With internet penetration continue to grow in future network security will be focused topic of enterprises. Therefore, network security players can forecast huge business growth and prospects in the enterprise security space in India in coming years.
Today organisations are looking for an integrated and unified approach to network security. They want to unify the management of all of these different security and productivity technologies into one unit. This is where UTM comes in.
UTM is an emerging trend in the firewall appliance security market, an evolution of the traditional firewall into a product that not only guards against intrusion but also performs content filtering, spam filtering, intrusion detection and anti-virus duties traditionally handled by multiple systems.
The fast-evolving information security market is leading the changing trends in the types of security solutions enterprises require. Considering increasing number of cyber threats and rising enterprise demand for mobility, vendors are now offering advance UTM appliances. UTM has extended its reach across SMBs, mid-market and enterprises. At present, UTM products embrace the feature set of many other network security solutions, including Next-generation firewalls (NGFWs), secure Web gateway and secure email gateway. Among all NGFWs have potential to dramatically change the network security landscape. As traditional firewalls primarily focus on limiting access based on ports and protocols, enterprises are rapidly moving toward NGFW for complete network security.
The total security appliance market showed positive growth in both vendor revenue and unit shipments for the fourth quarter of 2016 (4Q16). Worldwide vendor revenues in the fourth quarter increased 12% year over year to $3.3 billion, and units showed an all-time record high in shipments for a single quarter with 781,838 units and 24% annual growth. For the full year 2016, worldwide security appliance revenue increased 9.7% to $11.6 billion when compared to 2015, while worldwide unit shipments increased 18% for a little over 2.7 million units shipped in 2016, according to the International Data Corporation (IDC) Worldwide Quarterly Security Appliance Tracker,
The trend for growth in the worldwide market driven by the Unified Threat Management (UTM) sub-market continues, with UTM almost tripling its size over the last five years reaching record high revenues of $5.7 billion for 2016 and year-over-year growth of 17.3%, the highest growth among all sub-markets. The UTM market represents today almost 50% of the worldwide revenues in the security appliance market. The Firewall and Content Management sub-markets also had positive year-over-year revenue growth in 2016 with gains of 10.4% and 4%, respectively. The Intrusion Detection and Prevention and Virtual Private Network (VPN) sub-markets experienced weakening revenues in 2016 with year-over-year declines of 4.8% and 4.3%, respectively.
Trends in UTMs and Firewall Space
According to Sunil Sharma, Vice President, sales, Sophos, India & SAARC, the UTM market at more than US$1.5 billion in 2013, growing at approximately 15 % CAGR every year. The next gen firewall market viewed separately – which probably should not be the case- makes it a colossal US$3 billion market.
The problem in today’s networks is compounded by the proliferation of point security products embedded across the distributed network. The tendency as our networks become more complicated is to add new security devices to an already overburdened wiring closet. But the truth is that complexity is the enemy of security. Siloed security solutions with separate management interfaces and no meaningful way to gather or share threat information with other devices on your network are only marginally useful. The truth is, many new solutions never actually get fully deployed because there simply isn’t enough manpower to assign to installing, managing, optimizing, and updating another complicated device. Instead, the response to increasingly complicated networked environments needs to be simplicity. Securing these evolving environments requires three things: Networks need to be intelligently segmented into functional security zones. End to end segmentation, from IoT to the cloud, and across physical and virtual environments, provides deep visibility into traffic that moves laterally across the distributed network, limits the spread of malware, and allows for the identification and quarantining of infected devices. Local and global threat intelligence needs to be shared between security devices, and a coordinated response between devices needs to be orchestrated centrally. A centralized security policy engine that determines trust levels between network segments, collects real time threat information, establishes a unified security policy, and distributes appropriate orchestrated policy enforcement. Fortinet’s Security Fabric integrates technologies for the endpoint, access layer, network, applications, data center, content, and cloud into a single collaborative security solution that can be orchestrated through a single management interface,” said, Jitendra Ghughal, Director, Channels, India & SAARC, Fortinet.
