It has been eight years since a well-known technology research company declared intrusion detection/prevention systems (IDS/IPS), those sentinels at the edge of the network that scream out alerts every time they think they see bad traffic masquerading as allowed flow through the firewall, a market failure. Scoring 10th (IPS) and 16th (IDS) on the Heat Index (a relative measure of user demand) for the Wave 14 Security Study, and sitting at a healthy 70% implemented in enterprise environments, the death of IDS has been greatly exaggerated.

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

Market share, intrusion detection systems.

Intrusion detection systems stand at 70% in use with 15% of respondents reporting implementations in their plans. Intrusion prevention systems are at 60% implemented, with 13% stating that implementations are in their plans. Spending holds steady, with 71% maintaining their spending level and 17% anticipating a greater level of 2011 spending. The sweet spot in pricing and implementation falls under $100,000, with 30% spending between $100,000 and $500,000 on their implementations.

Two of the problems identified nearly a decade ago, cost and throughput, continue to be an issue according to user narratives:

• “IDS/IPS in-line – the price point to have a certain level of performance is very high.”
• “Opex this year as we move from NIPS to NIDS – it’s a bandwidth issue. We’re increasing bandwidth pipes, and IPS is less effective and creates problems. Moving to IDS and go on alerts vs. blocking.”

The original postulate that many of the functions of the IDS would be subsumed into other edge equipment including the firewall also still holds water for some IT managers:

• “I’m not spending anything directly on IPS/IDS – it’s in the firewall.”

And a number of firms have moved to managed services offerings:

• “We have a package deal with IBM for security – vulnerability management, NIDS/NIPS, etc. – and that’s about $3 million a year.”

All that said, the product vertical is still going strong in enterprises, with winners and losers being enumerated as we continue to study the results of the Wave 14 Security Study:

• “Since TippingPoint was acquired by 3Com, then HP, there have been some support issues.”
• “I like the Sourcefire IDS.”
• “I really like Sourcefire! They have an event classification within an IDS product. Compared to their competitors, they use open source rules. TippingPoint or Cisco, you can’t do that. Sourcefire has a great management console as well. I can’t think of any weakness since they fixed the backup issues.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

• HP is highly rated by networking professionals that self-select to rate it among 14 business and technology relationship criteria, including product quality and reliability.
• While HP has a strong presence as a network management provider, it has struggled to challenge Cisco as the top provider of Ethernet switching and routing.
• The purchase of 3Com provides access to a strong Asia market and instant credibility in the region, which could benefit HP’s other product lines.
• Until now, HP was not a strong player among providers of networking security products and services. With the 3Com acquisition, HP will now hold the TippingPoint intrusion detection/prevention product. While this 3Com product is already highly rated, several users will appreciate the additional heft that HP can put behind it.

Additional questions remain in evaluating HP’s purchase of 3Com, including whether HP will integrate the products into the ProCurve line or keep them separate. Has HP agreed to pay too much for the asset, and as a result, will it need to strip too much expertise out of 3Com to make the purchase work financially? The answers to these questions may not become evident for some time, but in the interim it appears that HP has scored an international distribution channel and a well-respected security product.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Increasing plans to adopt service-oriented architecture (SOA) will influence which security hardware, software, and services will be purchased within both Fortune 1000 and Midsize Enterprise Organizations

NEW YORK, NY, November 25, 2008 – TheInfoPro (TIP), an independent research network and leading supplier of market intelligence for the Information Technology (IT) industry, today announced that, according to its newly published Wave 10 Information Security Industry Profile Report, enterprise organizations indicate increased plans to implement SOA for software applications development and operations within the next 12 months. In addition, these organizations indicate that their SOA use policy will have an influence on their security procurements.

To view a rich media presentation of findings, visit: http://www.brainshark.com/theinfopro/infosec-pr2

Within Fortune 1000 (F1000) organizations, nearly 70% of the respondents indicated that they either have SOA in use, or have plans to adopt it in the future – with close to 40% of those organizations citing that their SOA use policy will have an influence on their security procurements in the next 12 months. Among Midsize Enterprise (MSE) organizations, adoption is much slower, as only 36% of organizations indicate that they have SOA in use or in plan. Twenty-four percent (24%) of those MSE organizations cite that the policy will influence their security purchase.

