|
That is a tall claim for a company, which has to contend with the likes of
Symantec in the security market. But Ahmed accepts that there are other players
bigger than Lumension. What he is trying to do is get his channel partners aware
of his solution stack and its USP rather than getting more solution providers
into his network
What is your channel network in India?
Lumension Security was founded in September 2007. Before that, we were Patchlink
but last year, we merged with Securewave and underwent a re-branding exercise.
We follow the indirect business model that has three tiers. We work with a
host of global independent solution providers (SPs) like IBM and local systems
integrators like Wipro, TCS etc. We have a distributor-Inflow Technologies and
an end-point sub-distributor-Gateway NINtec. Besides this, we work with SPs and
currently have 60 of them in our network.
What support does Lumension extend to its partners?
We provide training to our partners and have initiated a closed-door
training program for their prospective customers. Besides, we offer focused
online training on the sales and technical fronts to our new resellers.
What is the USP of Lumension vis-a-vis those of other security players?
Lumension works on the positive security model. Till date, all the security
applications are based on blocking concept or what is called the blacklisting
philosophy, which is more or less reactive in nature. We work on the
whitelisting policy, which is more proactive in nature.
But most enterprises, especially the small and medium ones, are happy with
just deploying the anti-virus on their nodes. How are you getting them to accept
this new concept?
What most customers don't know is that an anti-virus (AV) solution does not
tackle malware, spyware or other threats. Also most AV vendors provide
protection only up to three years. This is because they have to store the
signatures and patterns of the several viruses released daily and after a point,
their repository stack becomes so big that it is unable to store information
about the variants of the various viruses.
With whitelisting, we take customers away from signature-based virus
trapping. Rather we let our customers decide the whitelist or the framework of
applications that need protection. Only those applications within the whitelist
will be allowed to execute. So even if a virus enters the system, if it is off
the whitelist, it will not be able to execute itself and therefore will not harm
the network.
Is it advisable to put the onus of tracking the applications for the
whitelist on CIOs, because in SMB companies, it is usually the business head who
doubles up as a pseudo-CIO and he might not be technically equipped to deal with
this?
Defining the whitelist is not rocket scientist and it does not require a lot
of technical expertise. Besides, we offer these kinds of customers a baseline,
which they have to run in the silent mode and then it throws up a dashboard of
various applications. The CIO or entrepreneur can then decide which of these
applications need to be whitelisted and need protection.
Since the threat is now emerging from transient mobility devices, like
mobiles, laptops and USB drives, which are plugged to the network, the CIO can
also decide the access rights for these devices and decide to put these on the
whitelist too.
VINITA BHATIA
vinitavs@cybermedia.co.in Page(s) 1
| 
