The Impact of Next Generation Firewall: How Security Can Enable New Strategies

Chris Rodriguez, Industry Analyst

Network SecurityNetwork Security

Sept. 1, 2011

Today’s Presenters

Chris Rodriguez, Industry Analyst

Frost & Sullivan

2

Focus Points

• Introduction

• Firewall Market Overview

• Market Trends

• Realizing the Full Value of Next Generation Firewall Capabilities

• What Next Generation Means for the Firewall Market

• Key Industry Participants

• Conclusion

3

• Conclusion

Firewalls: Rise of the NextGenicons

MegaTrend: Convergence vs

Trendimus Prime: Application/Identity

4

Trendimus Prime: Application/Identity Awareness

Hot Topics

• Convergence

• Application/identity awareness

• Content awareness

• Major scalability

5

• Major scalability

• Improved performance

• Value-adding features

Market Overview

First packet filter firewalls

developed

Application layer firewalls

developed

Vendors begin offering Deep Packet

Inspection

Vendors begin to consolidate

security functions into firewall

Large vendors adapt emerging

firewall technologies

Firewall Market EvolutionGlobal, 1985–2010

6

1985 1990 2000 2003 2006 2010

Security breaches demonstrate the

need for perimeter defence

Stateful firewalls

developed

Firewalls capable of securing traffic

based on application and

user identification

Firewall solutions now include IPsec VPN capabilities

Proprietary ASICs used to improve

performance

Market Definitions

Enterprise Firewall:

• Stateful packet filtering

• IPsec virtual private network (VPN)

Unified Threat Management:

• Combines enterprise firewall, IPsec VPN, intrusion prevention, gateway anti-virus, URL filtering, anti-spam, and anti-spyware

7

• Sometimes includes secure sockets layer (SSL) VPN and/or data leakage prevention (DLP)

Next Generation Firewall:

• Includes application aware and identity-based firewall filtering

• Must include basic stateful packet filtering and VPN

• May also include an intrusion prevention system, but additional functionality qualifies the product as an unified threat management (UTM) product

Market Growth

Firewall Market Unit and Revenue ForecastGlobal, 2008–2015

8

• The firewall market reached $3.2 billion dollars in 2010.

• Growth was slow in 2008 and 2009 because of the economic recession, but as the economy recovers the firewall market will grow 6.5 percent from 2010-2015.

Note: All figures are rounded; the base year is 2010. Source: Frost & Sullivan analysis.

Major Drivers

Fear of a high-profile security breach:

• TJX Companies (2007), 90 million customer records, $64 million in lawsuits.

• Heartland Payment Systems (2009), 130 million customer records, $68.2 million in lawsuits.

• Sony PSN (2011), 102 million customer records.

• Epsilon (2011), customer data for 50 businesses such as CitiGroup, Best Buy, Target, and Capital One.

9

Buy, Target, and Capital One.

Source: Open Security Foundation and DataLossDB.org and Frost & Sullivan analysis.

Major Drivers (continued)

Regulatory compliance mandates require the use of network security products:

• Payment Card Industry (PCI) Data Security Standard (DSS) requires businesses to maintain minimum standards of protection for cardholders’ sensitive account and transaction information

• California Security Breach Information Act require breached businesses to publicly report incidents

10

Source: Frost & Sullivan analysis.

• PCI DSS

• SOX

• FISMA

• HIPAA

• Gramm-Leach-Bliley Act

• EU Data Protection Directive

• Firewall/IPsec VPN

• IPS

• Gateway AV

• Anti-spam

• Content filtering

• Web application security

• Vulnerability management

Major Drivers (continued)

Consolidation of security technologies enhances customer value and return-on-investment:

• Cost effective, deeper discounting

• Ease of management

• “One-stop-shop”

• Products are more effective when integrated

11

UTM

Firewall/IPsec VPN

Gateway AV

IPS

URL filtering

Anti-spam

SSL VPN

App controlAnti-spyware

Source: Frost & Sullivan analysis.

