It all started with a simple tweet from The Mogull, which succinctly summed up a lot of the meat grinder of high tech marketing. You see the industry is based on upgrades and refreshes, largely driven by planned obsolescence. Let’s just look at Microsoft Word. I haven’t really used any new functionality since Office 2003. You? They have overhauled the UI and added some cloudiness (which they call Office Live), but it’s really moving deck chairs around. A word processor is a word processor for 95% of the folks out there.
Rich was reacting to the constant barrage of “next generation” this and next generation that we are constantly get pitched, while most organizations can’t even make the current generation work. It is becoming rare to survive a vendor briefing without hearing about how their product is NextGen (only their product, of course). This is rampant in the spaces I cover: network and endpoint security. Who hasn’t heard of a next generation firewall? Now we have next generation IPS, and it’s just a matter of time before we see next generation TBD promising to make security easy. We know how this movie ends.
To be fair, some innovations really are next generation, and they make a difference to leading edge companies that can take advantage of them. I mentioned NGFW in a tongue-in-cheek fashion, but the reality is that moving away from ports and protocols, to application awareness, is fundamentally different and can be better. But only if the customer can take advantage and build these new application-oriented policies. A NGFW is no better than a CGFW (current generation firewall) without a next-generation rule base to take advantage of the additional capabilities.
I guess what I find most frustrating about the rush to the next generation is the arbitrary nature of what is called “next generation”. Our pals at the Big G (that’s Gartner for you Securosis n00bs) recently published a note on NGIPS (next generation IPS), which you can get from SourceFire (behind a reg wall). As the SourceFire folks kindly point out, they have offered many of these so-called next generation functions since 2003 – they just couldn’t tell a coherent story about it.
Can something over 6 years old really be next generation? So next generation monikers are crap. Driven by backwards-looking indicators – like most big IT research. SourceFire did a crappy job of communicating why their IPS was different back in the day, and it wasn’t until some other companies (notably the NGFW folks) started offing application-aware IPS capabilities that the infinite wisdom in Stamford decided it was suddenly time for NGIPS. And now this will start a vendor hump-a-thon where every other IPS vendor (yeah, the two left) will need to spin their positioning to say ‘NGIPS’ a lot. Whether they really do NGIPS is besides the point. You can’t let the truth get in way of a marketing campaign, can you?
What’s lost in all the NextGen quicksand? What customers need. Most folks don’t need a next generation word processor, but one shows up every 2-3 years like clockwork. Our infrastructure security markets are falling in line with this model. Do we need NextGen key management? NextGen endpoint security? NextGen application protection? Given how well the current generation works, I’d say yes.
But here’s the problem. I know this is largely a marketing exercise, so let’s be clear about what we are looking for. Something that works. Call it what you want, but if it’s the same old crap that we couldn’t use before, rebranded as next generation… I’m not interested. And no one else will be either.
Reader interactions
One Reply to “Next Generation != (Always) Better”
> “Let’s just look at Microsoft Word. I haven’t really used any new functionality since Office 2003. You? They have overhauled the UI and added some cloudiness (which they call Office Live), but it’s really moving deck chairs around. A word processor is a word processor for 95% of the folks out there.”
I think the example of MS word is a very poor one for your argument as it is actually a great example of the next release making functionality in the previous release more accessible rather than adding features for the sake of adding features (at least in the case of 2k3 to 2k7). For starters, the security changes are about as optimal as one can hope for, as they are implemented fairly transparently to the user. The shift from the compound document format to the compressed XML bundle format removed an entire swath of parsing attacks, the change of macro permissions neutered macro attacks, and the adoption of security compiler flags have made it much more resistant to overflow attacks. The impact of these changes is fairly rarely seen by the users (aside from users that do find a need to frequently “trust” documents) – they get the benefits essentially for free. Isn’t that the exactly what we would want in a new product – improvements that cost zero knowledge training to leverage?
However more than that the transition from 2k3 to 2k7 showed that focusing on the discoverability and accessibility of functionality is often more important than the functionality itself. MS risked alienating a whole bunch of users in their redesign, but the result was quantitatively more users regularly using a much greater percentage of Word’s functionality (MS has the usage statistics to back up the effectiveness of the redesign at increasing the use of functionality). That means that a word processor isn’t a word processor for 95% of the users, but rather that the discoverability and accessibility of features really does differentiate the offerings. If two products support the same functionality but that functionality gets used by 90% of the users of one product and only 10% of the users of another because of discoverability and accessibility then the two products are not equal. The second product might as well not have the functionality as the users are obviously not leveraging it. That seems to be a great demonstration of your point that new features only matter if in the real world customers can actually take advantage of them.
The NG-security movement isn’t founded on making functionality more discoverable and more accessible, but like all technology it should and I think calling attention to that is great. The lesson that prompted MS to do a dramatic overhaul of its UI and risk alienating a whole crap ton of users was that it is pointless to create functionality if it isn’t exposed to the users in a fashion that allows them to easily leverage it. I can’t count the number of times where my largest criticism of a security tool is that it’s use requires the user to specifically become an expert at the tool when the users it targets aren’t aiming to be experts. Fortify is a terrible tool to hand to developers, because for them to get anything out of it they need to become experts at fortify. They aren’t paid to be fortify experts, but C++ or Java or .Net experts. To continue to pick on HP – QA Inspect is targeted at enabling run of the mill QA engineers to perform dynamic analysis, but unless the tool has dramatically stopped sucking in the past couple of years the average QA engineer is going to have to become specifically a QA Inspect Engineer if they want to configure and interpret scans. The next version of these tools would be so much more valuable not if they added more functionality, but if they reduced the cost of leveraging their current functionality.
I think security products across the board should look at the difference between Office 2k3 and Office 2k7 and realize that a much greater focus on exposing functionality in a usable fashion is worth significantly more than simply adding another checkmark to your feature list. If you wanted me to describe the ideal NG network security device it would be one with something like Skybox built in so that IT can see how changes will impact the entire environment; couple that with intelligent automated analysis of the configurations to suggest appropriate use of unleveraged functionality and I think we would see a dramatic uptick in the percentage of functionality used. That would be much more Next Gen than the ridiculous SecureX functionality that Cisco is peddling.