (#2 in a series) - includes video

ESG recently completed in-depth research on the state of the storage market; its own technologies and market trends as well as its key intersections to other notable IT implementations and shifts. We are presenting some of the extended highlights from the findings in multiple ESG Briefs (each focused on a particular topic), as well as tighter summaries of those Briefs in accompanying ESG videos. These will be rolling out over the next few weeks and we’ll capture all the available links in these blogs each time a new piece is posted.

Topics: Storage flash storage IT Spending Intentions

What’s Holding Back Enterprise Security Technology Transformation?

Last week, I wrote a blog about the rapid cycle of innovation happening with security technologies today – I’ve never experienced a time when every element of the security stack is transforming.

New security technologies are arriving at an opportune time. According to ESG research, 69% have increased their cybersecurity budgets in 2017 and my guess is that they will continue to increase investment in 2018. And when asked which BUSINESS initiatives will drive the most IT spending, 39% of organizations responded, “increasing cybersecurity protection.” This means that business executives are buying into the need for cybersecurity improvements all around. 

Topics: Network Security Cybersecurity SIEM CISO cloud security ISSA

Cybersecurity Technology: Everything is Transforming and in Play

As Bob Dylan sang, ‘the times they are a changing.’ This is certainly true when it comes to security technologies – just about every security monitoring tool and control is going through a profound transformation. Here are just a few examples:

  • Endpoint security is evolving from signature-based AV to next-generation endpoint security suites. ESG views endpoint security as a continuum with prevention on one side and detection/response on the other. A few years ago, upstarts pushed into endpoint security with aggressive attacks at one of these poles – Cylance jumped into threat prevention with solutions based upon artificial intelligence while Carbon Black, Crowdstrike, Cybereason, and Endgame moved into threat detection/response with EDR tools. The most recent battle is for the whole enchilada – comprehensive endpoint security suites that span across ESG’s endpoint security continuum. While startups continue to act as new shiny objects, old guard players like McAfee, Sophos, Symantec, and Trend Micro have spruced up their offerings with advanced prevention/detection/response features of their own. In the meantime, confused users are getting dozens of phone calls from vendors asking for meetings. 
Topics: Cybersecurity SIEM antivirus Firewall SOAPA

Data Protection Is (or Should Be) Increasingly Part of a Systems Management Strategy (Video)

Think about it. If I’m an IT Operations team member:

  • I provision new servers (usually VMs), but some physical and some cloud-based.
  • I patch and maintain those servers.
  • I provide or rescind access to the applications on those servers.
  • I monitor those servers for performance and uptime.
  • And when those servers go down, I am the first one who gets called.
Topics: Data Protection Jason Buffington Systems Management hyperconverged infrastructure Edwin Yuen

Microsoft Top of Mind for Business after Attending Ignite (Video)

Attendees walked away from Microsoft Ignite and Envision with plentiful ideas and possibilities. This year's event was rich in vision, innovation and business strategy, and aligns well with where businesses remain challenged with cloud, mobility, and security initiatives. Microsoft raised its game and the volume to the enterprise customer and did an admirable job shifting Microsoft to the top of minds of IT pros and business executives.

While Microsoft has made strides in the market, the company also needs to remain humble and empathize with its customers. For example, if a customer is on the latest version of Windows 10 and has strategically positioned apps in Azure while using Microsoft identity and conditional access, then they will have set themselves up with a strong security posture, but not all businesses have achieved this desired state. The onus is then on Microsoft to transform its go-to-market partners and system integrators to help create the market traction and execution success.

Topics: Microsoft Enterprise Mobility Microsoft Ignite

Insights from NetApp Insight

It was surreal flying into Vegas on Monday to attend NetApp Insight at the Mandalay Bay hotel. NetApp this week had to deal with something no company ever expects to or should have to deal with: a mass shooting at the venue where their event was to kick off the next morning.  

Topics: Netapp NetApp Insight

Storage Trends Research (#1 in a series) – includes video

ESG recently completed in-depth research on the state of the storage market; its own technologies and market trends as well as its key intersections to other notable IT implementations and shifts. We are presenting some of the extended highlights from the findings in multiple ESG Briefs (each focused on a particular topic), as well as tighter summaries of those Briefs in accompanying ESG videos. These will be rolling out over the next few weeks and we’ll capture all the available links in these blogs each time a new piece is posted.

Topics: Storage hybrid cloud IT Spending Intentions

Top Three VDI Challenges (Video)

VDI is alive and well as it helps businesses transition to Windows 10, simplify patching and updating, and deliver secure workspaces. However, when I speak with IT pros, they share common challenges that still need to be addressed by the IT vendors. While these VDI challenges have been consistent, IT vendors have an opportunity to provide further clarity for their customers. The IT vendors can also take the opportunity to help IT pros cross organizational boundaries with metrics and educational tools that help arm the IT pros with language, value propositions, and benefit analysis that tones down the IT speak and amplifies the value to the business. 

Topics: VDI Cloud Platforms & Services virtual desktop infrastructure