Security Goes 'Out of the Box'

While the concept of a virtual world and its benefits are something IT is not alien to--thanks to the many flavors of virtualization--what's changing is the move to virtual security.

Predominantly physical in nature, the prowess of security appliances are beginning to make a mark in the virtual world too. As this transformation takes a definite shape, the supporting ecosystem--channel partners and vendors--is at a cross road.

According to Gartner, by 2015,20 percent of the deployments in the VPN/firewall market will be executed through a virtual switch on a hyper-visor instead of a physical security appliance."This year, virtual firewalls accounted for 5 percent of the firewall market, compared to 2 percent last year. We see the large number of systems that are moving to virtual environments as main drivers accelerating virtual firewall sales," says Eric Ahlm, research director, Gartner.

As virtualization and cloud gain ground across enterprises, deployment of security solutions too are following suit by moving into a virtual mode. "For this fiscal, we have a target of minimum 2 percent of the total UTM numbers to emerge from virtual UTM in India," says Sunil Sharma, Vice President-Sales, India and SAARC, Cyberoam.

"Not only security applications, but anything which has a software bend or is software-dominated will be based on a VM," says Ashish Dhawan, managing director, Asia, Juniper Networks. Now that datacenters are going virtual, there's no point in keeping discrete appliances for which one needs to create a security perimeter, he says.

In Virtual Mode

Networking giant, Cisco, reinforces the fact that new technologies are pushing for virtual security. "The story is quite simple: Virtualization and cloud computing have been the biggest drivers for this in the past two to three years," says Diwakar Dayal, head-security sales, Cisco India and SAARC. "There is big impact on overall business because customers are consuming applications from the cloud and want greater security," he says.

Also Read Interview : Cisco empowers Partners beyond Security Appliances

Physical security appliances, such as firewalls, are bottlenecks when it comes to virtual systems operations. This is where virtual security appliances come good. "For example," says Ahlm, "a virtual systems team may be able to move a server to a new location in hours, but security takes weeks to redesign. Moving security technologies closer to the virtual assets they protect and integrating them with virtual operations management makes business more agile and secure."

With data going virtual, protecting it has become even more vital. "Enterprises will soon have a completely virtual resource of data. To protect it, it is best if the security or management appliance is in virtual mode too," says Dhawan.

Primarily, some vendors believe, the customers with a mature cloud process--private or public, and enterprise customers who have implemented virtualization for optimization of resources--will take to this trend. Which is why, the 2 percent target of virtual UTM will mostly feature enterprise customers which have implemented virtualization for optimization of resources. According to Sharma at Cyberoam, 20 to 25 percent of the market will move to virtual UTM in India.

Vendor-Partner Equation

Gartner sees a split go-to-market strategy for virtual firewalls. "A number of traditional physical firewall vendors now have virtual firewalls. These vendors take the channel route to reach security buying centers who wish to add virtual security appliances," says Ahlm.

A few months ago, WatchGuard, for example, launched a virtual firewall for VMware. The company is bullish about its prospects in this market. "Earlier, we had launched UTM for hyper-visors. Now, we cover a majority of virtualization products for Microsoft and VMware," says Mohit Puri, Country Manager, India & SAARC, WatchGuard.

Juniper Networks too doesn't want to be left behind. Being an industry big-wig, it is unwilling to lose the first-mover advantage. It has launched a few related products, including the EX9200. In addition, it has launched a virtual wireless controller that provides security and management tools to wireless networks, for which the software resides on the virtual path.

Dhawan at Juniper believes that this would be the future of appliance-based products, sooner than later. "Competition doesn't have features like a central console/log report, and they usually always have a component of hardware. The uniqueness of our virtual UTM is that it is 100 percent software-based," says Sharma at Cyberoam.

For channel partners, this software-based virtual UTM brings in higher the margins and profitability. Which is why some vendors have rolled out training programs on virtual UTM for their channel partners. "The big plan is to align with virtualization partners. If you want to sell VM then we need to work with partners that work in the virtualization sphere," says Dhawan. Similarly, Cyberoam has rolled out a program to recruit, appoint, and develop the skill-sets of the existing partners of VMware and Microsoft. "We have a readymade customer-base due to our expertise in software," says Sharma.

Though there is an uptick in virtual UTM, its growth hasn't really picked up. "We expect virtual security appliances to pick up by the second half of 2013. However, we have the roadmap ready and partners trained to traverse ably on this path," says Puri. But the general consensus is that, within the security firewall space--from a datacenter perspective--across enterprise and commercial segment, the market is maturing and accommodating virtual security.

In the commercial segment, which is more fragmented, channel partners will have to put solutions together. "Today, security appliances that are software-based need to deliver performance and ensure ease of management to customers. With more products than anyone else, we are no longer a 'security box company', but a security solution provider. I believe this would be great for channel partners," says Dhawan. Cyberoam's Sharma agrees.

"Security itself is a specialized domain and virtual UTM partners have more command over customers. Wherever there is a virtual instance, it is easier to manage a software-based appliance in the domain that offers better performance and channels can get a subscription model," he says.

Wait and Watch

But for security appliances to be a ubiquitous part of an organization's infrastructure, CIOs need to participate in the process. Are they? "A big question for CIOs is: Who buys and maintains security operations or virtual systems operations? If the main driver for moving to virtual firewalls is business agility, then it would make sense for virtual systems teams to own such technologies," says Gartner's Ahlm.

"However, for some security teams, this creates a separation of duties. CIOs will need to find the balance between security and business operations," he adds. When it comes to verticals, education and manufacturing are expected to maintain a low profile. But most other verticals can be expected to add virtual UTM to their architecture in the next couple of years.

"We have seen server virtualization across enterprises, but the client-to-Internet-mode is rare in the VM environment," says Ramsunder Papineni, Regional Director-India & SAARC, FireEye. FireEye specializes in protecting customers when communicating through e-mail or the Internet. "Virtualization has not come into this space. So, bulk of our sales today is made by selling physical appliances," he says.

Another important segment in India is SMBs. They contribute nearly one-third to the UTM market's revenues, according to strategy consulting firm AMI-Partners.

So, will SMBs prefer physical security appliances or would they hop on to the virtual appliance bandwagon? Puri believes it'll be the former. "SMBs and the lower mid-market still focus on physical security appliances as they are yet to traverse the virtualization path," he says.

AMI's study also revealed that Indian SMBs are attracted to the multi-functional all-in-one-box type of security applications which include end-point security, secure Web, and mail gateway.

"SMBs are sticking to physical UTM, but as they utilize the benefits of cloud and virtualization better, they will move to virtual UTM," says Sharma. But, Dhawan believes there will be two kinds of SMB customers. "One is the typical appliance-based and the other will be a software-based subscription model. We firmly believe in the second model," he says, adding that all three models--appliances, software-based, and VM-based models--will exist for different segments.

Cisco understands the importance of the SMB market. It is already providing comprehensive partner training programs which cater to high-end virtual security for the SMB sector. Companies slowly have to choose between the old and the new, which could mean the gradual demise of the physical appliance. But, much like in the case of the hybrid cloud, the physical and virtual world of security will have to co-exist.

When the virtual mode takes shape, we will definitely be leading the charge as we keep pace with changing technology and customer requirements at all times, says Papineni at FireEye.

"Twenty to 30 percent of organizations might shift to the virtual mode by 2015 but 70 percent of the market will still rely on physical security appliances," says Cyberoam's Sharma.The fact is that the jury is still out, but the move to the virtual world has begun.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about CiscoCyberoamFireEyeGartnerJuniperJuniperMicrosoftVMware AustraliaWatchguard

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Yogesh Gupta

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts