Security Pie

The ramblings of three security curmudgeons

Solutions, systems and products

without comments

When is a widget a solution, a system and/or a product? Is my car a product: a box with 4 doors? or is it a system consisting of liquids and gasses and salespeople and servicing dealers? or is it a solution to my problem of getting around Los Gatos, or from Los Gatos to SJC?

When I buy this car, what should be my POV? Should I be looking at it as a solution to the problem of getting around? Most cars fit that bill well, so perhaps I should by the first car I see. Should I regard it as a system and consider after sales support? Or should I just be looking at it as a product as measured by the torque or MPG?

Now to the point: How do I judge security solutions/systems/products?

For products, the old “feature/function/benefit” deal works. A firewall is a firewall. Perhaps easier to manage, but all that affects is the TCO which is difficult to forecast anyway.

Is it a system in that it is important that an AV company has a process to find new viruses and product features that allow them to provide upgrades? Or is it sufficient that the AV just has an upgrade feature with no discernable way to get new viruses from the field? Many security researchers will agree that it is the system behind the AV that is important. Otherwise the AV would be outdated.     

In the AV case, the system is hidden by the product. When choosing an AV, it is difficult to ascertain which AV provider has better methods, better processes, better and faster analysis and better access to virus sources. So how do we choose? Well, for most security professionals, the answer is to either choose based on “out-of-bound” parameters, such as “who is my strategic vendor” or “who is faster”.

An interesting approach is taken by Benny Czarny, who’s company, OPSWAT makes an aggregator that integrates most of the virus engines into one. Called Metascan http://www.opswat.com/metascan.shtml, this engine cleverly resolves the problem of assessing the back end of the AV provider by eliminating the need to make a choice. Just license them all, or a subset, and your risk will be reduced.

But what about other solution/systems/products out there? As a decision maker, how do you gauge the service aspect of the product?

Comments welcome.

/al

Written by assafl

October 31st, 2008 at 12:13 pm

Posted in Uncategorized

«
»

Leave a Reply