TheInfoPro

Written by Daniel Kennedy, Research Director for Information Security

In our interviews, network managers continue to cite managing costs, aging hardware, and managing network growth among their top concerns, and while these will likely remain top-of-mind concerns in the future, the continued growth of higher-capacity networking looks to ease some of this pain. With that in mind, the continued rollout of Intel’s more advanced platform next year allowing 10 Gigabit Ethernet (10GigE) LAN on motherboard (LOM) connections should, combined with the normal network refresh cycle, allow 10GigE to become the default connection on rack-mounted servers.

This change further extends the benefits of 10 GigE, including network simplification, performance, and more efficient costs via the need for less equipment.

In the meantime, network budgets are recovering nicely in 2011 to help address these concerns, and the continued rollout of 10 Gigabit Ethernet (10GigE) even in advance of standardization of volume servers is poised to receive a piece of that investment. Implementations on the network core are passing 50% of respondents, with 33% having rollouts in plan. Not far behind is moving toward 10 Gigabit server connectivity, at 45% in use and 26% in plan, with Cisco as the primary vendor provider in both. HP and Dell, fresh off their acquisition of Force10, round out the top three vendors respondents cite for 10GigE on the core network; Juniper is second on the server side.

A sampling of narratives around project initiatives supports this projected growth:

• “..upgrading infrastructure (10Gig links)”
• “Yes, we’re changing our design. Bigger links between switches; we’ll start using 10Gig for communication between switches.”
• “Implementing UCS along with 10Gig networking and Nexus switches.”
• “Upgrading to 10Gb data center.”
• “Take fiber link to core to 10Gig.”
• “Increase in 10Gb capacity.”
• “Both backbone and systems connections for 10Gb.”
• “Core network refresh/moving to 10Gb.”
• “Capacity is growing – bigger and faster. 10Gb is the de facto standard.”
• “Want to go to 10Gb.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky
• Who Can Take On Cisco?

Written by Daniel Kennedy, Research Director for Information Security

Cisco is having an interesting year, attempting to shave $1 billion of expense through layoffs and asset sales while beating both its own and Wall Street’s predictions of earnings as announced Nov. 9. At halfway through our Wave 9 Networking Study of enterprise networking environments, it is clear that Cisco continues to retain its prominence. The company has already jumped out to a 25% lead among vendors that respondents are excited about, and has a healthy 37% of respondents planning to spend more on its products in 2012 than they did in 2011 (vs. 21% reporting decreased spending). In terms of vulnerability, 7% of respondents report that they are definitely considering a switch off Cisco, which ties with Juniper (also at 7%) and easily beats Hewlett-Packard, where 18% are working out a switch.

Reflecting on Cisco’s continued entrenchment in enterprise environments, as well as its prominence in in plan implementations over the next year and a half, the question arises: can anyone unseat Cisco as the dominent networking provider? TheInfoPro asks just that question in its latest study, and finds the answer is largely “no”:

Digging into the preview data, in a number of categories with significant growth potential, Cisco is the leading in use vendor. For example, with 10 Gigabit Ethernet rollouts, 33% have upgrades to their core network in their plans, and 26% report the same with server upgrades. In both cases Cisco is the lead in plan vendor. Similarly, with the hottest technology in the voice and video category, Unified Communications, which figures into 39% of respondents’ plans, Cisco maintains its leadership as the top in use vendor, but in this case has the possibility of being passed by Microsoft.

A sampling of narratives gathered thus far on Cisco reflects the mixed sentiment users have similarly expressed in the past:

• “We are a Cisco shop, but we will look at other vendors and even some appliances to address performance issues.”
• “Cisco is always cutting edge, in my opinion. They are capturing market share in addressing application performance in a distributed networking environment.”
• “Cisco is our vendor of choice. Overall, they continue to perform as we continue to grow. They have great technical support, especially when we hit complex issues. They are not as responsive to the competition as they could be. I would like to see Cisco in a more aggressive posture against some of the smaller emerging vendors.”
• “Cisco has a great technical staff, great support and sales. Cisco is the leader in this space, no doubt. Cisco has more ways to lose an order. If you get to the right person their knowledge base is extreme, it is just getting there.”
• “Cisco is ‘losing it’ right now. They have not done a good job in delivery, pricing and bill of materials. Cisco sold us the wrong licenses and they could not explain what happened. They are trying to go into too many directions at one time, they need to find the right path and get on it!!!! The products are solid and they work, at least at the router and switch level.”

Of course we’ll have a more complete picture of what’s happening with Cisco in the enterprise at the close of our Wave 9 Networking Study.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

2012 Information Security Forecasts – Who Will be the Winners & Losers?
Wednesday, December 14, 2011 2:00 PM – 2:45 PM EST

Replay Link: 2012 Information Security Forecasts

Some of the key trends we will be discussing from our Information Security study are:

Information Security spend is strong with many diverse drivers:

• Directionally for 2012, Information Security Professionals are not planning a slowdown. Thirty-seven percent are planning an increase in spend, with 16% planning a decrease.
• Thirty-nine percent are spending more in 2011 vs. 2010, and only 15% are spending less – showing the resiliency of the market in challenging economic times.
• In the one-on-one interviews, decision-makers detailed compliance, mobile devices and preventing data loss as the drivers for spending increases.

