Analyst Letter & Report Highlights
Dear Colleague:
If you're puzzled about the kinds of cyber solutions your enterprise needs, you're not alone.
Market confusion abounds today over what constitutes a truly "advanced cyber security system", especially for enterprises with large scale, always-on networks.
It's mainly a can't-tell-the-forest-from-the-trees problem. Security users -- even savvy systems integrators -- look at the cyber security solutions market and see a bewildering array of products that are seemly disconnected with one another.
Of course, a key reason you're befuddled is that cyber defense constantly evolves to meet new threats. And because cyber criminals are ever-elusive and adaptive, cyber defense systems must also adapt and absorb new functions and solutions.
Almost by definition, then, cyber security is a highly dynamic marketplace -- the polar opposite of a mature market like enterprise CRM where an Oracle or SAP can stake out a magic quadrant position and dominate.
Leadership in the cyber security solutions business is a far more fickle thing.
For example, the most dangerous cyber threat today is the botnet-based attack that spawns Denial of Service (DoS), data theft, and malicious spam. But where were botnets three years ago? They were relatively unknown -- which means a lot of recently purchased security solutions are in place that weren't designed with botnets in mind.
Untangling Cyber Security Solutions for Large Enterprises
Hello, this is Dan Baker, Research Director of TRI, and I'm pleased to say that our new 188-page research report delivers the kind of in-depth analysis on cyber security technology and vendor players that's been missing up to now.
Four months of research in the making, our new study, Advanced Network Security Solutions for the Large Enterprise, shows how you and your company can find the best the solutions, understand how the diverse solutions fit together into a full security system, and -- if you're a solution vendor -- avoid excursions into solution areas that are either too competitive or too specialized to attract enough large enterprise security clients.
The premise of our research was to scan the horizon for innovation and talk to key solution vendors large and small who serve many clients and are pioneering the newest technologies and techniques.
As you'd expect, we covered the big solution categories such as Security Information and Event Management, (SIEM), and Intrusion Prevention Systems, (IPS). But, in search of the latest advances, we spent equal time looking at not-so-mainstream solution categories such as Security Posture Management, Network Behavioral Analysis, Data Capture and Replay, Data Loss Prevention, Denial of Service Mitigation, and other product categories.
For our product analysis, we held conversations with 16 leading cyber security solution firms and we've analyzed those companies and their solutions in detailed profiles that average 7 pages of analysis per company.
Highlights of the Study
Here are some highlights from our research study:
- Cyber Attacks Gain in Sophistication: In today's era of distributed cyber attacks, it's the sophistication of attacks that have greatly increased. If yesterday's perimeter defense was like guarding the walls of a feudal castle, then the modern threat is akin to modern warfare with its helicopters, coordinated attacks, and clandestine attacks from within.
- Need for a Broader Network Security Perspective: Verizon published a security report saying that 66% of initially undetected cyber crimes were fully recorded in the firewalls, suggesting that threats must be analyzed from a more global versus local perspective. In other words, analyzing the impact of seemingly unconnected network events becomes as valuable as basic intrusion prevention.
- Network Simulation Software now Critical: The value of network simulation has become vital for security readiness. An organization with 1000 employees would have over a million links between any two end-users. This software could take the network configuration files and simulate the network connections.
- Security Posture Management uses the above-mentioned simulation software to check the actual access between any two endpoints on the network against the access that was intended and expected by the network operator. This way security breaches, most often caused by a device mis-configuration, are discovered.
- Security from the Inside Out Through NBA: Security is traditionally conceived as guarding attacks at the perimeter, but there's a major trend today toward greater managing security inside the perimeter. This is why Network Behavior Analysis, (NBA), which watches traffic at various points inside the network and compares that traffic to a long-term baseline it has calculated, is of growing importance. It can detect the slow theft of data, as well as fraud, it also provides network planning and intelligent network management functions.
- SIEM Super Fast Correlation and Reduction of Events: The latest SIEM advances are amazing. With fast, proprietary databases, real-time security event viewing is now possible in networks that had up to 400,000 security events per second. More amazingly, centralized correlation done by SIEM can reduce the number of events from 20 million to 1-2 thousand serious ones.
- DPI Cleaning of Traffic during a Denial of Service Attack: Network intelligence from Deep Packet Inspection, (DPI) technology is powerful and gaining wider use in both security and traffic management applications. Using DPI, it's possible to clean traffic during a Denial of Service attack and discard the malicious data and forward on the legitimate business traffic so the website stays up and running.
- Combining Security Capabilities: TRI feels that cross-solution techniques should yield additional benefits. For instance, fast capture and replay capabilities can be used to further refine the perimeter defenses. Another example: comparing the way a network ought to behave using the simulation abilities of SPM, to the way it is actually behaving as measured by NBA would allow better detection and network management.
The Report's Value to Your Organization
The trends just discussed are a just a few highlights of the analysis shown
in our full Report.
Whether you're a security or IT executive aiming to improve your security revenue management
or a supplier delivering solutions, the Report
will help you discover:
- What are the most important security solution priorities?
- Which solution success strategies can you adopt at your own organization?
- Which vendors address the many different product and service areas in ?
- Which solution vendors have the right background and market experience to partner with?.
- What emerging trends and industry requirements can your organization capitalize on?
Besides its sweeping coverage of security solution trends, the Report provides
quantitative data on the individual vendor companies, the size of industry
segments, and 3-year forecasts. The quantitative data is presented in
Excel sheets with pivot tables to let you view the market segments you're interested in.
Please scan the full table of contents and descriptive web pages here. You'll see why this
report delivers the tactical and strategic information you need to fully
understand where advanced network security solutions for large enterprises are headed.
To access this market intelligence today, contact us at +1-570-620-2320.
Sincerely,
Dan Baker
Report Author & Research Director, TRI