“The use of SOA may make applications more susceptible to security breaches unless security requirements are taken into account from the beginning of implementation,” said Bill Trussell, Managing Director of Security Research for TIP “Therefore, it is not surprising that the implementation of an SOA policy will begin to have a profound effect upon those technologies that Security pros are purchasing to create a fully secure and compliant environment”

The Wave 10 Information Security Industry Profile report was compiled based on over 200 one-on-one interviews with Security professionals at F1000 and Midsize enterprises in both the U.S. and Europe. This report provides details about current and planned IT budgets, the Security organization, and many other high-level industry topics. Technology providers that were mentioned throughout the entire Wave 10 study include: 3Com, Aladdin, Amorize Technologies, Application Security, Inc., Applied Identity, ArcSight, Aruba Networks, Autonomic Networks, Aveksa, BigFix, Bit9, BitArmor, Blue Coat, Brabeion, CA, Check Point, Cisco, ConSentry Networks, ControlPath, CRYPTOCard, Dell, e-DMZ Security, elQnetworks, EMC, Enterasys, Exostar, F5 Networks, Finjan, Fortify Software, Guardian Digital, HDS, HP, IBM, Imperva, Juniper, Kaspersky Lab, Lancope, LogRhythm, Mazu Networks, McAfee, Microsoft, Mobile Armor, neteXpose, NetWitness, NitroSecurity, Novell, OPX, Oracle, PacketMotion, Palo Alto Networks, PerSay, PGP, Ping Identity, Psylook, RedSeal Systems, Qualys, Rohati Systems, Safeend, Secouris, Secure Computing, Sophos, StillSecure, Sun, Symantec, Trend Micro, Varonis, Verdasys, VeriCode, Voltage Security, Websense, WhiteHat Security, Xoeedium

About TheInfoPro
TheInfoPro (TIP) is the only independent research network for the Information Technology (IT) industry. Created in 2002 by alumni of Gartner, EMC, Giga, and Bell Labs, TIP investigates key IT sectors – Networking, Information Security, Servers, Storage, and Sourcing – via a comprehensive in-depth interview process. Through a peer network of over 1800 of the world’s largest buyers and users of IT – including Citigroup, FedEx, McGraw-Hill, MasterCard, and Harvard University – TIP delivers detailed budget, vendor performance and technology roadmap data without spin or bias. Known as the voice of the customer, TIP helps IT professionals, technology providers, and institutional investors make sound decisions on technologies, vendor relationships and investments. To learn more, visit www.theinfopro.net or call 1-212-672-0010

# # # #

Possibly Related Posts:

• Spending on Information Security Continues to Outpace the Rest of Corporate IT According to Latest Bi-Annual Study of the Global 2000 by TheInfoPro
• Enterprises Report that Internal Change & Learning are the Biggest Roadblocks in Moving to Cloud Based IT Infrastructures
• Latest IT Market Study From TheInfoPro: F1000 Enterprises 2011 Storage Spend Continues at a Strong Pace
• TheInfoPro Server Study: Operational Efficiencies, Not Compensation, Give Larger Organizations Cost Advantage Over Midsize Companies
• Fortune 1000 and MidSize Enterprise Organizations Say Immediate Spending Includes Telepresence and Unified Communications

New Research from TheInfoPro Shows That Organizations Are Placing More Emphasis on Their End Users’ Network Performance Experience

Network quality of service monitoring solutions overtake endpoint authentication technologies, particularly Network Access / Admission control, for the lead position on the Network Security and Software Technology Heat Index®

NEW YORK, NY, May 19, 2008 – TheInfoPro (TIP), www.theinfopro.$ST_net, an independent research network and leading supplier of market intelligence for the Information Technology (IT) industry, today announced that endpoint authentication technologies – such as Network Access / Admission Control (NAC) – have been surpassed by network quality of service monitoring solutions for the #1 spot on the Network Security and Software Technology Heat Index. This index gauges the immediacy of user need and planned spending for each technology.

To view a rich media presentation of findings, visit: http://www.brainshark.com/theinfopro/ Netwrkng_pr3

“We were actually not surprised to see network quality of service monitoring overtake NAC / NAS on the Heat Index,” says Bill Trussell, Managing Director of Networking research for TheInfoPro. “Though Networking professionals do see advantages to this technology, delivering on the promise is in doubt – leaving NAC solution providers with the challenge of overcoming skepticism among Networking pros.”

“At the same time, with the ever-increasing number of VoIP rollouts, Networking decision-makers have had to change their emphasis to the network performance experience for their end users,” adds Trussell. “Technology providers have already begun to take action to meet these needs – as was evidenced in the recent Blue Coat acquisition of Packeteer.”

