Firewall Wizards mailing list archives
Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG)
From: Chris Blask <chris () blask org>
Date: Fri, 26 May 2006 16:11:55 -0400
At 09:42 AM 26/05/2006, MJR wrote:
ArkanoiD wrote: It's not a matter of funding - it's more a matter that there's no economic niche in which someone could offer such a thing and survive to continue doing so.
.d.
base of maybe 2% of the overall market. Which, in the words of Peter Kuper "that's not a market, that's a hobby."
And Peter is entirely correct. I guess the real thread here is whether this trend we're discussing is good or bad, and the answer is: "both".
Kuper gave a talk I attended a year ago, or so, which was really sobering and very thought-provoking. In it, he pointed out that if you took the total US spend on computer security, and subtracted out of it the security revenues of the top 5 players, you've only got something like 4% of the target revenues remaining. So there are 800+ security-related companies fighting over that 5% and even if you assume the revenues get distributed evenly that's something like $20 million / year apiece. When you add to the mix the fact that most of the 800+ security companies on the market are VC funded in some way, and are not profitable, it means there's going to be a great big die-off coming in the not-too-distant future. Throw the open source "X factor" into the mix and it gets even more explosive - if you're a small start-up producing a decent widget and some open source project comes along producing a 95% decent widget you're likely to see your economic niche shrink to a thread overnight.
That talk by Peter and a couple chats with him since enforced my view of the next blask-venture.com - if you aren't doing something very very interesting or opening a new space, you're wasting time. There are n-to-the-nth startups out there with ideas that sound to me like: "...yeah, but *this* mousetrap uses special cheese!...", or couldn't recognize market needs to save their antique computer collection. 7xx+ of those 800 startups deserve to die for one reason or another. You can't just create a firewall/sensor/auth solution and expect the world to fall at your feet anymore.
We are lucky XML firewalls became reality, thanks to people who made those.I'm on the fence about that one. Having XML firewalls is kind of luck having a nice band-aid to put over your sucking chest wound. Well, it's great, but you'd rather not have had the sucking chest wound in the first place.
<grin> "Don't go changin'!" I agree, btw...
And when i try to tell someone i am firewall developer, they usually think it is another stupid linux-based packet filter hacked together with bunch of freeware tools hiding its incredible uglyness behind the web interface. Even before i tell a word. Just because everyone does that and main competition is to make it cheaper....and faster. Don't forget faster! If you can't be good ...be really fast.
Yep. That's the sign of a spent market opportunity. If that's all left to raise you above the pack, you better be able to live on slim margins and low salaries. -cheers! -chris The hottest places in hell are reserved for those who, in times of crisis, have no opinion. - Dante Alighieri (1265-1321) Chris Blask chris () blask org http://blaskworks.blogspot.com +1 416 358 9885 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.394 / Virus Database: 268.7.0/346 - Release Date: 23/05/2006 _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG), (continued)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Paul D. Robertson (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 28)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Mark (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Jim Seymour (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) George Capehart (May 30)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Devdas Bhagat (May 29)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) ArkanoiD (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Marcus J. Ranum (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Chris Blask (May 26)
- cisco ssh rate limit hermit921 (May 26)
- Re: cisco ssh rate limit David Swafford (May 26)
- Re: cisco ssh rate limit hermit921 (May 26)
- Re: Integrated IDS/IPS/Firewall (Cisco ASA and Juniper ISG) Balazs Scheidler (May 28)