Enter the vendor marketing initiatives. Cisco's NAC, Microsoft's NAP, and several other corporate-speak bandwagons are each heralding the arrival of their own proprietary approach to the self-defending network.
Disgruntled employees, 'dirty' laptops returning from the field, and any malicious viruses that might creep around the perimeter firewalls, be warned! You will each be soundly dispatched by a LAN infrastructure that knows how to look after itself.
But the reality of this seems expensive, disruptive and complicated. Write out an enormous cheque, and one of these vendors will drop a bomb on your LAN and build you a new one from scratch.
I reckon Bruce would argue that the art of self-defence relies more on applying simplicity, speed and intelligence than pursuing the crude reinvention of an entire network. It is ignorant to argue that a funeral pyre of legacy network infrastructure must be set ablaze before an intelligent, secure LAN can be realised.
In any case, network self-defence needs to be smarter, not tougher-looking. LANs must gain the ability to apply pre- and post-admission controls at lightning-speed. After all, a football stadium protects itself from hooligans by mingling detectives within the crowd, not just by placing guards at the turnstile.
So would you rather have Bruce ready, watching every move on your LAN, or standing at the front door in a DayGlo jacket?