“Cyber security is indeed one of the most alarming issues today, especially in the context of ‘smart cities’ and networks that are connected across the country. Computer networks have always been the target for notorious cyber criminals. With such progress around building infrastructure for smart cities of the 21st century, it would be a mistake for the government and organizations to underestimate the damage of cyber breaches, and for vendors as well as partners to not recognize the demand of the hour and innovate. Today, cybercriminals leverage and exploit a variety of threat vectors, including email, network traffic, user behaviour, and application traffic, to insert ransomware. Protecting yourself from a vulnerability through one of these vectors is a good start, but without a comprehensive security strategy that secures all vectors, from all the advanced threats, you are almost certain to fall victim. Hence, with the rising cyber security attacks, the need of firewalls is also increasing. On this, Barracuda offers a collection of security technologies that are implemented along the paths where attacks occur. Our Advanced Threat Protection (ATP) security includes anti-virus and anti-malware, signature based and heuristics analysis, and advanced sandboxing technologies to mention but a few. These security mechanisms share threat intelligence across Barracuda’s security portfolio, ensuring protection against all threats, no matter the threat vector they exploit first – including ransomware and other advanced threats. Barracuda network security solutions such as the NextGen Firewalls protect organizations against exposure to web-based attacks and keeps threats out by scanning downloads for malicious content (ATP),” elaborated, Anshuman Singh, Senior Director Product Management, Application Security, Barracuda Networks.
“As India moves towards digital economy, cyber-crimes are on the rise and attacks are becoming more sophisticated and persistent. Perimeter of business boundaries is evaporating leading to a higher risk to data and intellectual property. Enterprises in India are looking for innovative security solutions which can protect their data and provide comprehensive security solution which is easy to manage. Requirement for UTM and Next Generation Firewalls are on the rise as they provide integrated, scalable and affordable solution and do not require expertise to manage them,” concluded, Sonit Jain, CEO at GajShield Infotech.
Demand of UTM
“These days, companies have to deal with a growing list of issues that put tremendous strain on their security capabilities, including the Internet of Things, virtualization, SDN, a growing portfolio of interactive applications, and transitioning to cloud-based networking. They also have employees who expect to be able to access work applications and data from anywhere, at any time, and on the same device they use to manage their personal lives. Networks have evolved to accommodate these new requirements, becoming more complex, flexible, and powerful. At the same time, securing them has become a lot more complicated. Organizations can’t just keep adding new, siloed security solutions that don’t talk to other devices on their network, and that require separate management and collaboration tools. In many cases, this inability to share threat intelligence or synchronize a response to threats is actually making response times slower. What organizations need today is a collaborative system of tools that work together to monitor their network, share information, and respond to threats no matter where they occur,” said, Ghughal of Fortinet.
“Fortinet has always been known for our powerful security appliances. And now, the Fortinet Security Fabric allows us to take all of those tools and integrate them into a single, interactive security framework. This collaborative ecosystem not only integrates Fortinet’s own extensive portfolio of security and networking technology together, but also includes third-party partners in cloud, software-defined networking, sandboxing, testing, security information and event management (SIEM), and Single Sign On technologies, as well as support for the services provided by our worldwide family of channel partners,” added, Ghughal.
“Cyber threats are constantly evolving, which requires that consumers be especially vigilant in preventing such attacks. Polymorphic attacks continue to be highly effective as they have for many years. In that respect, it is highly difficult to predict what the next type of attack will be. What is more important is to have the right type of defences in place to deal with them effectively as they happen. This requires that customers protect themselves from all threats across all threat vectors. Ransomware and Phishing attacks across the world are also on the rise. Security analysts predict an average of 200 new variants of Ransomware per quarter with no signs of slowing well into 2023. According to the latest APWG report, the total number of phishing attacks in 2016 was 1,220,523, a 65% increase over 2015. Cybercriminals are increasingly using ransomware to attack Indian firms and entities. India ranks amongst the Top 5 countries in terms of ransomware attacks. The number could be much higher as many organizations do not come out in the open fearing loss of trust amongst clients and loss of future business. This increase in security attacks has led to the demand of robust security products/infrastructure,” said, Singh of Barracuda Networks.
“Demand for security products is already on the rise as enterprises understand the risk they carry by exposing their data. Government regulations and clear guidelines for breach reporting, will further boost the demand for security products. Incentivising industry to adopt cyber security and risk management in each organisation will help in improving security on the whole,” pointed out Jain of Gajshield.
