My Point of View

The snow outside the windows of Plattsburgh Air Force Base elementary school fell like feathers from a punctured pillow after a pillow fight. Here I sat in Mr. Watkins’ fourth-grade math class recovering from our weekly air raid drills. Who was I to argue that a wooden desktop was not capable of fending off an atomic bomb blast? In 1963, it was a sound Cold War maneuver.

But surviving a nuclear winter seemed an easy assignment compared to where the next 60 minutes took us — into the wasteland of New Math! Those damn Russians. It was they we had to blame for this.

Just after the Soviets launched Sputnik into earth’s orbit in 1957, U.S. lawmakers kicked into crisis mode, perceiving a lack of mathematical sophistication among its own schoolchildren. It stands to reason the next generation of Commie engineers will be capable of much greater technological mischief if they are more proficient in math. Hence the birth of New Math, which emphasized mathematical structure through abstract concepts like set theory and number bases other than 10.

Yeah, we didn’t get it either. With glazed eyes directed more towards the mid-day snowfall than Mr. Watkins, he continued the day’s lesson: “So, you’ve got thirteen 10s and you take away seven. And that leaves five ... well, six, actually,” says Mr. Watkins, as his right eye twitched. “In this new approach, as you know, the important thing is to understand what you’re doing, rather than to get the right answer. Remember, the idea is the important thing!”

It was near the end of the year when Mr. Watkins had his breakdown in the teachers’ lounge, screaming: “Why can’t we have history books that know how the Korean War came out… math books that don’t have that base six crap in them?”

Who among us in the security industry has not had their own “New Math” experience? Just ask a security director who remembers that first “convergence” meeting with an IT counterpart. No doubt that director had a glassy-eyed stare as he huddled in the glass-enclosed conference room right outside the data center.

“Okay, it is really quite simple. Windows sets the TCP/IP settings for individual interfaces by selecting the interface and configuring its properties. This is analogous to setting parameters through the Ifconfig utility under UNIX, or by setting the corresponding values in /etc/hosts, /etc/netmask, and /etc/defaultgateway. You with me so far?” says the guy in the thick glasses, looking straight at you. “You may want to limit which TCP, UDP and IP protocols are accepted. Under UNIX, this information is configured either through the inetd or xinetd daemon, through a secondary wrapper such as tcpwrapper or through a firewall or IP protocol filter.”

That was then, this is now. You have survived convergence, mastered the concept of open architecture, compliance and even threw in your two cents regarding technology standards. But the IT team has just hit you with the newest of the new — Cloud Computing and virtualization.

Relax. These approaches are not science fiction. According to STE’s convergence guru Ray Bernard, cloud computing is the use of a third-party service to perform computing on a publicly accessible network, such as the Internet. Cloud computing services are usually performed in consolidated Data Centers using virtual computing technologies to keep costs low while improving overall utilization. is probably the most well-known business software example. Even a number of security industry companies are providing security services using a cloud computing approach, such as Brivo and Axis Communications.

Unlike New Math, there is a payoff for security directors who implement cloud computing and virtualization practices. According to James Conner, principal of N2N Secure, a Silicon Valley-based consulting firm, every security professional should be investigating their own organization’s adoption of cloud and virtual technologies; and they should be looking at the companies that have already adopted these models. They may be very surprised at how rapidly they may need to get up to speed or be left wondering “what just happened?”

Not unlike most of us fourth-graders in Mr. Watkins’ class.

If you have any questions or comments for Steve Lasky regarding this or any other security industry-related issue, please e-mail him at