State of the security mart - Express Computer

Untitled Document

www.expresscomputeronline.com

WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS

26 December 2005

Untitled Document

Best Defence
Technology Life

Between The Bytes

HMA Bankbiz
UPS Batteries

Untitled Document

Indian Express
Business Publications Division

Home - Best Defence - Article

Printer Friendly Version

Security Mart

State of the security mart

With the integration of technology into business processes, companies see security as an integrated part of their core business. Shivani Shinde looks at the latest trends in this sector.

Sales of security solutions have exceeded expectations in recent times. According to analysts, the momentum will be maintained in the coming year as well. With the integration of technology into business processes, companies increasingly see security as an integrated part of their core business.

According to Frost & Sullivan, in 2004 the total revenue of the Indian network security market reached $42.6 million with a growth rate of 54.7 percent YOY and with the expected growth at CAGR of 19.8 percent from 2002 to 2011.

The emergence of integrated security appliances offering multiple functionalities on a single platform is noteworthy. These are being adopted by SMBs and the large enterprise segment (thanks to the ease of managing one box instead of a slew of software). Some prominent players in this area are Symantec, Sophos, Trend Micro, Watchguard and McAfee.

Soaring expectations

According to Sugata Sanyal, Senior Director, Content & Managed Security, SonicWall, the market for network security is growing at a tremendous rate. In the second quarter of 2005, the growth was 45.1 percent and registered a total revenue of $23.6 million. IT security is now seen as part of the infrastructure and this has led to the robust uptake of these solutions by the Indian companies.

"Security decisions are getting in sync with the core decisions of all greenfield projects"

- Unmesh Deshmukh
Country Sales Manager Enterprise Security
Symantec

The Firewall and VPN market grew by 44.6 percent in Q2 2005 to tot up revenue of $10.8 million as compared to $7.7 million in Q1 and $5.3 million in Q2 2004. VPN drew $9.2 million in Q2 2005 up from $5.3 million in Q1 2004. The revenue earned by IDS/IDP/IPS in Q2 2005 is $3.6 million compared to $1.8 million in Q2 2004.

To get the best security solutions decision-makers are investing time and money. Unmesh Deshmukh, Country Sales Manager, Enterprise Security, Symantec says, “Security decisions are getting in sync with the core decisions of all the greenfield projects.”

Rajendra Dhavale, Consulting Director, CA, India and SAARC believes that security has moved away from its role as a containment module to an enabler module.

“Keeping in mind the changing dynamics of security, the role of identity and access management is becoming crucial for organisations. According to analysts, almost 60 to 70 percent of threats that organisations face are internal. As a part of this, integrating provisioning, enforcement and auditing solutions that help organisations achieve appropriate identity and access management is the need of the hour,” he adds.

Spam and viruses continue unabated

Today almost 65 percent (this would be just the corporate e-mail) of e-mail traffic is spam. The anti-virus market in India is estimated to be approximately over Rs 130 crore. While there are many vendors in the market who provide comprehensive spam filtering services, finding the right product is a challenging task.

"Keeping in mind the changing dynamics of security, the role of identity and access management is becoming crucial for organisations"

- Rajendra Dhavale
Consulting Director
CA India and SAARC

"Companies want to have products that allow them
to detect the next attack rather than look at it after the systems get hit by a virus"

- Kartik Sahani
Sales Director
McAfee

The problem has reached such serious proportions that organisations with more than 500 users can actually see the affect on their overall growth rate. According to industry experts, organisations are spending almost Rs 1,000 to Rs 1,200 per user to curb spam.

Kartik Sahani, Sales Director, McAfee believes that the anti-virus services and product segment has seen a 180 degree change, “Compare the speed of a virus attack and you will find that the intensity and speed has increased manifold. The propagation time is just a few days and companies want to have products that allow them to detect the next attack rather than look at it after the systems get hit by a virus.”

Says Niraj Kaushik, Country Manager, Trend Micro, India and SAARC, “We do see a paradigm shift in corporate attitude towards security governed by factors such as: the moving of the virus threat from the desktop to the server and gateway levels, the need to protect an organisation’s intellectual property and critical data that has become more relevant now, and finally, companies build up Internet access and rely more on the Net-to-do business.”

Says Anil Menon, CEO, SecureSynergy, “The old perimeter-based approach to security is already dissolving. The increased use of mobile devices, remote working or even hot-desking shows that it is no longer possible to clearly define and therefore secure an organisation's boundaries. Thus the need for a comprehensive information security strategy that provides the vision to deliver a secure information environment.”

CIO concerns

Though there are tons of security appliances and solutions, the problem remains. For CIOs it is just not stopping virus from attacking but also educating and creating awareness among users and choosing the correct solution.

