Tuesday, March 4, 2008
Weird things said by security vendors are usually one of my favorite subjects. When I was a CISO one of my favorite sports was to destroy vendor arguments during their presentations. OK, I know it's a bit cruel, but I would only do that when the vendor started using phrases like "our product, that is the market leader..." or "our product has perfect security by military level encryption".I was reading Shimel's blog today and found one of those cases where the vendor dies by his words. It's quite funny to see that someone is using as his selling pitch that his product is more secure because it relies on SNMP, "Secure Network Management Protocol" (UGH!). But what impresses me most when I find a case like that is that if they are using that speech it's probably because it's working somewhere! Yes, actually, people are probably buying their product because it uses SNMP instead of 802.1X!Some of my friends believe I'm too cynical to believe that the average security manager is almost (or even a complete) an idiot. Well, I think that those vendors are the living proof of that. If their speech can convince someone, that "someone" should really not be working in a security management position.