We’ve talked before in this ‘ere blog about the options available nowadays in terms of buying into a platform-based approach, versus integrating a portfolio of specialist products and services – or indeed opting for a self-build, DIY approach.
It may or may not be coincidence that most of the products I’ve evaluated, or had demo’d to me, this year have been platform-based., regardless of which genre of IT they belong to. For example, in the security world we’ve looked at Swimlane’s approach to low-code automation, more recently we’ve tested FileCloud’s platform-based approach to taking the cloud-storage scenario but bringing it back home to OnPrem and – combining security and networking – we’ve looked at Cato Networks in the SASE world. In each case, the aim is to take away the cost, pain and substantial deployment time involved in the manual alternative. And, in each case, the DIY approach – manually gathering together and integrating the many and various components that these solutions consist of – sounds increasingly like an impossible, never-ending task. I recall the modular software solutions of the 90s – such as CAs Unicenter in the network management world– and noting how long it took their customers to assemble these code monsters. We are talking months and years – and that was a “solution” from a single vendor, not multiple suppliers!
Without even analysing this approach in any depth, it would seem obvious to the proverbial layperson that it is fraught with complexity and limitations, despite the seemingly “open platform” alternative offering unlimited options. I recall going to an InfoSec event, pre-pandemic scars, in London and having conversations there with seasoned vendor veterans of IT security about exactly how a contemporary SecOps guy could unravel the puzzle that was 300+ vendors all seemingly offering variations on four or five flavours of security protection within the same physical building; how did they all work together – and did you need them all. And if you did, which was the best in each category? Who was genuinely offering something new and useful and who was just dusting down and rehashing some old code in new cyber clothes? Moreover, which ones integrated most easily with each other? And this was just a microcosm scenario – there are literally thousands of different vendors out there in the global space of cybersecurity.
Regardless, in practise, relying on a number of different 3rd party components means that all those elements must continue to be supported by their creators on an ongoing basis. Should any element become end-of-lifed or simply no longer supported, the DIY portfolio approach means then finding replacement components and recommencing the integration from scratch. Even when all the elements continue to be available and supported, every time one is updated, more potential configuration and integration woes await. In general, updating and improving a DIY solution, in the same way as a platform vendor will, is going to be, at best achievable in a very expensive fashion (time and components costs) and – at worst – impossible, so you end up with a static solution that will become out of date and irreparable.
At Broadband-Testing, over the years, we have had the opportunity to compare – across various spheres of IT – specialist products versus their DIY equivalent, and in every case the DIY approach failed miserably – and usually expensively. Even in the world of basic networking plumbing of yore – Ethernet switches, WiFi and routers – why is it that, despite IEEE standards binding these products, and regardless of who made them, the vast majority of businesses went for a single-vendor solution? And even when they underwent mergers, they hoped that the new ally would have the same taste in vendors. Apply that logic to the current, infinitesimally more complex world of IT and security and it is more obvious than ever that a platform approach is the way to go.