Analysis: Hybrid security here to stay

The market for on-premise, end-point security software is unlikely to be displaced by a growing focus on security in the cloud, industry experts say.

According to Gartner security analyst Rob McMillan, virtualisation and cloud computing were driving an evolution in enterprise security demands.

He likened the shift to the advent of the internet, which came with greater information flow - and security risks - than ever before.

"We're at a cusp of major change in how IT services are delivered," McMillan said, acknowledging the growing role of cloud security in enterprise defence in depth strategies.

"As we start to deliver of user interfaces from the cloud, protection mechanisms will move to stay close to those delivery mechanisms."

Security vendors appeared to be bolstering their cloud portfolios in recent years, with Symantec acquiring hosted security vendor MessageLabs in 2008 and Webroot acquiring Prevx last month.

Symantec Hosted Services' ANZ regional director Keith Buckley highlighted the uptake of security as a service as one of the company's key predictions for 2011.

Buckley expected cloud-based storage to improve organisations' control of increasingly mobile, consumerised IT environments.

Meanwhile, Webroot currently offered around 30 percent of its security solutions from the cloud, but hoped to increase this to 90 percent within the next three years.

The company's chief marketing officer Chris Benham said it planned to integrate the two companies, although it would continue to offer both cloud-based Prevx and on-premise Webroot products.

"We believe, at least for the foreseeable future, [that] we won't have 100 percent of all security in the cloud," he told iTnews. "We believe that this approach is as simple as it can get."

While a multi-layered security market that included both cloud and on-premise solutions may appeal to vendors with shareholder interests at heart, Gartner's McMillan said security procurement was a balancing act between cost, convenience, and risk.

For small to medium businesses, he said all-in-one, unified threat management (UTM) solutions would likely provide "protection for fairly small outlay".

Fortinet, Check Point and WatchGuard were among the top performers on Gartner's October 2010 magic quadrant for the US$1.5 billion UTM market.

Gartner described UTM products as "Swiss army knives" with various components, several of which - including e-mail security, web application firewalls and data loss prevention - were rarely enabled.

The firm reported that the most important UTM features were: firewall functions; remote access and site-to-site VPN support; web security gateway functionality; and network intrusion prevention.

Although "necessary may not be the right word" to describe a hybrid security environment, McMillan said enterprise IT demands tended to be too complex to be met by all-in-one installations.

Gartner expected the UTM market to remain squarely focused on midsize businesses, while banks, energy providers, government agencies and other large organisations opted for security cocktails.

"The use of cloud is on the increase; [so] we'll probably see more security services appearing in the cloud," McMillan said.

"But there is still going to be physical infrastructure that will need to have some form of protection" as users took their devices outside of the corporate network and accessed files on portable storage, he said.

Looking forward, McMillan expected the end-point security market to favour "lighter-touch solutions than what we've seen so far".

"We are very likely to see an evolutionary phase in the next few years," he said.