Embed Size (px)
Citation preview
qu
es
ti
on
a
nd
a
ns
we
r
se
ss
io
n50
Info
security To
day
March/A
pril 2006
At this conference themetaphor of the human im-
mune system has been usedquite a bit. The title of your talkat this conference is ‘Dumb ver-sus Smart Networks’, which im-plies you don’t buy into thisanalogy. Would that be right?
I’d say that it’s in a bunch of people’sbest interests to characterize the in-
formation security problem that way.So, you have this idea of the bodyfending off attack, red blood cellsheading to the scene of the infection,antibodies kicking in, and so on. Now,the body is a super smart thing that isset up to defend itself in ways wecannot even understand. So, the ideaof computer networks developing anauto-immune system is an attractiveidea. But there is nothing we havedone in computing that matches theengineering of the human body.
But it’s in Cisco’s interests to createand promote that metaphor, becausethey want keep upgrading routingand switched infrastructure to domore and more.
However, that is an uneconomical andflawed model, and it is distinctly outof place with where things are going.
To be more specific — and I’d saythis even if I were not the CEO ofAventail — it’s the internet approachto these problems versus a duplica-tion of the old PSTN/private tele-phone approach.The economics aremore compelling to use shared publicinfrastructure.And even if they werenot, the economics of the workforce– mobility teleworking and so on,mean that the bulk of connectionsare going to come from public infra-structure.
The self defending network is the‘Star Wars’ of our time — in the senseof the missile defence project thatnever got anywhere, not the moviesequence.
So what would you say toCisco?
I’d say make sure that the switchesand routers don’t fail and make it gofaster. Do security products by allmeans, but don’t make them net-work aware. Don’t make them haveto know what the Cisco router isthinking.
They are doing what Microsoft hasdone, where the operating system be-comes so monolithic that it takesthree years to get a roll of it. It is likeshipping an airplane shipping an OS,today. IOS is becoming the same.Thelikes of Aventail or F5 exist to do a lotof these things more efficiently at thehigher layers.
The lower in the network stack yourare, the slower change should be.I want a faster, dumber network.Theself defending network sounds awe-some. Everyone wants a network thatworks like the human body. But youknow what? I’d settle for a networkthat works like a highway.•Evan Kaplan co-founded Aventail in
1996.
The human immune system is being invoked more and more as a metaphorfor how ICT networks should work. Cisco CEO John Chambers regaled RSA2006 delegates last month with a story of how his company’s self-defendingnetwork concept is inspired by human biology. Others are more sceptical. Evan Kaplan, CEO of SSL VPN supplier Aventail spoke about this developmentto Brian McKenna, for Infosecurity Today, at RSA in San José.
Network futures:dumb and fast,or smart andself-defending?
Brian [email protected]
Aventail’s CEO, Evan Kaplan
