the impact of next generation firewall: how security can enable new strategies
DESCRIPTION
This presentation offers information on the impact of next generation firewall and how it's security can enable new strategies.TRANSCRIPT
The Impact of Next Generation Firewall: How Security Can Enable New Strategies
Chris Rodriguez, Industry Analyst
Network SecurityNetwork Security
Sept. 1, 2011
Today’s Presenters
Chris Rodriguez, Industry Analyst
Frost & Sullivan
2
Focus Points
• Introduction
• Firewall Market Overview
• Market Trends
• Realizing the Full Value of Next Generation Firewall Capabilities
• What Next Generation Means for the Firewall Market
• Key Industry Participants
• Conclusion
3
• Conclusion
Firewalls: Rise of the NextGenicons
MegaTrend: Convergence vs
Trendimus Prime: Application/Identity
4
Trendimus Prime: Application/Identity Awareness
Hot Topics
• Convergence
• Application/identity awareness
• Content awareness
• Major scalability
5
• Major scalability
• Improved performance
• Value-adding features
Market Overview
First packet filter firewalls
developed
Application layer firewalls
developed
Vendors begin offering Deep Packet
Inspection
Vendors begin to consolidate
security functions into firewall
Large vendors adapt emerging
firewall technologies
Firewall Market EvolutionGlobal, 1985–2010
6
1985 1990 2000 2003 2006 2010
Security breaches demonstrate the
need for perimeter defence
Stateful firewalls
developed
Firewalls capable of securing traffic
based on application and
user identification
Firewall solutions now include IPsec VPN capabilities
Proprietary ASICs used to improve
performance
Market Definitions
Enterprise Firewall:
• Stateful packet filtering
• IPsec virtual private network (VPN)
Unified Threat Management:
• Combines enterprise firewall, IPsec VPN, intrusion prevention, gateway anti-virus, URL filtering, anti-spam, and anti-spyware
7
• Sometimes includes secure sockets layer (SSL) VPN and/or data leakage prevention (DLP)
Next Generation Firewall:
• Includes application aware and identity-based firewall filtering
• Must include basic stateful packet filtering and VPN
• May also include an intrusion prevention system, but additional functionality qualifies the product as an unified threat management (UTM) product
Market Growth
Firewall Market Unit and Revenue ForecastGlobal, 2008–2015
8
• The firewall market reached $3.2 billion dollars in 2010.
• Growth was slow in 2008 and 2009 because of the economic recession, but as the economy recovers the firewall market will grow 6.5 percent from 2010-2015.
Note: All figures are rounded; the base year is 2010. Source: Frost & Sullivan analysis.
Major Drivers
Fear of a high-profile security breach:
• TJX Companies (2007), 90 million customer records, $64 million in lawsuits.
• Heartland Payment Systems (2009), 130 million customer records, $68.2 million in lawsuits.
• Sony PSN (2011), 102 million customer records.
• Epsilon (2011), customer data for 50 businesses such as CitiGroup, Best Buy, Target, and Capital One.
9
Buy, Target, and Capital One.
Source: Open Security Foundation and DataLossDB.org and Frost & Sullivan analysis.
Major Drivers (continued)
Regulatory compliance mandates require the use of network security products:
• Payment Card Industry (PCI) Data Security Standard (DSS) requires businesses to maintain minimum standards of protection for cardholders’ sensitive account and transaction information
• California Security Breach Information Act require breached businesses to publicly report incidents
10
Source: Frost & Sullivan analysis.
• PCI DSS
• SOX
• FISMA
• HIPAA
• Gramm-Leach-Bliley Act
• EU Data Protection Directive
• Firewall/IPsec VPN
• IPS
• Gateway AV
• Anti-spam
• Content filtering
• Web application security
• Vulnerability management
Major Drivers (continued)
Consolidation of security technologies enhances customer value and return-on-investment:
• Cost effective, deeper discounting
• Ease of management
• “One-stop-shop”
• Products are more effective when integrated
11
UTM
Firewall/IPsec VPN
Gateway AV
IPS
URL filtering
Anti-spam
SSL VPN
App controlAnti-spyware
Source: Frost & Sullivan analysis.
