Monday, September 24, 2007

5 years from now!

Stuff to think about:

- PCI DSS(Payment Card Industry Data Security Standards) QSA (Qualified Security Assessor)
- NetFlow/IPFIX (Crannog/NetScout/Arbor) as networking/security is increasingly about context/relationships/visibility.
- Normalization/baselining tools a la PeakFlow, SourceFireRNA
- Visualisation and Modelling (Opnet)
- IDS/Rootkit detectors for virtualised environments.(Watch this space... BluePill/F-Secure )
- Security Metrics(emerging/huge future as currently un-quantifiable!) and audit via Skybox / Algosec
- Digital Signage, MCAST/P2P distribution JOOST style.
- Infrastructure/solutions to facilitate SoaS(Software-as-a-Service) e.g. Salesforce/Joomla/Atlassian(Confluence)/GoogleApps/Zimbra/Zoho, virtual offices whereby nodes act as client/cache/server and don't backup locally but more to Web Services akin to AWS(Amazon Web Services),S3,EC2. Managing a virtual customer's DNS and aggregating management of their services has potential?
- Mobile and mobility gateways, 3G(HSDPAv2) vs WiMAx back-haul for project offices/satellite sites and SME/SOHO
- Location based services and GIS(Geographic Information Systems)
- Identity Management via OpenID/Cardspace(InfoCard) hosted services.
- Thin clients (Neoware)
- Fixed Mobile Convergence(Still a while off!) Engin / MyNetPhone / SIP/IAX/Asterisk

Web 2.0+ has as many solutions as problems, a new middleware-tier('internet-service-bus' if you will!). Businesses will increasingly want more audit/control and lower operational overheads and greater security via thin-client computing utilizing the browser as the platform of choice, also generating secure local host based flows for compliance and reporting. Thin clients and infinitely scalable distributed computing/storage is on the way. If you don't run the data-centre processing/storage nor have the power, you'll want to control the gateways/reporting/auditing/caching and own/re-sell/manage as much of the local infrastructure/bus and back-haul as possible!

Regulatory and compliance requirements will always have a perceivable effect, especially in the financial services sector.. but with breach disclosure laws on the way in Oz the security -> landscape/consulting/auditing/accountability/visibility aspects of networks/services are not going to allow organizations to keep their heads in the sand for much longer.


gummy said...

If all of that is contained inside one average sized brain, you must find it hard to walk without falling over!


Deda said...

Meanwhile, MS want to turn us ordinary users into dumb terminals

Anonymous said...

So do I..


Deda said...

Gone over to the enemy, huh?

Roland Dobbins said...

See this preso for some thoughts on network visibility and context: