How about the vendor side?
There is still a lot of innovation and there are new products emerging and new start ups but not as many. Among the core vendors of identity management and directory technologies we are seeing platformania.
For example, Novell for some time has been moving its offering from a network operating system to also being a cross platform directory offering, and now it is trying to offer all the security tools you need for your directory -- adding provisioning, Web access management, anything it can think of to broaden the appeal. Directories are becoming more of a commodity, so vendors like Novell need to not only offer a commodity, but also some of the applications and tools that make the directory. RSA Security has been in the secure ID business and it has gotten into Web-based management. Netegrity got into the portal space by acquiring data channel and they are going to start getting into the provision space. That is the platformania trend. How about users?
They are focusing more on spending their money to do a better job of deploying what they have with cautious additions when appropriate. They are more likely to take a step back and figure out what their requirements are, what applications and resources they have and how to reuse their existing resources. There is more planning and more justification and less buying. But planning is not free either so they may be spending more on integration services. Vendors of integration services are not experiencing the drop off in business we have seen in the start up vendors. Have they had success?
There has been no success so far because the discussion has just begun. There are a number of initiatives trying to close this gap between the dream and the reality of making Web services secure. Realistically it will take a year from now before we see a lot of Web services security in deployment. A year from now we will have Security Assertions Markup Language (SAML) products on the market – and a year from now you will see the very first Microsoft Web Services Security (WS-Security) products. We think the SAML and WS-Security can be compatible. What is new in the world of networking?
We are seeing a number business trends. IT departments have cut back on spending but they still need to build a type of virtual enterprise network. They are spending more intelligently.
In terms of the raw technology, we are seeing a lot of activity and initiatives around securing Web services. Web services rolled out the gate two years ago without security (as an issue) so now security is trying to catch up. Once Microsoft and IBM and others pushing Web services realized that businesses cannot make use of this unless they can ensure the Simple Object Access Protocol (SOAP) call coming through the firewall is from an authorized source doing an authorized thing, they belatedly started trying to add these services. How about wireless?
Companies that used to be connected over private networks now tend to be connected over the Internet. It is hard to define where to put your firewalls, so we are seeing the firewall become more distributed. What other technology challenges are customers facing?
Customers will contend with perennial directory issues while vendors explore new directory horizons. The ongoing directory issues are the management of getting the data for your directory and managing it.