If you have ever wondered how security guards can possibly keep an unfailingly vigilant watch on every single one of dozens of television monitors, each depicting a different scene, the answer seems to be (as you suspected): they can't.

Instead, they can now rely on computers to constantly analyze the patterns, sizes, speeds, angles and motion picked up by the camera and determine -- based on how they have been programmed -- whether this constitutes a possible threat. In which case, the computer alerts the security guard whose own eyes may have been momentarily diverted. Or shut.

An alarm can be raised, for instance, if the computer discerns a vehicle that has been standing still for too long (say, a van in the drop-off lane of an airport terminal) or a person who is loitering while everyone else is in motion. By the same token, it will spot the individual who is moving rapidly while everyone else is shuffling along. It can spot a package that has been left behind and identify which figure in the crowd abandoned it. Or pinpoint the individual who is moving the wrong way down a one-way corridor.

Because one person's "abnormal situation" is another person's "hot dog vendor attracting a small crowd," the computers can be programmed to discern between times of the day and days of the week.

Certainly interesting.

Traveling towards VMworld 2008

I, along with thousands of others, wended my way through a vast dimly lit cavern of a place helped along by the strangely surreal sight of ushers in black waving wispy red flags to guide us not to the empty seats in front of us, but to the ones 50 yards on. (Ah Vegas, my feet hurt already.) Perhaps the point was to live in the moment, soak in the pre-rock concert atmosphere complete with a hip and cool soundtrack ripped off from Apple commercials. (Do they all use the same ad firm?) A better way to build the anticipation for, yes, the kickoff keynote session at VMworld 2008. (photo credit: lodev)

To the sounds of Hey Ya (Shake it like a Polaroid picture), we shifted forward in our uncomfortable temporary seating placed, as at all tech conferences, too close for all but the skinny girls. The moment was here – one of those videos started playing on the dozen or so huge monitors floating above the convention crowd. You know this video; you’ve probably seen it before from HP or someone like that. One of those videos with instrumental Coldplay music in the background with time lapse/speeded-up video of people in motion and floating captions dropping into the images that leave you with a slight smile on your face as you “get” the relationship between image and text. (Do they all use the same ad firm?)

And here he is, announced like a Vegas headliner, Paul Maritz, the new CEO of VMware. Hmm. After all that hype, I rather expected someone in a black turtleneck and jeans to come out. Instead here’s this guy with pleat-front pants and an admittedly cool accent (New Zealand?) who looks a little like Al from Home Improvement. Not that there’s anything wrong with that – everyone likes Al.

And then the real fun begins.

• 30 years ago, Paul Maritz started off his business career as a developer
• 10 years ago, VMware was founded by Diane Greene and Mendel Rosenblum (BTW, 10 seconds spent showing a slide with cartoon-ized images of the founders, “thanks for what you did for the company for the past 10 years”. 10 seconds after 10 years…but maybe more would have been hypocritical…)
• a retrospective of centralized vs. decentralized computing initiatives from the 1960’s to today
• of course VMware milestones from 1998 to today
• and then an analyst-ready diagram showing the product roadmap (to be delivered in 2009) with, you guessed it, finally a connection between VMware and cloud computing (remember Maritz’s cloud-computing company was bought by EMC just a couple of years ago and that’s the section he headed up at EMC before being brought into VMware).

Forward Looking

2008 (and probably much of 2009) will be a very busy year for VMware. If you believe the roadmap, VMware seems to be taking on the management of everything – from chargeback and capacity planning to virtual storage and virtual networking (more to come on just what the planned vStorage and vNetwork will deliver) – but all of it VMware-centric. As we said in an earlier post, they’ve moved away from “defending” the hypervisor business proposition to focusing on management services on top of their own hypervisor platform. Revenue pressures must be excruciating – who wants to be a public company these days?

The best part of that new “Virtual Data Center Operating System” diagram/roadmap was the addition (and I mean addition) of something called Cloud vServices. (Did anyone else find it odd that Cloud vServices is kind of on its own in the Infrastructure vServices area? AND, I’ll have to get the other version of the diagram/roadmap I actually saw at the show because that one shows an inexplicable 4^th box in the Application vServices area titled “…”. Really. Maybe to balance out the addition of Cloud vServices?)

What was clear is that the move from VirtualCenter to vCenter –and the new vServices for rolled-up management of virtualization components/capability to span multiple VirtualCenters (or future vCenters) for reporting, monitoring and management at scale – has been in the works for a bit (but in tech time, that could mean 6 months), but the cloud stuff…not so much.

Beyond the very high-level speak appropriate to a keynote (100+ service provider partners for off-premise cloud…suspended VM’s that you don’t have to pay for until you need it), the details are uber-fuzzy. There was a session that Dave went to which was supposed to shed more light, but when questions were asked about how it really works, the answers seemed to be TBD. Does anyone know more? If VMware really has figured out practical cloud computing for enterprises, kudos to them. But I fear they’re like everyone else (except maybe AT&T) and are still working out the details.

The panel will discuss fourth-generation (4G) networks, including both LTE and WiMax, and discuss what these networks might deliver, as well as how Wi-Fi networks fit into this future.

One of the organizers asked if I'd solicit questions--you can post them below--which they'll try to ask during the panel. The group would then write up responses which could posted in turn here.

The powerhouse that is Kevin Werbach, a professor at The Wharton School, is moderating the event. Werbach has been part of interesting thinking about spectrum for many years, a former editor of Release 1.0, and a former FCC staffer. He'll share the stage with a fairly high-powered crowd, including AT&T's enterprise architect for mobility, the president of NAC, and senior people from Comcast and Sprint Xohm.

The event is part of the Mid-Atlantic Chapter series called MobileMonday, an interesting business group that's trying to provoke discussion and development around mobile technology and access. This particular event is sponsored by local business development organization Select Greater Philadelphia.

You can read plenty of other blogs about some of the great presentations at Black Hat.  So I thought I would take another angle and talk about some of the other stuff that may be important to you.

1.  secure@microsoft.com – This years hottest party was again the Microsoft party.  This year it was at the LAX club in the Luxor.  As usual there were quite a number of people at the door who thought they could talk their way in or worse yet were told they “were one the list”.  I was happy to be able to go and saw many of the usual suspects there as well. I had to leave the party early to go catch my red eye flight home, so went right to the airport from the party.  As I wrote earlier, Microsoft is trying really hard on security.  But I couldn’t help but notice the irony of this grainy, lousy picture of the DJ booth at the party.  If you can, notice the computers that the secure@microsoft.com DJs are using. That’s right they are Macs!

2. A new low for booth babes – What would a Shimel review of a trade show be without a booth babe rant.  Hey I recognize it is Vegas and all, but EdgeOS went way over the line this year.  A booth babe dressed as a Las Vegas showgirl or some other type of costume makes a statement.  I personally don’t like exploiting woman to make that statement, but I understand.  However, these guys had woman who were dressed so raunchy and classless, that I could not bring myself to post a picture of them.  Come on guys!  You want to resort to the booth babe thing (and BTW I think the Black Hat crowd does not respond to that), at least have a little class.  These girls looked like street walkers and do you and your company no favors.  Is that really the image you want to promote?  Grow up!

3.  The Security Bloggers Network – We are back!  With the end of the Black Hat show, the SBN is going back to being the SBN.  The old logo is back and our promotion with Black Hat is at an end.  However, I want to personally thank so many of you SBN members who blogged about Black Hat.  The Black Hat marketing folks made it a point to come over to me and thank us for the overwhelming support and help of the community.  Our network delivered big time with them and they are already thinking about ways we can work together next year.  I will keep you all posted on that.

We have several new promotions we are working on with the SBN and will have more on that soon. Also, we learned some valuable lessons.  Next time we will work with the network members more closely in doing these affiliations.  Also, for any show like this we need to have an official bloggers get together.  Not because we don’t want to buy our own drinks (thanks to Chris Hoff for doing more than his share in picking up a big bar tab), but frankly we need to reserve a place that has enough space for us.  Security bloggers are big time. We have a great community of people who get together. Lets make it better.

I have some other ideas around the SBN I am working on too and want to form a committee to help. If you are a member and want to get involved, please drop me a line or comment.

Anyway, another year of Black Hat is in the books. It was a good one and I can’t wait until next year!

We’re calling this part II - and it’s being advertised as:

“How to conduct a risk analysis and produce a high impact deliverable to senior management.”

With topics:

• The life-cycle of a quantitative risk analysis
• Key control opportunities against targeted attacks
• Getting senior management to understand the risk posed to the business

I got to do the Q&A backchannel on the last presentation, and there were great questions asked.  I think this presentation will be even more exciting, as it’ll cover both analyst and management considerations.

If you’re a regular reader of the blog, I don’t think you’ll have to have attended the last one for this one to be worth your while.

REPEAT PERFORMANCES OF THE FIRST WEBEX ARE AVAILABLE

And if you missed it the first time, the playback of the first preso is here, and the slides are here.

CEP describes an architecture, just like SOA describes an architecture and just like EDA describes an architecture.

For example, you do not buy an SOA.   An SOA describes an architectural style of programming via components that are involved as services in a distributed network architecture - a service-oriented, or service-based architecture.

The concept of CEP does not have “the A-word” like SOA and EDA, but none-the-less, CEP describes an architecture, not a product.   Do not make the mistake of thinking in terms of “buying CEP”, just like you do not buy an SOA or an EDA.  You think, plan and design in terms of CEP, just like you should do in an SOA or EDA.  These are constructs, not products.

In other words, for “true CEP” you need a number of components, some of the components might be in the architectural style of SOA, others might be in the architectural style of EDA.   Your solution architecture for solving a complex event processing problem might have request-reply transactions, or it might have fire-and-forget messages.  You might have a Neural Networking component for analytics and a rules component for filtering, mediation and scheduling.  You might even have a stream processing component performing as a high performance filter and pattern matcher on streaming data where the output is forwarded to a Bayesian Classifer for further processing.

My key message in this post is that CEP requires a number of technologies to solve complex distributed computing problems.   Do not be fooled into thinking that a single product is “CEP” no more than a single product is SOA or EDA.

I have been preaching for some time about what I call complete NAC. That is a complete network access control solution, not just network admission control and certainly not end point access control.  It is not an evil plot to extend Cisco/Microsoft dominance and most importantly Richard, no one and let me say this again, no one has ever said that NAC negates the need for a layered security model.  NAC is just another layer in that model.  Richard’s comments deriding the .edu and .mil markets were also laughable.  Richard, have you ever heard the term military grade?  Are you seriously trying to say that enterprises take security more seriously than the military does?  Come on now Richard.

The bottom line is Joel Snyder is not only a sharp dude technically, but is street savvy enough to run circles around my friend Richard.  He made Richard stay focused on the question at hand, did not let him wander and so Richard had to face reality a bit. I am sure Richard will still say NAC is useless and will admonish people about hanging out with the likes of the StillSecure crowd, but I guess some things will just never change.  Except, I don’t think Richard will be in anymore of these bouts.  Maybe he can start selling a grill that takes the fat out of meat or perhaps a reality TV show like the other washed up palookas ?

I was reading the Security Bloggers Network feed this morning. I had missed a day or so and had a lot of articles to go through. I was also thinking of what could be the next topic suggested for members to blog about as part of our cross-promotion with Black Hat.  Than I realized there really was not any need.  The topic was obvious, DNS. I didn't do an actual count of how many times it was mentioned (as Mr Bump did with NAC vendors mentioned in the Information Week NAC survey), but there had to be at least a dozen and half, if not more articles on the great DNS leak of 2008. 

Dan Kaminsky's research was exemplary, but his naivete about people keeping the exploit under thier hat was not.  While Thomas Matasano apologized for his mistake, frankly from the moment Havlar Flake begain speculating on it, it was just a matter of time. 

Anyway, the cat is out of that bag, but something tells me that Dan K's presentation will still be a standing room only crowd in just a few weeks in Vegas.  But beyond that there are still a bunch of good topics to be discovered at Black Hat.  Not to mention lots of social activities brewing for both BH and DefCon.  I amreally looking forward to it. I would hope that no one is feeling the air out of the ballon on this one!

I was reading the Security Bloggers Network feed this morning. I had missed a day or so and had a lot of articles to go through. I was also thinking of what could be the next topic suggested for members to blog about as part of our cross-promotion with Black Hat.  Than I realized there really was not any need.  The topic was obvious, DNS. I didn't do an actual count of how many times it was mentioned (as Mr Bump did with NAC vendors mentioned in the Information Week NAC survey), but there had to be at least a dozen and half, if not more articles on the great DNS leak of 2008. 

Dan Kaminsky's research was exemplary, but his naivete about people keeping the exploit under thier hat was not.  While Thomas Matasano apologized for his mistake, frankly from the moment Havlar Flake begain speculating on it, it was just a matter of time. 

Anyway, the cat is out of that bag, but something tells me that Dan K's presentation will still be a standing room only crowd in just a few weeks in Vegas.  But beyond that there are still a bunch of good topics to be discovered at Black Hat.  Not to mention lots of social activities brewing for both BH and DefCon.  I amreally looking forward to it. I would hope that no one is feeling the air out of the ballon on this one!