GooglePOPs – Cloud Computing and Clean Pipes: Told Ya So…
In July of last year, I prognosticated that Google with it’s various acquisitions was entering the security space with the intent to not just include it as a browser feature for search and the odd GoogleApp, but a revenue-generating service delivery differentiator using SaaS via applications and clean pipes delivery transit in the cloud for Enterprises.
My position even got picked up by thestreet.com. By now it probably sounds like old news, but…
Specifically, in my post titled "Tell Me Again How Google Isn’t Entering the Security Market? GooglePOPs will Bring Clean Pipes…" I argued (and was ultimately argued with) that Google’s $625M purchase of Postini was just the beginning:
This morning’s news that Google is acquiring Postini for $625 Million dollars doesn’t surprise me at all and I believe it proves the point.
In fact, I reckon that in the long term we’ll see the evolution of the Google Toolbar morph into a much more intelligent and rich client-side security application proxy service whereby Google actually utilizes client-side security of the Toolbar paired with the GreenBorder browsing environment and tunnel/proxy all outgoing requests to GooglePOPs.
What’s a GooglePOP?
These GooglePOPs (Google Point of Presence) will house large search and caching repositories that will — in conjunction with services such as those from Postini — provide a "clean pipes service to the consumer. Don’t forget utility services that recent acquisitions such as GrandCentral and FeedBurner provide…it’s too bad that eBay snatched up Skype…
Google will, in fact, become a monster ASP. Note that I said ASP and not ISP. ISP is a commoditized function. Serving applications and content as close to the user as possible is fantastic. So pair all the client side goodness with security functions AND add GoogleApps and you’ve got what amounts to a thin client version of the Internet.
Here’s where we are almost a year later. From the Ars Technica post titled "Google turns Postini into Google Web Security for Enterprise:"
The company’s latest endeavor, Google Web Security for Enterprise, is now available, and promises to provide a consistent level of system security whether an end-user is surfing from the office or working at home halfway across town.
The new service is branded under Google’s "Powered by Postini" product line and, according to the company, "provides real-time malware protection and URL filtering with policy enforcement and reporting. An additional feature extends the same protections to users working remotely on laptops in hotels, cafes, and even guest networks." The service is presumably activated by signing in directly to a Google service, as Google explicitly states that workers do not need access to a corporate network.
The race for cloud and secure utility computing continues with a focus on encapsulated browsing and application delivery environments, regardless of transport/ISP, starting to take shape.
Just think about the traditional model of our enterprise and how we access our resources today turned inside out as a natural progression of re-perimeterization. It starts to play out on the other end of the information centricity spectrum.
What with the many new companies entering this space and the likes of Google, Microsoft and IBM banging the drum, it’s going to be one interesting ride.
/Hoff
Hey
I couldn't agree more. My view is that IT is going to get a nasty wake-up call when they realise that all those fancy shmancy VMs they setup as a "server consilidation exercise" can be whisked away to the Cloud as fast as you can say 'Cloud Computing is just a fad!'. And before the infosec people laugh too loudly: http://cloudsecurity.org/2008/04/22/5-reasons-why…
Enjoying your blog,
Craig
Great stuff, Craig.
You might also be interested in this little ditty: http://rationalsecurity.typepad.com/blog/2007/05/…
/Hoff
Actually to me, this is the few models that has a hope of working going forward…
Google needs some additional like PR people or something. I always read their stuff and say "Wow..hmm..ok now what does this really contain product-wise and what does it entail?" I then click 200 more "Learn Mores" and finally get to the meat…
Is that a new client for them then? That mobile piece is very sexy (that encryption piece is something I have been asking every company under the sun to bring me for YEARS) and I would love to tell a certain other company to shove it so anything as an alternative is good stuff.
From Google:
>
Protection for roaming and remote users
* Extends to all roaming employees wherever they are working – at home, in a hotel room, café, client premises, or Wi-Fi spot
* Applies acceptable use policies to all roaming employees
* Enhances privacy by automatically encrypting all web traffic when the user connects to a public network
* Eliminates the need to backhaul traffic over the corporate VPN
* Simplifies management with no endpoint client and updating
>
It is totally pointless to keep doing things the way we have in the past. I am far more interested in enabling the cloud or being an enabler of the cloud. One of the challenges though is no matter how safe you make it, people will find a way to be a challenge if we do not drastically increase the education levels across the board.
The only way we can add "Business Operating Efficiency" is to increase "Personal Productivity Savings" and right now the models for security are woefully inadequate to support that edge power. I just finished a chapter for a book that may survive edit talking about much of the same.
Anyway, you do good work Hoff. I enjoy reading your stuff.
Checking out Craig as well now.
–David
Excuse the silly miscues in that last comment including the nearly caveman like first sentence..I had edited it and then was trying to get bold to work and noobed it up completely…
D
Actually to me, this is the few models that has a hope of working going forward…
Google needs some additional like PR people or something. I always read their stuff and say “Wow..hmm..ok now what does this really contain product-wise and what does it entail?” I then click 200 more “Learn Mores” and finally get to the meat…
Is that a new client for them then? That mobile piece is very sexy (that encryption piece is something I have been asking every company under the sun to bring me for YEARS) and I would love to tell a certain other company to shove it so anything as an alternative is good stuff.
From Google:
>
Protection for roaming and remote users
* Extends to all roaming employees wherever they are working – at home, in a hotel room, café, client premises, or Wi-Fi spot
* Applies acceptable use policies to all roaming employees
* Enhances privacy by automatically encrypting all web traffic when the user connects to a public network
* Eliminates the need to backhaul traffic over the corporate VPN
* Simplifies management with no endpoint client and updating
>
It is totally pointless to keep doing things the way we have in the past. I am far more interested in enabling the cloud or being an enabler of the cloud. One of the challenges though is no matter how safe you make it, people will find a way to be a challenge if we do not drastically increase the education levels across the board.
The only way we can add “Business Operating Efficiency” is to increase “Personal Productivity Savings” and right now the models for security are woefully inadequate to support that edge power. I just finished a chapter for a book that may survive edit talking about much of the same.
Anyway, you do good work Hoff. I enjoy reading your stuff.
Checking out Craig as well now.
–David
Excuse the silly miscues in that last comment including the nearly caveman like first sentence..I had edited it and then was trying to get bold to work and noobed it up completely…
D
It is ScanSafe and their relationship with Postini that is enabling the web aspect. I am not sure of the added value of it with Google atm unless somehow it is cheaper or their are additional features…SLAs etc.
–David
It is ScanSafe and their relationship with Postini that is enabling the web aspect. I am not sure of the added value of it with Google atm unless somehow it is cheaper or their are additional features…SLAs etc.
–David
I'm not sure spam filtering makes for a real security story for them. As for "clean pipes"? I'll believe it when I see it.
Btw, you probably knew this, but the GooglePOP idea was filed for patent several years ago and was approved late last year, so it isn't really "news" per se. So the legal fight is about to begin, with Microsoft doing the same thing and Sun's Blackbox. Definitely very cool stuff though…