You know I am big fan of the people at SC Magazine. From Illena Armstrong on down I really like the folks from Haymarket. Also, over the years at StillSecure, the magazine has been very kind. StillSecure has won its share of awards and bake offs from the folks at SC Magazine. I have Dan Kaplan as one of the judges for the Security Bloggers Awards. But especially now that I am not affiliated with a vendor, I have to call them as I see them.
Peter Stephenson and his son Mike basically run the lab for product reviews and group reviews over at SC. Over the years to say they have made some unorthodox choices is a great understatement. While it is good to see some new names rather than the usual suspects, it also calls into question the creditability of the judges.
That is a bad thing. Most people already look at most product reviews as bought and paid for by vendors. There is a portion of the security world who think of SC Magazine as the “People" magazine of security (yes I have actually heard that from more than one person). I thought I knew better. I know the people there and know they try their best to put out a great magazine, month in and month out.
But I just am compelled to call this out. Hey I wouldn’t be ashimmy otherwise. Rothman is already saying that I am going soft. So there is a real creditability problem at SC Magazine labs. It is around NAC.
Over the years I have watched a budding relationship between the lab director at SC Mag, Peter and the CEO of NetClarity. For those of you who don’t know, Net Clarity is the maker of a NAC product that is aimed at the lower end of the market. The CEO there does a good job of smoke and mirrors and marketing, but like most NAC vendors I doubt they are doing much in revenue.
Interestingly though every time Net Clarity would be reviewed by SC Mag they would always get a stellar review and either a best buy or what ever the highest rating was. Hey, I get it – they like the product there and the CEO and Peter are buddies. That is the way of the world.
Interestingly, another player entered the NAC world (at least at SC Magazine, because it was unseen anywhere else) back around October. All of a sudden an SC Mag group test of NAC had no Net Clarity, the usual winner for SC Mag. Instead the recommended product was a product called Veri-NAC by BlackBox.
Now I know the NAC market pretty well. I had never heard of the product. A Google search turned up nothing at the time. Even more interesting was that there was nothing on the Black Box site about the product either. I think you would have to agree, its pretty strange for a supposed best in class winner at a major magazine review to be totally unknown even by its own vendor.
So being the journalistic blogger I am, I did a little digging. That is when I came across some interesting information. The picture of the BlackBox NAC product and description was a dead ringer for another NAC product I knew. Which one? Bingo, you got it – Net Clarity! It seems BlackBox is an OEM of Net Clarity. Now, no one has confirmed this officially to me, but you can take it to the bank. Unless by now they have bought Net Clarity outright and it has not been announced yet.
In any event, someone’s hands are in the cookie jar here! Hey you want to give the award to your buddies OEM partner, that is fine. At least have the creditability to say that it is an OEM of a proven product we have reviewed before. Don’t try to put one over on anyone here.
Frankly I confronted the lab reviewers about this but let it go because I was leaving StillSecure anyway. But I have seen some things that compel me to bring this to the full light of day.
One month after the October award review, the SC Mag lab reviews the same product again! Have you ever heard of a magazine reviewing a product two months in a row. Could it be that BlackBox screwed up the launch of the Net Clarity OEM product by not having it on the web site yet and so SC Mag labs reviewed it again, so that this time people could actually go to the web site of BlackBox and buy the damned thing? I don’t know, its pure speculation on my part. But it sounds logical.
But wait there is more! SC Magazine ran a special for security innovator of the year in early December. Who do you think the lab manager asked to be added for a special mention? You got it Veri-NAC by BlackBox! Now that sounds like innovation to me. What about you?
The tangled web gets even stickier . SC Magazine recently celebrated their 20th anniversary (congrats guys). The lab folks have come up with a list of the 20 Most Influential Security IT Security products over the last 20 years. Who do you think made the list? That’s right, blow me down, but BlackBox’s Veri-NAC is one of the top 20 over the last 20 years.
Are you kidding me? A NAC product? An OEM of another NAC product that is not generally rated at the top of its class by many? I don’t know about you, but it is time for a reality check here. Is Peter Stephenson imitating Rod Serling and am I in the NAC Twilight Zone?
Guys you want the security industry to take you seriously, you need to get serious. This kind of stuff needs to be taken to the curb with the rest of the trash!
Let me also end with I don’t work at StillSecure. I don’t care if you pick their NAC or any of their products. I really don’t care what NAC you pick. Frankly I really don’t care much about NAC these days. But this kind of stuff just won’t fly. You might as well come out with your own Silicon Valley Reporter awards.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=6429d9fd-8eda-4195-9665-3208e933777f)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=ee7177d4-7fd5-4f10-908d-5039710bed21)