Data Leakage Prevention (DLP) and Application-Aware Firewalls are products on
the move:

• Data Leakage Prevention (DLP) resides in the top spot of TheInfoPro’s proprietary Information Security Technology Heat Index™, which gauges immediacy of planned implementation for 40 technologies, as the G2000 look to protect custodial and intellectual property data from leaking out of their environment.
• The traditional antivirus vendors, Symantec (SYMC) and Intel’s (INTC) McAfee, look to benefit with rollouts of both endpoint and network DLP on tap.
• Application-Aware Firewalls make a nice jump in the Heat Index, with Palo Alto and Check Point (CHKP) benefiting from the 28% of in-plan implementations.
• Palo Alto will be a vendor to watch as it is beginning to replace some of the major incumbent providers with its application-visibility-based approach.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Daniel Kennedy, Research Director for Information Security

On Oct. 4, IBM announced the acquisition of security information and event management (SIEM) provider Q1 Labs for approximately $575 million, according to The 451 Group’s M&A KnowledgeBase. This is at least the third SIEM solution IBM will have established under its umbrella, but potentially also the most expansive solution when it comes to capturing the emerging combination of log management, network monitoring and security monitoring solution space. With this acquisition, IBM plans to create a new Security Systems division led by Q1’s current CEO, Brendan Hannigan.

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

This move follows Hewlett-Packard’s acquisiton of ArcSight nearly a year ago, and precedes further consolidation in the space; NitroSecurity was also announced as being brought into Intel’s McAfee last week. With this shakeup, IBM is poised to occupy the fourth spot in SIEM market share, according to the results of respondent interviews for the Wave 14 Information Security Study. HP’s acquisiton of ArcSight makes it the de facto leader of the space, with 6% of in plan implementations also going its way. EMC’s enVision product (RSA) and Symantec round out the top of the pack.

SIEM enterprise market share, 14th security study.

The most recent information security study shows SIEM installations at a fairly mature 53% in use in enterprise environments, with 6% of respondents seeing new implementations in their short-term plans and 18% having SIEM installations on the radar in their longer-term project planning. Thirty-three percent (33%) of respondents see increased spending in 2012 on SIEM solutions, with 60% projecting a flat spend into next year.

What do respondents think of the product IBM has acquired? The trend in responses bends positive:

• “Q1 Labs’ product is very innovative.”
• “[We’ll look at] enVision, Q1 Labs, Symantec.” (In response to a question about spending plans for 2012 for SIEM solutions.)
• “We are in woeful need of consolidation. We are evaluating whether to continue on with enVision or use something new. We did a POC with Q1 Labs, or [we may] go to SecureWorks as a third party.”
• “Just had this discussion; there are others, like Q1 Labs and EMC enVision.” (In response to a question about switching off another SIEM vendor’s product.)
• “The company [Q1 Labs] is innovative. They remain fresh in terms of feature set. They are a small company, and they are subject to being swallowed up! They need to keep the system ‘capable’ at all times, especially keeping up with the patches.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Daniel Kennedy, Research Director for Information Security

It has been eight years since a well-known technology research company declared intrusion detection/prevention systems (IDS/IPS), those sentinels at the edge of the network that scream out alerts every time they think they see bad traffic masquerading as allowed flow through the firewall, a market failure. Scoring 10th (IPS) and 16th (IDS) on the Heat Index (a relative measure of user demand) for the Wave 14 Security Study, and sitting at a healthy 70% implemented in enterprise environments, the death of IDS has been greatly exaggerated.

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

Market share, intrusion detection systems.

Intrusion detection systems stand at 70% in use with 15% of respondents reporting implementations in their plans. Intrusion prevention systems are at 60% implemented, with 13% stating that implementations are in their plans. Spending holds steady, with 71% maintaining their spending level and 17% anticipating a greater level of 2011 spending. The sweet spot in pricing and implementation falls under $100,000, with 30% spending between $100,000 and $500,000 on their implementations.

Two of the problems identified nearly a decade ago, cost and throughput, continue to be an issue according to user narratives:

• “IDS/IPS in-line – the price point to have a certain level of performance is very high.”
• “Opex this year as we move from NIPS to NIDS – it’s a bandwidth issue. We’re increasing bandwidth pipes, and IPS is less effective and creates problems. Moving to IDS and go on alerts vs. blocking.”

The original postulate that many of the functions of the IDS would be subsumed into other edge equipment including the firewall also still holds water for some IT managers:

• “I’m not spending anything directly on IPS/IDS – it’s in the firewall.”

And a number of firms have moved to managed services offerings:

• “We have a package deal with IBM for security – vulnerability management, NIDS/NIPS, etc. – and that’s about $3 million a year.”

All that said, the product vertical is still going strong in enterprises, with winners and losers being enumerated as we continue to study the results of the Wave 14 Security Study:

• “Since TippingPoint was acquired by 3Com, then HP, there have been some support issues.”
• “I like the Sourcefire IDS.”
• “I really like Sourcefire! They have an event classification within an IDS product. Compared to their competitors, they use open source rules. TippingPoint or Cisco, you can’t do that. Sourcefire has a great management console as well. I can’t think of any weakness since they fixed the backup issues.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky