Page 10 - index
P. 10







(% .+% .& %%/ !#*%2 -1/%#2).- )- )0%5!++ !-$ -)4%01!+

(0%!2 !-!'%,%-2 //+)#!2).-1

By Shawn Sweeney, Procera Networks




It seems like yesterday that the first “stateful” firewall was bought to market. In fact, it was
over two decades ago that the first real commercially available product came to market. This
innovation unleashed a renewed look at the firewall problem. And thus came the crush of
me-toos and look-alikes for some number of years. Each one trumpeted with more promise
than the last.

With the advent of application-specific integrated circuits (ASICs) and their broader use in
networking products, a second wave of innovation came a decade or so later. Some new
products were brought to market, religious discussions ensued, battles started, wars lost and
companies acquired. Lather, rinse, repeat.


The hardware guys argued, and I know as I was conveniently in their camp for a while,
“anything software can do, we can do faster!” True enough at the time, but I am reasonably
certain, this too shall pass. And so it did.

Fast forward to present day. With every new product announcement exists another
application, user-profile, use case and device. Each permutation of “user context” represents
yet another way for bits to be sent and received.

Keeping up is a full time job that can no longer be easily solved by throwing minds at it or
making faster hardware. The latter always limited to what is fact today and poorly suited to
the shifting reality of tomorrow.

So, what’s a Product Manager of a firewall or UTM appliance to do, especially if the
composed solution has additional special sauce, representing core competency, as it most
certainly will? The dizzying array of avoidance and evasion techniques in use today is
enough to drive him or her to the madhouse.

If you doubt that, consider the anonymizers and the relentless release trains they produce to
keep the good people of the repressed world from being discovered – and those in the free
world from being committed with a diagnosis of paranoia from the nagging fear they are
being watched.

At Procera, we believe that poor, aforementioned Product Manager should seek relief in the
form of leveraged expertise. With nearly 1000 customers worldwide—network managers
who depend on our DPI products--to make accurate and intelligent policy decisions, there is
nothing that escapes the attention of our learned staff.

If blocking or conditioning certain traffic types is your game, we would posit that being
correct is kind of important and not to be left to chance.







! " $
! # ! "
   5   6   7   8   9   10   11   12   13   14   15