Technology Segmentation
Enterprise Firewall Market vs UTM Market Percent Sales Breakdown
Global, 2010
• UTM is a rapidly growing market and now represents the majority of firewall product sales
12
product sales
• Enterprise firewall market is growing at a slower pace
• The introduction of next generation firewall sales has improved the growth of the enterprise firewall market
Major Challenges
• Cautious customer spending is due to economic worries that delay purchases
• UTM products can be a single point of failure, generating customer fear. These multi-function devices can also slow network traffic, which deters customers with demanding network requirements.
• Customers often underestimate threats or overestimate their security architecture, and require additional education
13
Source: U.S. Bureau of Economic Analysis and Frost & Sullivan analysis.
Realizing the Full Benefits of Next Generation Firewall Capabilities
Increased security that is long overdue:
• Ability to inspect network traffic content
• Block dangerous applications, including Web applications
• Protect against port hopping and tunneling
14
• Protect against port hopping and tunneling
• Increasing complexity of attacks in recent years
Realizing the Full Benefits of Next Generation Firewall Capabilities (continued)
Leverage Web 2.0 for cutting-edge business strategies:
• Social networking sites such as Facebook and Twitter
• Must block features such as games, instant messaging, and file sharing
15
• Provide access to the proper users
Realizing the Full Benefits of Next Generation Firewall Capabilities (continued)
Increase productivity and reduce network latency
• Increased work productivity
• Block resource-intensive applications
• Opportunity-based value
16
Regulatory compliance (Fear)
Security breach (Fear)
Increased productivity and profitability (Opportunity)
What Next Generation Means for the Firewall Market
• Solves long-known problems and limitations with traditional firewalls
• Adopted by firewall, UTM, and IPS vendors
• Next generation firewall offers tremendous value in terms of
17
• Next generation firewall offers tremendous value in terms of improved security and enables new business strategies
• Next generation firewall is reviving a highly saturated market that is very competitive
• Emerging competitors can displace traditional vendors that lack in features
What Next Generation Means for the Firewall Market (continued)
Challenges
• Customers must be able to easily adapt to this new functionality
• Identity-based controls prompts human resources considerations
• Product definition is still evolving and open. The many competing
18
product methodologies can be confusing for customers.
• The convergence trend benefits the market, but also adds complexity to the evolutionary process
• Content inspection limits the scalability of any firewall product, which concerns large enterprises and service providers
Key Competitors
19
Sample of top competitors. Not a comprehensive list.
Key Competitors (continued)
20
Conclusion/Key Take-Aways
Next generation firewall:
• Is an important step in the evolution of firewall technology
• Is already being sold by every major firewall and UTM vendor
• Should perform stateful packet filtering, VPN, application aware
21
• Should perform stateful packet filtering, VPN, application aware control, identity-based control, and content inspection (IPS)
• Is offered as multi-function or stand-alone firewall products
• These products will be increasingly competitive as hardware improvements enable UTM traction in larger enterprise networks
Next Steps
� Request a proposal for or Growth Partnership Services or Growth Consulting Services to support you and your team to accelerate the growth of your company. ([email protected]) 1-877-GoFrost (1-877-463-7678)
� Join us at our annual Growth, Innovation, and Leadership 2011: A Frost & Sullivan Global Congress on Corporate Growth (www.gil-global.com)
22
Sullivan Global Congress on Corporate Growth (www.gil-global.com)
� Register for Frost & Sullivan’s Growth Opportunity Newsletter and keepabreast of innovative growth opportunities(www.frost.com/news)
Your Feedback is Important to Us
Growth Forecasts?
Competitive Structure?
What would you like to see from Frost & Sullivan?
23
Emerging Trends?
Strategic Recommendations?
Other?
Please inform us by rating this presentation.
Frost & Sullivan’s Growth Consulting can assist with your growth strategies
Follow Frost & Sullivan on Facebook, LinkedIn, SlideShare, and Twitter
http://www.facebook.com/FrostandSullivan
http://www.linkedin.com/companies/4506
24
http://twitter.com/frost_sullivan
http://www.linkedin.com/companies/4506
http://www.slideshare.net/FrostandSullivan
For Additional Information
Mireya Espinoza
Corporate Communications
Information & Communication Technologies
(210) 247-3870
Craig Hayes
Sales Manager
Information & Communication Technologies
(210) 348-6420
25
Rob Ayoub
Research Manager
Network Security
(210) 247-3808