/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsThe
network security market showed positive growth trends in FY 2004—05. There was
an increased awareness of security-related issues resulting in increased
compliance levels. Both large enterprises and SMBs across almost all industry
segments prepared themselves for eminent threats and attacks. As the networks
crossed geographical boundaries and increasingly more applications being run on
them, there was a growing realization to protect and secure the information
flowing over the networks and this fuelled the market's growth. According to
VOICE&DATA estimates, the security products market, including appliances
and software products, grew by almost 37 percent to reach Rs 299 crore. In FY
2003—04 it was Rs 219 crore.
Cisco
emerged as market leader with its integrated security approach. It clocked
almost Rs 140 crore from its security business. The leadership of Cisco comes
from the fact that it supplies major portion of enterprise equipment in the
market. No other security or network equipment vendor has such a market share
in both the segments combined.
Juniper
has been trying to eat into the Cisco market but would take some time to really
catch up.
Attacks
and threats to networks have not only increased in the last couple of years but
the nature of these attacks has also changed. From simple virus infections or a
malicious codes snooping around the network, the threats have become
blended-combining the characteristics of viruses, worms, trojans, and malicious
codes. Blended threats exploit the vulnerabilities to initiate, transmit, and
spread an attack by using multiple methods and techniques and cause widespread
damage. As the complexity of threats and the affected areas increased, demand
for security solutions also went up.
Spyware
and adwares added new dimensions to the security threats encountered by
networks. Such harmless-appearing software residing on the networks or the
desktops ate into the bandwidth and also transmitted information outside the
networks. Key loggers were another menace the network managers had to deal
with, to stop sensitive data being captured and transmitted. Even the denial of
service (DoS) attacks evolved and became distributed (DDoS).
As
more employees went mobile and business houses opted for wireless in the last
mile and IP to connect their branch and remote locations, threat perceptions
also changed. Wireless access technologies like Wi-Fi demanded a new outlook
towards securing a network. Use of mobile devices like laptops, PDAs, and smart
phones to access the intranet also went up and securing these open ends posed
great challenges.
Key
Trends
The Indian security market was slowly moving towards maturity, though
the benchmark markets like Japan, Korea, some European countries or even the
United States were far ahead in terms of deployment, compliance, and awareness
when it came to securing networks. There was a major shift in the outlook of
corporations and enterprises towards their network security requirements. From
being a value add for the network, they now viewed security as a part of the
network infrastructure. The concept of having a chief security officer, in
addition to the CIO, slowly gained momentum. The budget assigned for security
services and appliances was no more seen as a burden on the capex of a company.
In fact, the management realized the benefits of secure network and protecting
the mission-critical applications.
|
|
|||||||
|
|
|||||||
|
Product Category |
|
|
|||||
|
|
|
|
|
||||
|
Anti-virus solutions |
|
|
|
||||
|
Firewalls |
|
|
|
||||
|
Intrusion detection and prevention |
|
|
|
||||
|
Patch Management |
|
|
|
||||
|
Others* |
|
|
|
||||
|
Total |
|
|
|
||||
|
|||||||
The
movement from only securing a network to securing the applications along with
the network was another key trend. Recent attacks have been targeting the
mission- and business-critical applications apart from clogging the network and
eating up bandwidth. The focus shifted from securing perimeter to securing
every layer-perimeter, core, applications, and wireless-of the network. Virus
attacks in FY 2004—05 moved away from desktops to the servers and gateways. The
concept of a vanishing perimeter has gained acceptance with more and more
people accessing their corporate networks from outside. This also broke the
divide between internal and external threats.
