Does it seem to you, like it seems to me, that iPhone apps are the new way to drive traffic to various websites? With the always-on Internet connection of an iPhone, why bother building all the content into your app when it can simply phone home to fetch what it needs? In principle I have no problem with this: avoid duplicating data, and focus on providing a great product. In reality, though, people seem to abuse this model by quickly throwing together a decent looking app that doesn’t really provide much value to the end user. Case in point: Palo Alto Networks’ Applipedia web site and its associated iPhone app.
I’ve never heard of the Applipedia before. It “empowers security and IT staff, execs, and even users get a better handle on what they’re using, and even how to configure it safely with regards to certain features/functionality that may represent risk.” A quick look at the website confirms that: yep, it’s a listing of applications, with some decent descriptions and a risk rating. I’m a bit skeptical of arbitrary numbers to represent application risk assessments, but whatever.
I found the web site to be annoying to use, but that’s just me. Maybe their iPhone app will be easier to use? Nope. It’s no easier to use than the website. It includes icons along the bottom that look like the Apple App Store, so you can easily move between featured applications, the Applipedia app categories, search, articles, and videos. The featured apps listing includes the “New” and “Hot” buttons at the top, but includes no meaningful explanation of what makes an app “hot”. Is it a popular app? Does it have a lot of security vulnerabilities? It seems like they’re shoving the square peg of their data down the round hole of the Apple UI with no appreciation for how an end user will utilize this information.
The categories are overly broad, and all spaces have been inexplicably replaced by dashes. “File sharing” is, in fact, “file-sharing”. “General Internet” is “general-internet”. Have we some how gone back in time to those dark days when spaces were verboten in file names?
Anyway, here’s what you see for two applications I selected from their lists: google-earth and worldofwarcraft.
Oh noes! They “consume big bandwidth”! The display looks like it helpfully provides drill-down options to learn more about these applications. What does a risk level of 3 actually mean? Sorry! Tapping that field does nothing at all. The same holds true for most of the other fields, too: no means to see a listing of all apps that match “Use by malware” or other apps in the sub-category of “client-server”. There is a helpful link to Wikipedia. But why are Palo Alto Networks sending me to Wikipedia of all places, if its their Applipedia I’m using to evaluate application security?
The “Articles” button along the bottom of the screen pulls up a list of headlines, presumably from the Palo Alto Networks website somewhere, that you can click through to read. If I’m a Palo Alto customer, wouldn’t I want to subscribe to their news feed in my RSS reader, rather than use an app to fetch that same data?
And finally, the “Videos” button. This is a list of titles that link to YouTube videos. Most appear to be commercials for Palo Alto products. A few were mildly entertaining. A few were horrifically boring. This is not the stuff I want to watch on my iPhone, let alone use a dedicated app to access.
I like the idea of using the iPhone — or any mobile device — to access data stored on the Internet. I like the idea of the client-server model where the client is mostly a display, and all the application magic happens on the server. Alas, I think the Palo Alto Networks Applipedia product is a gigantic waste of time.
Scott – Thanks for the review. I appreciate your points, but it may be helpful to understand why we undertook a hobby project to build the iPhone version of the Applipedia. The use case that we envisioned: a network or security person (our customer) is sitting in a meeting discussing application use, and a few applications come into the conversation as valuable to the business. Traditionally, many security folks try to block new applications, which can be a career-limiting move – and is not the best for the business. The Applipedia gives them information about the behaviors and risks of the app that they can bring up to round out the discussion, and to talk about ways to safely enable the application in question. On our website or in the network security person’s pocket, we see Applipedia as a valuable information resource for our customers – who can then do something about it in security policy. The other aspects of the app (blog front end and videos) were just for fun.
To address a few of your points: We’re actually not interested in using this to drive folks to our website – we saw it as an opportunity to showcase our knowledge of applications and application behavior (and to highlight the applications that our firewall can control) in a free iPhone app. The risk rating that you mention in the review is calculated purely on the behaviors the application in question exhibits (transfers files, tunnels other apps, carries malware, has known vulnerabilities, high bandwidth consumption, etc.) – the more of those types of behaviors exhibited, the higher the risk rating. The Wikipedia access is to offer another perspective on the benefit side (we cover the risk side pretty well, I like to think).
Just thought the above might be useful for context. Thanks again.
Chris
Hi Scott-
I can attest to what Chris mentioned about the purpose of this iphone app. For a customer of Palo Alto it most definitely serves a purpose. The general iphone user however probably has no need for it unless they are simply a geek (not intended to be an insult of course..)
I would have liked to have had this app on my iphone a few weeks ago while in a meeting with our security and network teams when a suggestion of blocking a certain type of application was brought up. Our network team learned that a certain type of streaming application(s) was eating up a considerable amount of our total bandwidth and thus they floated the idea of blocking it. We had to later regroup once someone could check out just what that generic category broke down into (28 separate known applications). Had I or someone else had access to Applipedia we could have made the application by application decision right there at the time.
Again it isn’t some earth shattering, game changing app, but it is useful for Palo Alto customers.
Thanks!
I have to say this is one of the “perfect” apps for the iphone. For those of us that are more interested in it as a tool instead of a toy, it’s invaluable. I actually learned about it from a competitor of Palo Alto. I use it on a weekly basis and wish the competitor had the foresight to produce anything.