Says Satish Warrier, Head IS, IDBI Bank, “My main concerns are that the solution must be secure and tested, must have been in the market for some time and of a reputed brand. Besides, support must be easily available. We cannot afford to experiment as far as security is concerned. In fact we even defer installing new versions of existing solutions until they have been around for some time and have stabilised.”

Sunil Kapoor, Head IT, Fortis says, “The best of security solutions can be useless if there is compromise of confidential information at the employee level. To that end, employees need to have a sense of trust and ownership towards the organisation which can only be achieved at the non-technological level.”

For organisations concepts like UTM are yet to make the desired effect. As Sahani says, “UTM is a buzz word these days but certain problems need specific solutions. It certainly has a future.”

Ashok Adhikary, Associate Director, Systems, Aker Kvaerner Powergas believes that the implementation needs to be dynamic with the challenging and constantly changing situation. All-in-one box solution may be an ideal solution. Specialised approach can be avoided at this stage of technical innovation to cover the spectrum of broad security threats.

Whereas Kapoor says, “A UTM is certainly a cost-effective option than putting together various components (anti-virus, IDP, firewall, anti-spam), we feel it’s suitable at the unit or site-office level deployment instead of centralised installation.”

IDS/IPS growing

Of the overall network security market, firewalls grossed $22.5 million in 2004, VPN $14.5 million, and IDS about $8 million. Sahani is of the opinion that with the increasing attacks the shift is towards IPS.

Says Kaushik, “Those organisations that have an IDS will go in for an IPS because while an IDS only detects network intrusions, an IPS goes a step further and protects against network intrusion.”

As blended threats require a robust defence layer, the trend of using multi-layered anti-virus protection to implement a comprehensive anti-virus solution continues to drive market growth.

Sanyal believes although host-based solutions are currently a minor portion of the market, there are signs of increasing interest in these products especially from the government and military sectors in the coming quarters.

United vs standalone

"Customers want an appliance that can take care of all their security threats and hence the need for UTM"

- Ajit Pillai
Country Manager
India & SAARC
WatchGuard Technologies

The recent trend in the security segment has been the introduction of a unified threat management (UTM) or having multiple security solutions in one box.

Ajit Pillai, Country Manager, India & SAARC, WatchGuard Technologies says, “The enterprise market is exploding because the customer awareness of security has come to such levels that they want to have an appliance that can take care of all the security threats and hence the need for UTM.”

He explains, “With the technology evolution the threat levels are also increasing. For instance, with Voice Over IP and instant messaging the threat is rising. The attacks are hybrid in nature and hence we need a unified threat management solution in place.”

Though the UTM concept has just been introduced, the Indian enterprises seem to be quite curious about it. The prime reason being the easy manageability that these appliances offer.

In the past, organisations faced accountability issues while maintaining SLAs with vendors as each area of security was handled by a separate vendor. Whenever a security breach occurred, it became difficult to get the matter resolved as no one was willing to take the responsibility. But with security appliances CIOs can turn to a single vendor for support and hold him accountable.

Ranajoy Punja, Vice-president, Marketing, Cisco Systems, India & SAARC, feels that networks are growing in complexity while threats and vulnerabilities are emerging over global networks. Enterprises need to adopt security solutions that allow them to integrate security in each and every aspect of the network.

SSL or IPSec

Earlier there was speculation over whether SSL VPN or IPSec technology would dominate the Indian market space. But it seems that both have become standardised as VPN technologies and will co-exist. SSL operates at the application layer and IPSec at the network layer.

In Q2 2005, SSL VPN market was worth $1.1 million compared to $0.2 million in Q2 2004. Analysts feel that the market is poised to grow substantially because of the appeal it holds to the SMB category. It is easy to use and simple to maintain, characteristics that are important for businesses whose focus is not on IT.

According to Ajay Kumar, Country Manager, Aventail, “The SSL VPN market is showing an excellent growth with nearly 40 percent increase in India. While the overall market in India remains in an early stage, we are seeing increasing interest from both large and small enterprises. It is preferred by the Indian users primarily because it is clientless, offers more benefits and does not require management.”

The key advantages of an SSL VPN over IPSec are security, policy control, easy access and management. Besides, IPSec VPNs can be used to connect remote or branch offices to each other or to the head office.

Java Giridhar, Country Manager, India & SAARC, Juniper Networks says, “More than the usual threat levels from virus attacks and other security issues, organisations need to keep up and comply with regulations.”

With wireless and Wi-Fi technologies increasingly being adopted there is a whole new world of security issues that needs to be addressed, feels Gridhar.

shivani@expresscomputeronline.com

Untitled Document

© Copyright 2001: Indian Express Newspapers (Mumbai) Limited (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of the Indian Express Newspapers (Mumbai) Limited. Site managed by BPD.