Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

22 June 2010

PAN - Cloud is Overrated

I like how those Palo Alto Network guys come out with new ideas every now and then. Many times their new ideas aren't more than a marketing buzz, yet I like them. But this time I do not get their point at all.

Ok, they said that they came out with End Point security solution where agents on the end points will not inspect the traffic there but rather send it to the nearest PAN Firewall/UTM to inspect it!
"The Palo Alto endpoint protection takes a novel approach to overcoming this problem. Palo Alto is developing a small agent that will operate persistently on the host, detecting whenever the client connects to a public or private network. Rather than doing the traffic inspection on the client, the agent will compel all traffic to route through the closest home network. This means that all traffic will be inspected and passed through the existing network-based next-generation firewall", Channel Insider - Secure Channel Blog.
And this makes me wonder, how many Megas - if not Gigs - do we need to have on our PC's? Will it send every single executable I touch on my PC over the wire to inspected regardless of its size, whether it is few kilos or multiple Gigs? Why should a network device be bothers for inspecting activities than happen on hosts? I really don't get it. May be I am missing some points here, so would someone please help me understand their new approach.

Tags: , ,