Mixing Security and Systems Management

BigFix CTO Amrit Williams shares his thoughts on the convergence of systems management and security and what that means for endpoint security and IT operations.

The convergence of systems management and security management is top of mind in IT shops, and vendors in both spaces are making acquisitions and product moves to break into the space. Symantec acquired Altiris, IBM bought Internet Security Systems, Microsoft captured FrontBridge and McAfee conquered Citadel Security Software. BigFix, a systems management vendor, has been watching the trend since 2004 and has plans of its own. BigFix Chief Technology Officer Amrit Williams recently spoke to eWEEK's Brian Prince about what this convergence means for IT shops, vendors and BigFix's plans in 2008. Here is an edited version of the discussion.

When did BigFix begin to notice the convergence between systems management and security management?

At the end of 2004 [and] early 2005, with an explosion of spyware and the demands of compliance driving organizations to deploy more disparate technologies at the desktop, systems manageability became a critical function. Managing multiple point products, especially those with poor central management and reporting functions, was more important than just features and functions. During this time many organizations were pushing more security functions into the operations team (those responsible for desktop management).

We definitely saw that systems and security management [were] going to converge. We saw this on the acquisition side, Symantec acquiring Altiris, IBM acquiring ISS, for example, Microsoft acquiring FrontBridge. So there was definitely movement on systems management companies to provide security management, and visa versa, McAfee acquiring Citadel for example. And we definitely felt we could address those concerns in a very efficient and effective way. That's one of the reasons we were going after that.

Another thing was the endpoint protection platform, which was the commoditization of things like AV [anti-virus] and organizations looking to have vendors to provide more for less. We don't just want AV, we need AV, we need anti-spyware, we need personal firewall, and you know what, we want to get it from a single vendor and we want it to be lightweight and we want it to have a common management infrastructure. So we were definitely able to bring those types of things to market quickly and position ourselves with a very good, strong position in the market against some leading security vendors in that space as well.

How do you see this convergence affecting endpoint security products and the birth of the endpoint security platform?

The Endpoint Protection Platform ... was definitely a result of the need for greater integration and systems manageability between what were disparate security point products. Through 2008 and 2009 the EPP market will adopt more systems management functions, such as asset discovery, patch and configuration management as part of its core offerings.