RSA 2006 Observations
This week my company and hundreds of others descended upon the McEnery convention center in San Jose for the annual RSA show. We had great traffic and managed to have scores of conversations with potential customers and partners. While the fact that I am in this space should serve to temper my enthusiasm, the show was all about identity and controlling it at the network edge. There were many new startups as well as established players talking about security enforcement in the campus through user authentication and endpoint posture checking. This only serves to solidify my thoughts around the emerging role that network identity management will play in the coming years. Writing policies within each of these enforcement devices does not scale long term and will lead to compliance challenges, not to mention excessive opex costs. Centralized user and device policy seems like a much more scalable way to go long term given the desire for consistent user access rights paired with the heterogeneous reality of today’s networks.