Innovate or die for 'next generation' security

gallery

If you don't innovate as a company, you will not survive in the current market.

This may seem an obvious sentiment from Nir Zuk, chief executive (CEO) of Palo Alto Networks, but his comments on which companies had passed away were a little more risky.

Speaking in the opening keynote at this week's NetEvents in Barcelona, Zur spoke of the "death" of a number of companies, but his focus fell on two goliaths of the mobile and software space.

"Nokia, they are a dead company," said the CEO. "Consumers aren't spending hours in line to pick up a Symbian smartphone are they?"

"Anyone have a Microsoft phone? Anyone using them for search? Or webmail? What happened to Microsoft compared to Apple? They stopped innovating. They thought they ruled the world... then stopped innovating."

Zuk said everyone, including the companies themselves, thought they were invincible but instead of Bill Gates gracing the front cover of Time Magazine, it was Facebook's Mark Zuckerberg et al instead.

Security hasn't evolved

Zuk isn't a mobile man and his background is security. He claimed, however, the same lack of innovation was facing his industry.

"We are using the technology that was developed in [1995] to protect today's internet... nothing has changed," he said.

He said the internet 15 years ago was only about web browsing and email and the only way of getting a virus was through a floppy disk.

Now, there were applications galore and the security department had turned into "Doctor No," blocking any other application they felt they couldn't secure or, more dangerously, just allowing applications to run on networks regardless of the security issues.

"The conventional approach is... enterprises spending a lot of money on securing web and email. There is $10 billion (£6.2 billion) a year spent on securing two applications... [but] zero is spent on protecting other applications," he added.

Security: The next generation?

Zuk's "simple" answer was to use a next generation firewall, spreading the saftey features of web and email, such as anti-virus or data leakage detection, over to all applications.

"You regain visibilty and control, can actually start seeing your network and, more importantly, you can safely enable the workforce to use these applications," he said.

"In essence your IT department... will never say never again. If you ask to use an application, they will say yes and enable it."

Current firewalls classify packets at their port and protocol. Zuk claimed the next generation firewall classified packets at a much more basic level.

"At a very low level, it classifies which application is being used, who is the user and what they are using it for," he said. "Everything else is done based on that."

By using this method, Zuk believed you could both control the use of applications but secure without blocking.

"Whatever you do for web and email needs to happen in all other applications," he concluded.

Email to a friend

Print this page