Anti-virus
(AV) and firewalls occupied the largest market share in the security appliances
business. However, the concept of a self-defending and self-healing network
increasingly brought intrusion detection and protection (IDP) solutions to the
forefront. While anti-virus and firewalls are seen more as reactive security
mechanisms, IDP solutions are more proactive and get activated as soon as any abnormal
behavior is detected.
|
|
|||||
|
|
|||||
|
Product Category |
Key vendors |
||||
|
Anti-virus |
Trend Micro, Symantec, Network Associates, MacAfee |
||||
|
Firewalls |
Cisco, Checkpoint, Juniper, Nokia |
||||
|
Intrusion detection and prevention |
ISS, Cisco, Symantec, MacAfee |
||||
|
Authentication |
RSA |
||||
|
Multifunctional appliances |
WatchGuard, Sonicwall, Fortinet, CyberGuard |
||||
|
|||||
The
anti-virus market grew by 38 percent FY 2004—05. The anti-virus segment is now
being clubbed with anti-spam solutions. But almost all the AV solutions were
software based and licensed, and revenue from the renewals was also
substantial. With blended threats and spam rates increasing by the day, AV
companies like Trend Micro, Symantec, and McAfee started to include simple spam
control and management in their products.
Today,
Internet and e-mails have become part of an enterprises' working environment
and the quantity of spam has affected network efficiency and brought down the overall
productivity of organizations.
Identity
Management Gains Ground
The blended threats-spyware/adware/phishing attacks-last year showed
that signature authentication might be a valid mechanism to restrict entry into
a network. However, process of updating signatures was slow when compared to
the new forms of attack. This was also an indication that mere signature
authentication was not enough and some identity management was required.
In
the authentication sphere, RSA was the leading vendor with almost no
competition. Two-factor authentication was being widely used by enterprises.
The
rise in number of access points highlighted the need to effectively manage
identities. Last year the trend was to move towards a single username and
password, instead of using multiple identities. The need for single identity
also came from a network manager's perspetive who has difficulties in managing
the huge numbers within an organization and assigning restricted access on
multiple identities. A single username and password with specific access rights
is another security measure being actively explored by enterprises.
Automated
Patch Management
With new vulnerabilities being discovered every day and hackers
launching flash attacks, patch management saw gaining importance last financial
year. Security integrators and service providers like HCL Comnet, Secure
Synergy, Network Solutions, Wipro Infotech, and many others have integrating
patch management solutions over the networks.
Patches
were being released earlier also, the change happened in the process used to
install them. Increasingly, patch management moved towards becoming a service.
Patch management began to involve scanning of the network for vulnerabilities,
understanding the threats, downloading the relevant patches and installing them
over the network; often done remotely from a security operating center. Patch
management market gained impressively last year and jumped 150 percent from Rs
4 crore to Rs 10 crore. Still small compared with anti-virus or firewall
market, but the growth rate is an indication of the importance being attached
to it.
|
|
||||||||
|
|
||||||||
|
|
|
|
|
|||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
|
|
|
|
|
||||
|
||||||||
Focus
on Early Detection
Once an attack has happened, actions taken become more of a damage
control procedure. Thus, in FY 2004—05 security vendors focused on early
detection of any abnormal behavior and preventing the attack from being
launched. Though the market for IDP/IDS segment was around Rs 20 crore. The
idea of early detection and prevention caught up and holds lot of promise.
Although IDP/IDS were deployed in large numbers, organizations did not have
their people and processes in place to manage the logs that were generated. IDP
and IDS don't work effectively until an organization tunes them regularly and
updates signatures specific to the threats. The lack of regular updation and
trained pesronnel to monitor the logs resulted in a large number of false
alarms and hence, IDP/IDS could not provide the promised protection.
These
lapses were actively plugged through remote security management services
provides by the security vendors.
Mobile
and Wireless Security
The open nature of wireless access points prevents from security
solutions from being deployed on them and makes intruding into the networks
relatively easy. Moreover, Wi-Fi-based wireless networks and mobile networks
are open to unauthorized access, and this makes them difficult to be monitored.
As they were new mode of connectivity, enterprises were generally not aware of
the threats through these access points. Similarly the security companies were
still evolving ways and means to secure them.