Key findings on NAC:

Network Access Control (NAC) continues to lose popularity, with 65% of the organizations interviewed indicating that they have no policy for NAC, up from 55% last wave.
Fifty-eight percent (58%) of organizations indicated that it is unlikely they will have a policy in the next 12 months.
Over 60% of those interviewed believe it is unlikely that their NAC policy will influence their network har next 12 months.dware and software procurements in the
Sixty-four percent (64%) of those interviewed indicated that there would be no increase in spending on endpoint authentication technologies.
Key Findings on Quality of Service Monitoring Solutions:

Eighty-four percent (84%) of organizations indicate that they have quality of service monitoring solutions, either in place or in plan.
Twenty-four percent (24%) of those organizations that currently have quality of service monitoring solutions indicate that they are spending more on these technologies throughout 2009.
Cisco and NetScout are the lead in plan vendors for these technologies.
About The Study
Over 130 one-on-one hour-long interviews were conducted with F1000 and MSE end users for the Wave 4 Networking Study, providing commentary and insight on their Networking adoption plans, management strategies, and vendor performance. TIP repeats this structured interview process in six-month intervals – “waves” – for the sectors of investigation, providing unmatched historical reference, trend analysis, and pattern recognition.

Networking Technology providers that were mentioned throughout the study include: 3COM, Accel Net, ADTRAN, AeroScout, Affiliated Computer Services, AirTight Networks, AirWave, Alcatel-Lucent, Alvarion, American Fiber Systems, ANDA Networks, Apple, Aspera, AT&T, Avocent, Belgravium, Belkin, Bell Canada, Blue Coat, Bluesocket, Buckeye TeleSystem, Cablevision Systems, Call One, CenturyTel, Check Point, Chelsio, China Telecom, Ciena, Cisco, Citizens Communications, Cogent, COLT Telecom, Comcast Coyote Point, Crescendo Networks, Cywest, Delatcom, D-Link, eircom, EMC, Enterasys, Expand Networks, Extreme Networks, F5 Networks, Force10, Fortinet, Fotris Corporation, Foundry Networks, Frontier Systems, GSA Networx, HP, IBM, IDC Global, Infinera, Interactive Intelligence, Internap, IntuitiveLabs, Juniper, KPN International, Lancope, Level 3, LightRiver, Lightspeed Systems, MASERGY, Microsoft, Mitel, Motorola, MOVAS, MRV Communications, NetApp, NetQoS, Nevis Networks, Nortel, NTT, Packeteer, PAETEC, PCCW, Positive Networks, Proxim Wireless, Radware, Riverbed, SecurActive, Secure Computing, ShorTel, Siemens, Sourcefire, Stampede, Stoneware, Swisscom, Symantec, TAZZ Networks, Telenor, TelePacific Communications, TIBCO, Time Warner, Trapeze Networks, Vanco, XO Communications, Xythos, Yipes, Zhone Technologies

Key technologies covered in the study include: WAN Data Compression and Acceleration, 10 Gbps Ethernet Backbone or Core, VPNs – based on SSL, Multiprotocol Label Switching (MPLS), 802.11a/b/g Wireless Networks, Ethernet LAN Switching Hardware, Internet VPN (LAN to LAN), Wide Area File Services (WAFS), Multicast, 10 Gbps Ethernet Server Connectivity, Multiport / Multilink Trunking, Metropolitan Area Network (MAN), Dense Wave Division Multiplexing (DWDM) Hardware, IP Version 6 (IPv6), Ultra-high Speed Networking (40 Gbps / 100 Gbps).

About TheInfoPro
TheInfoPro (TIP) is the only independent research network for the Information Technology (IT) industry. Created in 2002 by alumni of Gartner, EMC, Giga, and Bell Labs, TIP investigates key IT sectors – Networking, Information Security, Servers, Storage, and Sourcing – via a comprehensive in-depth interview process. Through a peer network of over 1800 of the world’s largest buyers and users of IT – including Citigroup, FedEx, McGraw-Hill, MasterCard, and Harvard University – TIP delivers detailed budget, vendor performance and technology roadmap data without spin or bias. Known as the voice of the customer, TIP helps IT professionals, technology providers, and institutional investors make sound decisions on technologies, vendor relationships and investments. To learn more, visit www.theinfopro.net or call 1-212-672-0010

# # # #

Possibly Related Posts:

• Spending on Information Security Continues to Outpace the Rest of Corporate IT According to Latest Bi-Annual Study of the Global 2000 by TheInfoPro
• Enterprises Report that Internal Change & Learning are the Biggest Roadblocks in Moving to Cloud Based IT Infrastructures
• Latest IT Market Study From TheInfoPro: F1000 Enterprises 2011 Storage Spend Continues at a Strong Pace
• TheInfoPro Server Study: Operational Efficiencies, Not Compensation, Give Larger Organizations Cost Advantage Over Midsize Companies
• Fortune 1000 and MidSize Enterprise Organizations Say Immediate Spending Includes Telepresence and Unified Communications