Articles by David Dupré

According to Datamonitor one in five firms is committed to Green IT as part of their business strategy. Reducing printer usage and optimising power consumption are just two of the tactics helping companies achieve their environmental targets while reducing costs.

At commonIT we’re committed to sustainable development, but the question is “does Virtual Browser contribute to Green IT?”

Well, to begin with we can consider that anything that contributes to the development of (1) working from home or remotely and (2) application centralization (virtualization, cloud computing) participates indirectly in energy savings by limiting unecessary travel and reducing server power consumption (according to VMWare, clustering 10 servers on a ingle virtual server platform reduces total power consumption by 80 to 90%). The agility and security that Virtual Browser provides for corporate (and mobile) use of web applications will help firms keep moving in the right direction.

But the most natural link between Virtual Browser and Green IT is probably the opportunity that our product represents for Netbooks. The development of these cheap and “green” terminals (see what Gartner says) is currently limited by the hardware performance required by the web browser. Today’s Netbooks don’t have the performance for more complex web applications. Virtual Browser can solve this problem, because the browser does not run on the terminal (or the Netbook) but on a virtual server in the infrastructure (or in the DMZ, or in the cloud). Only a very simple software agent (able to run on a USB key) runs on the laptop or the Netbook.

With a few more weeks to go before the official launch of commonIT, it’s time for us to introduce ourselves. Who are the founders of commonIT? There are four of us: Daniel Fages, Albino Pili, Mathieu Lafon and myself, David Dupre… But what is our background? And what brought us together?

My dear co-founders, I suggest a round-robin presentation: each of us will present one of our colleagues in turn. I’ll start with Mathieu, then it’s up to you…

Mathieu Lafon:

Mathieu is a graduate of the INSA engineering school in Lyon (a leading French engineering school) like myself and Daniel, and he started his career at Arkoon in 2000. If I had to present him in one sentence I would say he’s the kind of engineer able to develop in a day what most other engineers need a week to accomplish… and that would take me a year.

As lead developer, he participated in designing and developing FAST, the core technology of Arkoon’s UTM appliances. He’s recognized as co-inventor, with Daniel, of this technology, patented by Arkoon. In the Arkoon R&D labs, Mathieu launched and managed the security response team. I consider Mathieu to be one of the leading experts in IT security. His in-depth analysis of Internet threats during the last 5 years has contributed to uncovering many major vulnerabilities. Mathieu is also a contributor to the open source community.

Does history repeat itself? I’m not sure about that but maybe IT does. At least, the question needs to be asked when you look at the new centralized IT architectures which are coming out, taking us back to earlier days. Applications are moving onto virtual servers and terminals are becoming (or returning to being) simple user I/O devices to access those applications. Is this the return of the dumb terminal?

Thanks to mobility, virtualization, Web 2.0 and SaaS, a new generation of IT architectures is arriving, based on new uses, new business models and new technologies. In a few years, I bet that datacenters will be virtualized, applications hosted in the enterprise, software vendors or services providers’ infrastructures, and laptops transformed into simple terminals with 3G or wifi connections.

This vision, shared by analysts, seems to be a natural evolution of what has already started. And this move should accelerate because of new opportunities:

• Users will become consumers of web services — no IT expertise required
• In the enterprise, less IT expertise will be required
• Application availability will improve, guaranteed by service provider SLAs
• Infrastructure will be scalable and its cost will depend on enterprise use
• Mobility and working from home will increase productivity and make IT more sustainable by reducing unnecessary travel.

Even if this future seems great, we have to be realistic. At this stage two issues need to be addressed:

1. High bandwidth network availability. If users must be connected to use applications, that means they must be able to connect from anywhere. This issue will be solved soon as telco networks reach higher levels of coverage in enterprises, home offices and public areas.
2. Security. The challenge is now (a) to bring trust into the hosted architecture (what happen when corporate applications are no longer running on the enterprise’s own servers?) and (b) to protect data against web threats and browser vulnerabilities which are the hacker’s new “Eldorados”.

In creating commonIT one of our key goals was to help development of this new architecture and these new uses. That’s why our mission statement is to make users free of security and mobility issues.

That’s what we mean by “Stress-free internet”

I’m not a big fan of analogies. As a marketing guy I admit they are useful to explain some ideas that often, in our technical environment, are hard to understand for those not familiar with IT. But on the other hand, analogies are limited as soon as they over-simplify concepts that also take their strength from technology’s complexity. Whatever, because commonIT is born from an innovation that could interest everybody… I’ll attempt an analogy :

In Lyon, near commonIT’s headquarters, a unique centre named IWAY has been opened. There, you can try Formula 1 driving in a simulator so realistic even professional drivers were amazed. The analogy with commonIT and our product Virtual Browser is interesting. Imagine you drive a Formula 1 car in a simulator so realistic that everything is just like on a real track: you reach the same speed, feel the same sensations, use the same technologies and the same security mechanisms… But if you crash you do not risk anything. Replace the track with Internet, the Formula 1 car with your web browser, the crash with a computer virus and you get the Virtual Browser concept: the certainty that data and applications can’t be compromised even if an attack occurs.

Among the huge number of discussions that led to the founding of commonIT, a key one took place between Daniel and I when monitoring the growth of the Web 2.0 phenomenon that, with its many benefits introduced whole new families of threats. P2P, IM, Social Networking etc. Each service has the same problem: data and users are connected to complex applications that security products are not able to analyze in depth. No security solution is 100% effective. Every vendor will confirm that. And that’s the point. Because of the exponential growth of new Internet services, security products need big investments for incremental results. During this discussion with Daniel, we tried to think differently from the way our industry has traditionally operated: Instead of adding new software (antivirus, antispam, antispyware, antiphishing, antiwhatever, increasing the load on security appliances or users’ devices, impacting performance with less and less effective security functions) we challenged security product architectures themselves. We wondered how it could be possible to create a product that guarantees, in its architecture, 100% security for data and web applications.

Later (and about 10 years after he designed an architecture later baptised UTM – Unified Threat Management by IDC), Daniel invented Virtual Browser, a “secured by design” product. Virtual Browser is a web browser which executes web code on a secured server instead of running it on the laptop/desktop PC, only the image and the sound of the web application reach the user’s device. Thanks to this architecture, even if an attack is not stopped by the high level security system, data, applications and the whole network can’t be compromised.