On
wireless networks, a client or device-end solution is the only way to protect a
network from being compromised. As a result, SSL VPN emerged the most effective
solution for wireless and mobile devices. Mobile device manufactures like
Nokia-who have huge stake in the wireless networking market too-secured their
devices with firewalls and VPN clients. However, till now, not much activity
here. Neither did the hackers try their skills at SSL VPNs nor did the vendors
offer any new solutions.
Integrated
Box Solutions
Cisco again emerged the king in security space and it floated the idea
of combining security products with the network equipments.
Last
year saw integration of security solutions in two directions, the security was
bundled with network equipment and secondly, the security solutions were
bundled in one package.
With
the bundling of security with network gear, the concept of network admission
control (NAC) gained popularity both among Cisco's partners and customers.
Cisco took the initiative of bringing together different security domain
experts onto a common table in providing an integrated solution rather then asking
the organizations to depend on an all-purpose product. Juniper promoted
multiple virtual firewalls in one box to cut down on cost and management of
these devices.
With
the bundling of security products in a single package, a new way to look at the
integrated box concept was floated by companies like Fortinet, Watchguard, and
Sonicwall. These vendors brought in multiple-function boxes for the price
sensitive companies, who did not want to spend on multiple equipment and the
management of these boxes. The SMB segment bought these devices. They came with
default anti-virus and firewalls with options to include IDP, anti-spam,
authentication, or patch management solutions. However, the big enterprises
still preferred discreet devices, as their traffic flow was higher and many
also opted for outsourcing managed security services.
Services
Gaining Ground
The security services market had been growing at over 50 percent in last
couple of years and in FY 2004—05 it grew by 60 percent. In fact, of the total
network security market, services last year occupied more than 20 percent. This
percentage is set to rise with the services component in any security deal
increasing by the day. From less than 20 percent of the deal size couple of
years ago, services can get to be up to 40 percent in some cases. For companies
like HCL Comnet the services-equipment split was 35:65. For smaller companies
like Secure Synergy, services part was touched almost 40 percent. While for
Network Solutions the split was 25:75 for services and products.
Last
year, the market also favored managed services. Enterprises realized that
security is not just about best of breed technology or buying boxes and putting
them up. Rather it is a process that needs constant service support to work
effectively. Still, outsourcing of managed security services did not happen in
big way. The reason: organizations were not comfortable with the idea of
handing over the security to a third party and wanted to retain control of
their networks.
However,
last year most security service providers experienced a rise in their services
revenue. Services like consulting on network security design, processes,
certifications, and selection of technology and its implementation became part
of the normal security integration. The network integrators came up with
firewall management, patch management, intrusion detection, e-mail and content
management, vulnerability assessment, and testing kind of managed services to
attract customers.
Though
offsite remote management did not take off much, a combination of offsite and
onsite management offerings found acceptance. Everybody was talking about
security operating centers (SOCs) just like network operations centers.
Another
hot service area that emerged last year was device management and event
correlation. Security solutions throw up huge logs of vulnerabilities and
intrusions in any day. The process of filtering false alarms and creating a
precise and meaningful threat report was now being done remotely and in some
cases the whole process was automated.
Market
Segments
The security solution and services market witnessed a push from all key
industry segments. The thrust was particularly strong from enterprises that had
multiple locations. However, even single location businesses were equally
concerned. Also, the past year belonged to the SMB segment. The segment
appeared to be slowly waking up to the threats and it currently contributes
almost 40 percent to the network security appliance and services market.
As
in many previous years, banking and financial sectors were the most active
growth drivers for security solutions. The reason being, most of the public
sector banks-State Bank of India, Punjab National Bank, Corporation Bank, Bank
of Baroda to name some-and private banks like ICICI Bank, UTI Bank, HDFC Bank
among others made e-banking their prime offering. And with more transactions
going online and Web-based BFSI sector bought every type of security solution.
Internet banking guidelines from RBI ensured that banks look at vulnerability
analysis and penetration testing. In the process, banks saw the advantages of
applying the solutions to other portions of their network as well.
Although
a little late, many union government organizations are waking up to join the
security bandwagon. In fact, e-governance projects and the various drives to
put information online resulted in tenders for security products too