Technology Segmentation

Enterprise Firewall Market vs UTM Market Percent Sales Breakdown

Global, 2010

• UTM is a rapidly growing market and now represents the majority of firewall product sales

12

product sales

• Enterprise firewall market is growing at a slower pace

• The introduction of next generation firewall sales has improved the growth of the enterprise firewall market

Major Challenges

• Cautious customer spending is due to economic worries that delay purchases

• UTM products can be a single point of failure, generating customer fear. These multi-function devices can also slow network traffic, which deters customers with demanding network requirements.

• Customers often underestimate threats or overestimate their security architecture, and require additional education

13

Source: U.S. Bureau of Economic Analysis and Frost & Sullivan analysis.

Realizing the Full Benefits of Next Generation Firewall Capabilities

Increased security that is long overdue:

• Ability to inspect network traffic content

• Block dangerous applications, including Web applications

• Protect against port hopping and tunneling

14

• Protect against port hopping and tunneling

• Increasing complexity of attacks in recent years

Realizing the Full Benefits of Next Generation Firewall Capabilities (continued)

Leverage Web 2.0 for cutting-edge business strategies:

• Social networking sites such as Facebook and Twitter

• Must block features such as games, instant messaging, and file sharing

15

• Provide access to the proper users

Realizing the Full Benefits of Next Generation Firewall Capabilities (continued)

Increase productivity and reduce network latency

• Increased work productivity

• Block resource-intensive applications

• Opportunity-based value

16

Regulatory compliance (Fear)

Security breach (Fear)

Increased productivity and profitability (Opportunity)

What Next Generation Means for the Firewall Market

• Solves long-known problems and limitations with traditional firewalls

• Adopted by firewall, UTM, and IPS vendors

• Next generation firewall offers tremendous value in terms of

17

• Next generation firewall offers tremendous value in terms of improved security and enables new business strategies

• Next generation firewall is reviving a highly saturated market that is very competitive

• Emerging competitors can displace traditional vendors that lack in features

What Next Generation Means for the Firewall Market (continued)

Challenges

• Customers must be able to easily adapt to this new functionality

• Identity-based controls prompts human resources considerations

• Product definition is still evolving and open. The many competing

18

product methodologies can be confusing for customers.

• The convergence trend benefits the market, but also adds complexity to the evolutionary process

• Content inspection limits the scalability of any firewall product, which concerns large enterprises and service providers

Key Competitors

19

Sample of top competitors. Not a comprehensive list.

Key Competitors (continued)

20

Conclusion/Key Take-Aways

Next generation firewall:

• Is an important step in the evolution of firewall technology

• Is already being sold by every major firewall and UTM vendor

• Should perform stateful packet filtering, VPN, application aware

21

• Should perform stateful packet filtering, VPN, application aware control, identity-based control, and content inspection (IPS)

• Is offered as multi-function or stand-alone firewall products

• These products will be increasingly competitive as hardware improvements enable UTM traction in larger enterprise networks

Next Steps

� Request a proposal for or Growth Partnership Services or Growth Consulting Services to support you and your team to accelerate the growth of your company. (myfrost@frost.com) 1-877-GoFrost (1-877-463-7678)

� Join us at our annual Growth, Innovation, and Leadership 2011: A Frost & Sullivan Global Congress on Corporate Growth (www.gil-global.com)

22

Sullivan Global Congress on Corporate Growth (www.gil-global.com)

� Register for Frost & Sullivan’s Growth Opportunity Newsletter and keepabreast of innovative growth opportunities(www.frost.com/news)

Your Feedback is Important to Us

Growth Forecasts?

Competitive Structure?

What would you like to see from Frost & Sullivan?

23

Emerging Trends?

Strategic Recommendations?

Other?

Please inform us by rating this presentation.

Frost & Sullivan’s Growth Consulting can assist with your growth strategies

Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter

http://www.facebook.com/FrostandSullivan

http://www.linkedin.com/companies/4506

24

http://twitter.com/frost_sullivan

http://www.linkedin.com/companies/4506

http://www.slideshare.net/FrostandSullivan

For Additional Information

Mireya Espinoza

Corporate Communications

Information & Communication Technologies

(210) 247-3870

mireya.espinoza@frost.com

Craig Hayes

Sales Manager

Information & Communication Technologies

(210) 348-6420

chays@frost.com

25

Rob Ayoub

Research Manager

Network Security

(210) 247-3808

robert.ayoub@frost.com