“India’s economic outlook is quite promising. With multiple government programs to support businesses at micro and macro levels, flourishing trade and the diminishing digital divide, makes it important for businesses to protect themselves from cyber threats and creates a healthy market to work in. The fact that India is amongst the top 5 countries more vulnerable to cyber-attacks according to a recent SophosLabs survey, re-instates the need for Indian businesses to deploy efficient IT security solutions. Moreover, digital advancements like cloud, IoT and BYOD is throwing open a new set of issues for businesses to tackle. As technologies advance and more number of devices get connected to the internet, bigger the need for IT security products. Sophos is poised to address this growing need for IT security by providing security that is simple, comprehensive and works together as a system to combat today’s sophisticated and coordinated cyber-attacks,” concluded, Sharma of Sophos.
SMB & UTM
“SMBs do not have dedicated resources to manage their security. They need solutions which understand their security requirement, especially data protection, are easy to manage and affordable. Next Generation Firewalls and UTMs provide a tightly integrated multi-layered security which may include Data Leak Prevention, Security for Roaming users, application security, BYOD security and content security. These solutions can be easily deployed and scaled. With increase in processing speed, security companies are able to integrate additional layers of security, thus providing holistic and simplifying security deployments,” said, Jain of Gajshield.
“It’s our mission to provide enterprise grade IT security solutions to the mid-market enterprises and the channels that serve them. The mid-market is usually struggling with resources that can manage enterprise grade products. Keeping this in mind, at Sophos, we have tried to make our security simple to use and manage while they combat complicated, sophisticated threats in the background. Our UTMs and Firewalls are backed with our patented user based layer 8 technology that protects the weakest link in the system, the individual. With on the box logging and reporting IT managers can get logs and reports that give real time updates. With an ability to scale up without investing in hardware, easy cloud manageability and access from anywhere, we bring enterprise grade security to the mid-market at an economical cost. With our products being backed by the intelligence of SophosLabs, we are constantly monitoring millions of pieces of malware that could cause potential damage to business and release real-time patches to close all security backdoors for the hackers. Who can give the mid-market such protection, but us,” said, Sharma of Sophos.
“UTM continues to be the best security option for SMBs who have limited resources along with budget constraints though they share the same level of threats as enterprises. But unfortunately, many enterprises continue to rely on security strategies developed decades ago that can no longer support the ever-increasing speed of business. Unlike platforms loosely coupled at the management level, Fortinet’s Security Fabric weaves together highly sophisticated hardware and software, enabling direct communication between solutions for a unified and rapid response to threats. By transitioning to a truly integrated security fabric based on open standards allows solution providers to maximize their client’s existing investments in security technologies. Partners can enable game-changing integration, synchronization, and automation by pulling all of these tools together. Fortinet’s well-defined, open API approach allows technology partners to become part of the Fortinet Security Fabric at critical interaction points, including at the hypervisor, the SDN orchestration controller, in the cloud, in the sandbox to detect day-zero threats, at key connection points between network segments, and through holistic logging and policy management. And integration goes beyond simply allowing third-party solutions to collect or redirect data and traffic. Alliance solutions that integrate with the Fortinet Security Fabric are able to actively collect and share threat information and mitigation instructions in order to improve threat intelligence, enhance overall threat awareness, and broaden threat response from end to end. It’s really unprecedented in the industry,” said, Ghughal of Fortinet.
Opportunities for Channel
“Sophos is doing something that has never been done in the IT security market: We are succeeding at being a leading provider of both end-user security and network security. And we’re now leading a new wave of security innovation that we call synchronized security, that, for the first time allows endpoint and network security products to actively and continuously share threat intelligence with each other to effectively protect against today’s sophisticated threats, in a manageable way. Our exclusive and successful ‘Channel First’ sales strategy has enabled us to deliver our unique product offerings to businesses worldwide. We drive all our billings through the 2000+ strong channel partners in India and SAARC (vs. other security players who sell through multiple channels, resulting in inevitable conflict and confusion.) Irrespective of business size, the channel remains the backbone of our business operations,” said, Sharma of Sophos.
“Fortinet is a 100% channel driven company and because of its critical and complex nature, security continues to be one of the largest opportunities for the channel. Partners who can plan, design, deploy, and optimize an integrated security offering are finding a growing demand for their skills. By tying traditional security appliances and emerging technologies together into an integrated security fabric, partners can help their customers collect and respond to more actionable intelligence, synchronize threat responses, and centralize the creation, distribution, and orchestration of their security management and analysis. This broad visibility and open-standards approach provided by the Fortinet Security Fabric allows solution providers to implement more automation to focus on the alerts that really matter. The Fortinet Security Fabric and the Fabric Ready Partner program is really resonating with our partners and we have been receiving very positive feedback from both our partners and their customers on a daily basis. They feel that this new integrated technology approach allows partners to really give their customers a better experience. The Security Fabric has truly begun to drive long-needed innovation in network security, and is redefining how partners and customers look at network security,” elaborated Ghughal of Fortinet.
“Channels play a critical role in the decision-making process of IT procurement in SMEs. Channels landscape in India has changed from being box-pushers to solution providers. With fast sale cycle, high margins and success rate, they find security business very attractive. Enterprises too are looking for consolidating multiple solution providers as channels are quickly adapting by adding security products in their portfolio of solutions,” concluded, Jain of GajShield Infotech.
“Barracuda is committed to R & D to drive growth supported by creativity and innovation. In fact, Barracuda leads in its investment in R&D (research and development). Barracuda has announced a number of firsts, including being the first major security appliance vendor to tackle the image spam problem with an integrated optical character recognition engine, the first to announce PDF spam protection, and the first to implement Predictive Sender Profiling techniques such as multi-level intent analysis to combat the latest forms of spam. Over the years we have realized that for us to secure the customers we need to offer solutions that are effective not for specific types of threats but look more broadly at threat vectors. Security mechanisms need to evolve and newer capabilities have to be layered in and all these capabilities cannot be built into one appliance. Thus, all our products incorporate state of the art security capabilities in them and further augment those capabilities by additional layers of protection offered by the Barracuda Cloud,” said, Singh of Barracuda Networks.
“GajShield¹s Context based Data Leak Prevention, Cloud Security for roaming users, BYOD security provides a holistic security to enterprises, by not only providing security to their network, but more importantly, their data and intellectual property. GajShield¹s context based Data Leak Prevention system understand web application by creating context which helps an enterprise to setup policies based on the web applications instead of IPs, Usernames which have no relevance to the above application. GajShield enriches user experience for Internet access, while providing risk mitigation and policy enforcement for CEOs and CISOs through its in-the-cloud service for roaming users. GajShield solutions are easy to deploy and multiple deployments can be managed using its Centralised Management System. Thus, providing comprehensive security at an affordable price,” said, Jain of Gajshield.
“Unlike other vendors, we are focused to provide ‘complete security, made simple’ to the mid-market, which is quite a differentiator on its own. Simple and comprehensive security is critical for mid-market enterprises who face many of the same IT security threats as larger organisations, but do not have access to the same level of financial and IT personnel or resources. Sophos is a leading provider of both end-user security and network security, with a proven business at scale in each. Sophos recently introduced its synchronized security strategy which allows endpoint and network security products to directly share threat intelligence to more effectively protect against today’s sophisticated threats. At the heart of our solutions is Sophos Labs, a 24-hourthreat research and intelligence centre, providing real-time cloud-enabled security intelligence that updates our products multiple times each day. Sophos aggressively leverages cloud computing technologies to both manage and deliver security more effectively. Cloud computing is at the heart of SophosLabs, the security intelligence foundation for Sophos. We love to make next-gen IT security, simple,” explained Sharma of Sophos.
“Fortinet’s Fabric Ready Partner Program brings together best-in-class technology alliance partners. But unlike those other approaches, Fortinet’s approach actually allows these partners to deliver pre-integrated, end-to-end security offerings ready for deployment. Fabric-Ready partners are a key part of the Fortinet Security Fabric, enabling Fortinet and partner products to collaboratively integrate to provide true end-to-end security. Alliance solutions that have been integrated with the Fortinet Security Fabric are able to actively collect and share threat and mitigation information to improve threat intelligence, enhance overall threat awareness, and broaden threat response across the entire distributed network. Customers especially benefit from these joint solutions and applications as they are pre-integrated, saving them time and resources in deployment, operations, and ongoing management and support,” said, Ghughal of Fortinet.
“ And for our channel partners, extending the functionality and intelligence of the Fortinet Security Fabric vision with an open and cooperative ecosystem of partner solutions means they can more easily. Bundle, sell, and deploy solution sets without the burden of significant costs and resources usually required for validating technology integration when delivering multi-product, multi-vendor solutions to customers. Provide customers with solutions that have faster time-to-deployment, coupled with reduced operational expenses and technical support costs,” concluded, Ghughal of Fortinet.
“Sophos continues to drive its cloud-enabled competitive advantage, adding key capabilities and products to its single, integrated cloud-based management and reporting platform. Also, with the acquisition Invincea, we are aiming to strengthen our end point security portfolio, powered by machine learning. With new enhancements to our partner-centric management console, channel partners are able to more easily drive up-sell and cross-sell, as well as manage, update and configure their customers’ solutions remotely, thereby reducing overhead and business expense and improving their profit margin. We will continue to innovate and bring to market enterprise grade IT security for the mid-market enterprises. Stay tuned,” said, Sharma of Sophos.
“Overall, we will be focusing very strongly on the Fortinet Security Fabric story with a go-to-market approach by broadening our scope across vertical segments. Specifically, we are going to work on verticals in three ways. Firstly, expand our industry vertical focus to BFSI and IT/ITES segments. Secondly, identify a set of strategic partner accounts with whom we can work on certain niche markets with the broad solution set that we have. Thirdly, enroll wireless specialist partners and work with these partners to grow our wireless solutions exponentially,” said, Ghughal of Fortinet.
“Our future plan for Barracuda is to continue building the Barracuda brand, end customer market and the channel community. We also want to continue building a team to focus on a hybrid model which will work with the partners and with end customers. Going forward our focus will be on to sell strategic solutions like WAF, Message Archiving and Next Generation Firewall to large enterprise businesses. We want to power our channel community even further. India is a high potential market for the entire portfolio of products and we will continue to invest locally as the business grows,” said, Singh of Barracuda Networks.
“GajShield will be launching its certification program for channel engineers. It will help them to be up-to-date to latest trends in threats, and provide them the security skills to gain expertise in this space. GajShield will also be conducting channel and customer engagement programs across cities in India. Newer products and features are planned to be launched in the coming quarters,” concluded, Jain of GajShield Infotech.
UTM market is increasingly becoming competitive with a diverse mix of small and large vendors. Although most of the UTM appliances available in the market perform multiple security functions, organizations are still unable to leverage all the benefits from it. The vendors need to evaluate the products based on the organization’s requirement. For example the features such as built-in secure wireless LAN support are not highly valued in large enterprises as compared to that in small and mid-sized businesses. Also, the vendors need to focus on integrating other features such as email security, web application firewalls, or data loss prevention on unified platforms.
Mr. Sunil Sharma, vice president, sales, Sophos, India & SAARC
“Sophos is doing something that has never been done in the IT security market: We are succeeding at being a leading provider of both end-user security and network security. And we’re now leading a new wave of security innovation that we call synchronized security, that, for the first time allows endpoint and network security products to actively and continuously share threat intelligence with each other to effectively protect against today’s sophisticated threats, in a manageable way.”
Mr. Jitendra Ghughal, Director, Channels, India & SAARC, Fortinet
“UTM continues to be the best security option for SMBs who have limited resources along with budget constraints though they share the same level of threats as enterprises. But unfortunately, many enterprises continue to rely on security strategies developed decades ago that can no longer support the ever-increasing speed of business.”
Mr. Anshuman Singh, Senior Director Product Management, Application Security, Barracuda Networks
“Cyber threats are constantly evolving, which requires that consumers be especially vigilant in preventing such attacks. Polymorphic attacks continue to be highly effective as they have for many years. In that respect, it is highly difficult to predict what the next type of attack will be. What is more important is to have the right type of defences in place to deal with them effectively as they happen. This requires that customers protect themselves from all threats across all threat vectors. “
Mr. Sonit Jain, CEO at GajShield Infotech
“Enterprises in India are looking for innovative security solutions which can protect their data and provide comprehensive security solution which is easy to manage. Requirement for UTM and Next Generation Firewalls are on the rise as they provide integrated, scalable and affordable solution and do not require expertise to manage them.”