mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: Chris Blask <chris () blask org>
Date: Fri, 26 May 2006 16:11:55 -0400
At 09:42 AM 26/05/2006, MJR wrote:
It's not a matter of funding - it's more a matter that there's no economic
niche in which someone could offer such a thing and survive to continue
base of maybe 2% of the overall market. Which, in the words of
Peter Kuper "that's not a market, that's a hobby."
And Peter is entirely correct. I guess the real thread here is whether this trend we're discussing is good or bad, and
the answer is: "both".
Kuper gave a talk I attended a year ago, or so, which was really
sobering and very thought-provoking. In it, he pointed out that if you
took the total US spend on computer security, and subtracted
out of it the security revenues of the top 5 players, you've only
got something like 4% of the target revenues remaining. So there
are 800+ security-related companies fighting over that 5% and
even if you assume the revenues get distributed evenly that's
something like $20 million / year apiece. When you add to the
mix the fact that most of the 800+ security companies on the
market are VC funded in some way, and are not profitable, it
means there's going to be a great big die-off coming in the
not-too-distant future. Throw the open source "X factor" into the
mix and it gets even more explosive - if you're a small start-up
producing a decent widget and some open source project
comes along producing a 95% decent widget you're likely to see
your economic niche shrink to a thread overnight.
That talk by Peter and a couple chats with him since enforced my view of the next blask-venture.com - if you aren't
doing something very very interesting or opening a new space, you're wasting time. There are n-to-the-nth startups out
there with ideas that sound to me like: "...yeah, but *this* mousetrap uses special cheese!...", or couldn't recognize
market needs to save their antique computer collection.
7xx+ of those 800 startups deserve to die for one reason or another. You can't just create a firewall/sensor/auth
solution and expect the world to fall at your feet anymore.
We are lucky XML firewalls became reality, thanks to people who made those.
I'm on the fence about that one. Having XML firewalls is kind of
luck having a nice band-aid to put over your sucking chest wound.
Well, it's great, but you'd rather not have had the sucking chest
wound in the first place.
<grin> "Don't go changin'!"
I agree, btw...
And when i try to tell someone i am firewall developer, they usually think
it is another stupid linux-based packet filter hacked together with bunch
of freeware tools hiding its incredible uglyness behind the web interface.
Even before i tell a word. Just because everyone does that and main competition
is to make it cheaper.
...and faster. Don't forget faster!
If you can't be good ...be really fast.
Yep. That's the sign of a spent market opportunity. If that's all left to raise you above the pack, you better be
able to live on slim margins and low salaries.
The hottest places in hell are reserved for those who, in times of crisis, have no opinion.
- Dante Alighieri (1265-1321)
chris () blask org
+1 416 358 9885
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.394 / Virus Database: 268.7.0/346 - Release Date: 23/05/2006
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) sase (May 25)