I have written about Richard Stiennon’s view of UTM’s as a Godbox before. I don’t blame Richard for advocating and thinking that UTM’s really do everything they advertise themselves as doing and even for thinking people really do turn on all of those functions. For Richard it is a case of when you are a hammer, everything looks like a nail.
Richard was the VP of marketing at Fortinet when they were hip deep in trying to show that UTM’s could scale beyond an SMB device. That turning on more than two functions on a UTM device would not have them grind your network gateway to a halt. After leaving Fortinet, Richard tried to start an MSSP that managed, wait for it, you guessed it, UTMs. After that Richard has written books on UTM. So you can’t blame Richard for thinking that UTMs really are God Boxes.
But in his recent post on Forbes.com Richard takes Palo Alto Networks to the whipping shed for no good apparent reason. He questions Palo Alto’s technology, their revenue reports and their place in the market.
In my opinion it comes off sounding a lot like sour grapes. He disparages the amount of customers PAN has compared to his own Fortinet (Richard of course left Fortinet before it went public). So I don’t know what Nir Zuk did to make Richard so spiteful, but I guess it doesn’t take much.
This is now the 2nd time though that Richard has flat out said that NGFQ is just another name for UTM. Again it is Richard’s everything looks like a nail view coloring his world. In Richard’s view anything that combines stateful packet inspection with anything else is a UTM. I guess by that definition maybe he is right, PAN is a UTM. But thank goodness the rest of the world doesn’t share Richard’s view. A UTM is usually firewall, IPS, gateway spam or malware and maybe filtering among other things combined on one box. But what PAN and other NGFW vendors have done around application based firewalling is not part of the UTM equation, no matter how much Richard wants to say it is.
So Richard get it straight. NGFW is not UTM. While we are at it, Richard lets set the record straight about UTMs. The fact is that today most people do not turn all of the levers on. Few use more than two of the functions of the UTM at once. My “anecdotal reports” tell me that still most people use the firewall and IPS. Event then the IPS has very few blocking rules set. So if anything maybe we should rip the veil off of UTM usage?
Now, I don’t know who Richard’s sources are for his “anecdotal reports” that Palo Alto is mostly behind other firewalls and is not being used as advertised, but as my grandmother would say when speaking to someone really heavy who was on always on a diet “someone is sneaking it in”. Those kind of numbers don’t come from people buying those boxes to use as flower pots.
As Bill Frank over on Cymbel wrote in response to Richard’s post, the Q4 revenue dip was explained by PAN. They had a bang up 3rd quarter based in large part on a big end of year buy by the Federal Govt. For companies that sell a lot to the federal space, the quarter ending Sept 30th, the end of the fiscal year for the Feds is often the big quarter of the year. What’s more I would think Richard doesn’t have to be reminded of that. So either he didn’t see the comment about the fed business or he choose not to disclose that.
Why should he disclose that anyway? He didn’t disclose in his Forbes post of his past history in the UTM market either. I am not throwing stones here, but Richard should disclose that too. This way people can understand his view of everything being a UTM.