TheInfoPro

Written by Daniel Kennedy, Research Director for Information Security

Each information security study by TheInfoPro has attached to it our proprietary Heat Index, a weighted measure based on the immediacy of user needs based on their stated plans for each information security technology we track. The normalized scores become an excellent barometer of user demand in large enterprises. Similarly, the Adoption Index is computed the same way, but is instead a measure of which technologies are in use.

This year, both flavors of data leakage/loss prevention (DLP) solutions dominate the infrastructure security heat scores, with endpoint DLP gaining the preference among respondents. Symantec looks to benefit. Continuing with our infrastructure category, requirements driven by industry mandates such as Payment Card Industry (PCI) standards continue to help solutions like tokenization achieve a third-place finish among hot technologies in this category.

On the network security front, application-aware firewalls lead the pack, with 28% in use; that could jump 33% based on in plan implementations if long-term plans come to fruition. Forty-four percent (44%) of respondents see their organizations spending more on application-aware firewalls in 2012, with Palo Alto Networks seeing the biggest benefit. Network intrusion prevention (NIPS) implementations track as second on the network security heat index, although they have a much greater adoption score of 79. Sixty-two percent (62%) of large enterprises report having a NIPS in place, and 73% report having intrusion detection systems (IDS) in place.

Federated identity management projects are the hottest in the large-enterprise security management heat index. While such solutions have penetrated 37% of large-enterprise environments, 26% report having some plan for implementation in the future, largely benefiting vendors Oracle and Microsoft. In the wake of SarbOx, compliance-driven auditing of internal capabilities have driven adoption of governance, risk and compliance (GRC) solution packages, which are the second-hottest technology in the security management category. Thirty-four percent (34%) report planning a GRC implementation.

Finally, in the application security category, web application firewalls (WAF) lead the pack for large enterprises in terms of heat index score, and are second in adoption behind static application code security tools. The proliferation of WAFs in the enterprise continues to track closely to its association with the PCI application security standards. F5 Networks and Imperva are currently leading the WAF race, but neither has separated from the pack.

Possibly Related Posts:

• Unified Communications Solutions
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky
• Who Can Take On Cisco?

Written by Marco Coulter, Research Director for Storage

This Thursday’s TIP is based on a real-time update extracted with 71 in-depth interviews complete. Last Thursday’s TIP, we looked at 2011 budgets. This time, we look at how vendors will experience the closing quarter of the calendar year. How successful will vendors be in the Q4 CY11?

Brocade, Hewlett-Packard and EMC show the largest numbers planning spending in Q4, playing to their respective fiscal years. IBM goes against this model, with spending predominantly occurring by the end of Q2, possibly indicating overflow from the prior year coming into the first quarters of this year.

Symantec delivers evenly, with 80% spending evenly through the year. Before assuming that software delivers more balanced revenue than hardware, consider that the other listed software player, CommVault, has the lowest number of respondents indicating even spending. It is likely that Symantec sees more renewal revenue as the “gorilla” in the protection segment, while CommVault’s business is more new clients making initial commitments.

HDS goes significantly against the fiscal year “hockey stick” model. Thirty-six percent (36%) of storage professionals reviewing HDS planned their spending in Q3, well after the company’s fiscal year is concluded. HDS and NetApp look to have the least Q4 spending plans among our respondents.
Below is a table of the months that the listed companies conclude their fiscal years:
Fiscal Year End for Charted Storage Companies

March – Symantec, CommVault, HDS
April- NetApp
October – Brocade, HP
December – EMC, IBM

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• High-risk Staff? Executives and IT Are Equally Risky
• Who Can Take On Cisco?

2012 Information Security Forecasts – Who Will be the Winners & Losers?
Wednesday, December 14, 2011 2:00 PM – 2:45 PM EST

Replay Link: 2012 Information Security Forecasts

Some of the key trends we will be discussing from our Information Security study are:

Information Security spend is strong with many diverse drivers:

• Directionally for 2012, Information Security Professionals are not planning a slowdown. Thirty-seven percent are planning an increase in spend, with 16% planning a decrease.
• Thirty-nine percent are spending more in 2011 vs. 2010, and only 15% are spending less – showing the resiliency of the market in challenging economic times.
• In the one-on-one interviews, decision-makers detailed compliance, mobile devices and preventing data loss as the drivers for spending increases.

Data Leakage Prevention (DLP) and Application-Aware Firewalls are products on
the move:

• Data Leakage Prevention (DLP) resides in the top spot of TheInfoPro’s proprietary Information Security Technology Heat Index™, which gauges immediacy of planned implementation for 40 technologies, as the G2000 look to protect custodial and intellectual property data from leaking out of their environment.
• The traditional antivirus vendors, Symantec (SYMC) and Intel’s (INTC) McAfee, look to benefit with rollouts of both endpoint and network DLP on tap.
• Application-Aware Firewalls make a nice jump in the Heat Index, with Palo Alto and Check Point (CHKP) benefiting from the 28% of in-plan implementations.
• Palo Alto will be a vendor to watch as it is beginning to replace some of the major incumbent providers with its application-visibility-based approach.

