The convergence of systems management and security management is top of mind in IT shops, and vendors in both spaces are making acquisitions and product moves to break into the space. Symantec acquired Altiris, IBM bought Internet Security Systems, Microsoft captured FrontBridge and McAfee conquered Citadel Security Software. BigFix, a systems management vendor, has been watching the trend since 2004 and has plans of its own. BigFix Chief Technology Officer Amrit Williams recently spoke to eWEEK’s Brian Prince about what this convergence means for IT shops, vendors and BigFix’s plans in 2008. Here is an edited version of the discussion.
When did BigFix begin to notice the convergence between systems management and security management?
At the end of 2004 [and] early 2005, with an explosion of spyware and the demands of compliance driving organizations to deploy more disparate technologies at the desktop, systems manageability became a critical function. Managing multiple point products, especially those with poor central management and reporting functions, was more important than just features and functions. During this time many organizations were pushing more security functions into the operations team (those responsible for desktop management).
We definitely saw that systems and security management [were] going to converge. We saw this on the acquisition side, Symantec acquiring Altiris, IBM acquiring ISS, for example, Microsoft acquiring FrontBridge. So there was definitely movement on systems management companies to provide security management, and visa versa, McAfee acquiring Citadel for example. And we definitely felt we could address those concerns in a very efficient and effective way. That’s one of the reasons we were going after that.
Another thing was the endpoint protection platform, which was the commoditization of things like AV [anti-virus] and organizations looking to have vendors to provide more for less. We don’t just want AV, we need AV, we need anti-spyware, we need personal firewall, and you know what, we want to get it from a single vendor and we want it to be lightweight and we want it to have a common management infrastructure. So we were definitely able to bring those types of things to market quickly and position ourselves with a very good, strong position in the market against some leading security vendors in that space as well.
How do you see this convergence affecting endpoint security products and the birth of the endpoint security platform?
The Endpoint Protection Platform … was definitely a result of the need for greater integration and systems manageability between what were disparate security point products. Through 2008 and 2009 the EPP market will adopt more systems management functions, such as asset discovery, patch and configuration management as part of its core offerings.
Any Device, Anytime, Anywhere
You guys did a serious upgrade of the BigFix platform with Version 7.0.Tell me how you plan to leverage that looking at 2008?
Part of our vision in terms of BigFix-and this isn’t just through 2008 but probably for the next three to five years-one of our strategies is ‘any device, anytime, anywhere.’ We already support a large number of [OS] platforms, so Windows 95 through Windows Vista, Mac OSX all the way up to 10.5 Leopard, AIX, HP-UX, Solaris 2.5 all the way up to 10, Red Hat Linux … so part of what we’re doing is expanding our footprint in an organization so that they have a very pervasive view across what is a very heterogeneous IT environment. And then we are also planning to look at, well, How can we provide that same level of visibility against storage devices and networking devices and SCADA [Supervisory Control and Data Acquisition] or manufacturing devices?
I think 2008 is when we are going to see a tipping point for mobile device management, and we are delivering in Q1 our agent support for Windows Mobile 5 and 6 as well as Windows CE, which provides basically full command and control over mobile devices integrated into the BigFix platform. So an IT organization has the ability with the same console, with the same agent technology, with the same platform, with the same reporting infrastructure, to report against Bob in accounting’s laptop and Bob in accounting’s Windows Mobile device or BlackBerry or whatever the IT device is.
And I think why this is going to be important in 2008 … I believe that was spurred on by what we’re seeing with the iPhone, which is a device that is far more than just being used for e-mail and calendaring. We’re entering an era where these handheld devices, pushed by essentially a consumerization of IT, will have storage capacity and application usage that goes beyond just e-mail and calendaring. So you are going to see IT organizations struggling: How do we manage these new devices? How do we look at security polices around them? How do we look at distributing and enforcing configurations on them? How do we ensure that they are running the right applications? How do we manage these things?
There are really two camps right now. One camp is saying you need a separate infrastructure … that is extremely costly for an organization to deal with. They essentially need to create a mirror or parallel IT organization to handle those devices. What is far more likely … is mobile device management is really something [customers] need to look at internally, and [customers] need to integrate it and unify it with my traditional IT operations. So the guys who are responsible for doing desktop and laptop support, those guys also need to be responsible for mobile device support.
What will make the silo between IT management and security folks go away?
It’s not that the silo’s going away; what it is [is] job responsibilities will change and organizations will need to look at security and systems management as IT initiative[s]. What will happen, though … what used to be siloed security tasks are becoming more operationalized and run by the IT operations teams and the security team [needs] to focus on more of the security policy definition, on the auditing aspects of what IT does. There’s a couple things that make me think this way. There is a cost initiative here. Just the cost of managing separate infrastructures that have overlapping capabilities from security and operations is putting a huge drain on IT budgets, and the reality is that IT budgets are not increasing at a rate that can support the expansion of agent technology.