Rabu, 03 Agustus 2005

Anything That Blocks Access Is A Firewall

Just now I was reading David Cowan's blog. David is a partner at Bessemer Venture Partners. This means he is paid to gamble with rich people's money by helping to fund new companies. If a start-up succeeds, the investors get a nice return on their investment. One of David's funding recipients is Determina, whose CTO is Saman Amarasinghe.

So why does anyone care? I think this ad from the Determina Web site is interesting:

<

I've heard of an intrusion prevention firewall, a database firewall, and even a human firewall, but this is the first memory firewall. The technology has been public for about a year, but it's starting to make new appearances in articles like this.

Clearly Determina is following the standard start-up model.


  1. Invent product.

  2. Brand product to create a new market not filled by others, even though product is similar to others.

  3. Claim market leading product in newly created market.

  4. Profit!


In other words, a "memory firewall" is more commonly known as a host-based intrusion prevention system. I think I like the term memory firewall better than HIPS, since its use of the term "firewall" properly refers to a product that blocks access. Whether their implementation is better than other HIPS is beyond my ability to speculate!

I'm wondering if anything that restricts actions on a host should be called a host policy enforcement system (HPES) and anything that restricts actions on a network should be called a network policy enforcement system (NPES) While accurate, neither term is catchy nor easy to say. I see Tina Bird used PES to refer to Cisco NAC and Microsoft NAP in this article. PES is also associated with 802.11X.

0 komentar:

Posting Komentar