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Daniel Kennedy, Research Director for Information Security

Far and away, the choice of both large and midsize enterprises for the most exciting vendor this wave in terms of products and services was next generation firewall maker Palo Alto Networks. The application-aware firewall or next generation firewall, a fusion of the capabilities of stateful and application firewalls, is generating a good buzz amongst respondents: “Palo Alto’s probably the most innovative I’ve dealt with, specifically their application discovery or app[lication] identity.”

The second most exciting vendor in aggregate (full sample) is FireEye with its advanced malware detection solutions, buoyed strongly by responses amongst midsize enterprises. Rounding out the list of exciting vendors are industry stalwarts EMC (RSA), Symantec, and Intel (McAfee).

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

The application-aware firewalls also lead the network security pack with a heat score of 62, and a 28% in use figure that could jump 33% based if pilots and near-term plans come to fruition. Of the respondents with application-aware firewalls on their roadmaps, 39% of respondents see their organizations spending more in 2012, with Palo Alto Networks seeing the lion’s share of the benefit. If the company can convert on long-term implementation plans by respondents’ enterprises, it could carve out a healthy niche of a firewall market currently dominated by Cisco and Check Point in our studies.

Anti-botnet solutions have had a warmer reception amongst the midsize enterprises, while 14% have a solution in place, another 14% have an implementation in their plans down the road, with FireEye looking to benefit. Still, the technology appears not ready for prime time, with 73% of midsized enterprises reporting no plans for integrating these products.

What do respondents have to say on the top two exciting vendors?

• “Palo Alto – I like their mobile solutions.”
• “We’ve looked at FireEye and haven’t formed any opinion about whether to move forward.”
• “Palo Alto – next generation, not tied to traditional monitoring, but threat ID allows you to make rules more granular.”
• “We are very impressed with FireEye’s approach. In that space, other vendors will catch up.”
• “[Palo Alto does] a single pass instead of Fortinet’s multiple proxy, which hammers the resources and doesn’t give enough granularity in reporting. It’s a more cohesive design.”
• “FireEye’s virtual machine-based detection system for malware. It anticipates malware and tells you what may likely be malware before you can get signatures out.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky

Written by Daniel Kennedy, Research Director for Information Security

On Oct. 4, IBM announced the acquisition of security information and event management (SIEM) provider Q1 Labs for approximately $575 million, according to The 451 Group’s M&A KnowledgeBase. This is at least the third SIEM solution IBM will have established under its umbrella, but potentially also the most expansive solution when it comes to capturing the emerging combination of log management, network monitoring and security monitoring solution space. With this acquisition, IBM plans to create a new Security Systems division led by Q1’s current CEO, Brendan Hannigan.

Originally published as a ThursdayTIP to the respondent network of TheInfoPro. Would you like to receive all of the ThursdayTIP reports when they are fist released? Sign up here for TheInfoPro’s respondent network.

This move follows Hewlett-Packard’s acquisiton of ArcSight nearly a year ago, and precedes further consolidation in the space; NitroSecurity was also announced as being brought into Intel’s McAfee last week. With this shakeup, IBM is poised to occupy the fourth spot in SIEM market share, according to the results of respondent interviews for the Wave 14 Information Security Study. HP’s acquisiton of ArcSight makes it the de facto leader of the space, with 6% of in plan implementations also going its way. EMC’s enVision product (RSA) and Symantec round out the top of the pack.

SIEM enterprise market share, 14th security study.

The most recent information security study shows SIEM installations at a fairly mature 53% in use in enterprise environments, with 6% of respondents seeing new implementations in their short-term plans and 18% having SIEM installations on the radar in their longer-term project planning. Thirty-three percent (33%) of respondents see increased spending in 2012 on SIEM solutions, with 60% projecting a flat spend into next year.

What do respondents think of the product IBM has acquired? The trend in responses bends positive:

• “Q1 Labs’ product is very innovative.”
• “[We’ll look at] enVision, Q1 Labs, Symantec.” (In response to a question about spending plans for 2012 for SIEM solutions.)
• “We are in woeful need of consolidation. We are evaluating whether to continue on with enVision or use something new. We did a POC with Q1 Labs, or [we may] go to SecureWorks as a third party.”
• “Just had this discussion; there are others, like Q1 Labs and EMC enVision.” (In response to a question about switching off another SIEM vendor’s product.)
• “The company [Q1 Labs] is innovative. They remain fresh in terms of feature set. They are a small company, and they are subject to being swallowed up! They need to keep the system ‘capable’ at all times, especially keeping up with the patches.”

Possibly Related Posts:

• Unified Communications Solutions
• Heat Index Reveals Hot Infosec Technologies
• The Ascent of 10GigE
• Storage Vendors See Mixed Q4
• High-risk Staff? Executives and IT Are Equally Risky