Thursday, 1 November 2007


Interspersed with my 7 Stages of Security Man posts I'm going to be talking a bit about new technologies which I'm looking at at the moment. In fact, now that I have 'Data Centric' up and running, I'm moving all my sensible, well thought out, pure security thought over there, and keeping all the ramblings and opinionated rantings over here. I wonder which will get the more subscribers?

I like little west coast tech companies, especially those who go on to become big global ones, if I have stock options. I don't (yet) have stock in PacketTrap, but who knows how well this write up will go?

I had a call from a company called PacketTrap tonight, based out in San Francisco, where I am flying on Saturday, but sadly I'm probably too busy at Ingrian corporate to go and visit them this time around. I've said I'll catch them at RSA instead, by which time they will be launching the Pro version of what I've just seen.

When I first saw PacketTrap, I had to ask myself why anyone would buy it. It has a number of tools, ping, portscan, DNS queries, whois, WMI scan, etc. built in to one device which you can sit on your network - but when I was a network admin (more on that later) I had all those tools on my laptop.
Aha, and there's the rub.
Just as routers became necessary to take the load off machines in a network, now a completely separate and distinct device is needed to investigate and manage the network. It's actually quite neat, and that's what you want in a complex network, some tidiness.

Every customer I've ever been in to has asked 2 questions (amongst others of course, just 2 would be silly):
"How do I manage 'it'?"
"What kind of reporting does it have?"
Nowadays of course we have silly devices which collect all the logs and make them into pretty pictures, just because the CFO needs something to put on his wall. We have devices which report in real time and send emails to the CIO about who's doing what with whom, where and for how long, with which instrument, because he needs something to show to the CEO when he's asked what he does all day. Reporting and management are king, they will always be king because the C-suite don't give a monkey's about what the techies are doing, they just care that something is being done and they can see the results of that. If they can then use that data to make something more efficient, or to show the shareholders that they aren't wasting money printing off reports all day, then it's gold stars for everyone.

In Silicon Valley, with a great sounding team of people on board, this start-up should do well. I think they will get some useful feedback and if they take it into consideration when producing the next 'Pro' release, we will start to see them at shows and in a network near us. The messaging will need to be right, but as long as they remember that no-one cares how much work the network admin has on, and he can automate it himself, but the CEO, CFO and CIO have all the power and money in the company, they have every chance of making this work as a product too, then maybe we can slip in something useful for the poor admin too.

PacketTrap launches on 7th November 2007, go visit their website for more info. My work here is done.

No comments: