Thursday, March 21, 2013

Cloud Intelligence: Leverage the User Base!

I'm not sure if other tech writers have already identified this trend, but it seems that every network security vendor identified by Gartner as one of the leading vendors in their areas of specialization is enabling their devices with "cloud intelligence."

First, what do I mean by cloud intelligence?  Others may have a different definition, but to me cloud intelligence means analysis of user-generated data in the cloud to glean something of value.  The benefit of doing so is baking the results of that analysis into feature updates or supplemental information to already embedded features to be used by that same user base.

So, where is this happening?  I can think of three off the top of my head:

  1. Blue Coat's WebPulse
  2. McAfee's Global Threat Intelligence
  3. Palo Alto's WildFire
Each of these solutions receive input from their deployed products that send information of varying types, depending on what data points the vendors consider important.  The goal of this "phone home" feature is so the vendor can leverage what is seen in the field to protect others.  So, if Company A sees malware X and it gets reported to the cloud, the vendor can protect all other companies using the feature.

Most of these products require an opt-in, because not every organization is comfortable sending the information to the vendor.  What are your thoughts?  Would you feel more comfortable leveraging cloud intelligence, or does it invoke paranoia?