High-End Firewall Strategies



Similar documents
Data Center Security Strategies and Vendor Leadership: North American Enterprise Survey

REPORT HIGHLIGHTS. Infonetics: Videoconferencing is up as market moves to lower-cost solutions

OTN, MPLS, and Control Plane Strategies

Delivering Security Virtually Everywhere with SDN and NFV

Infonetics Research White Paper Infonetics Research, Inc.

Global Service Providers Identify Optical Equipment Leaders

About Us. What We Do How We Do It Get Started Infonetics Research, Inc. 2

Enterprise Networking and Communication Vendor Scorecard

Reducing Downtime Costs with Network-Based IPS

The Future Of The Firewall

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

OKTOBER 2010 CONSOLIDATING MULTIPLE NETWORK APPLIANCES

UNIFIED PERFORMANCE MANAGEMENT

Carrier WiFi. Vendor Scorecard IHS INFONETICS REPORT EXCERPTS. Excerpts. July By Research Director Richard Webb

The Smart Meter Revolution_

The Changing Role of Policy Management

Deployment Guide. AX Series with Juniper Networks SA Series SSL-VPN Appliances Solution

CASE STUDY. AUSTRIAN AIRLINES Modernizes Network Security for First Class Performance

Overview. Where other. Fortinet protects against the fullspectrum. content- and. without sacrificing performance.

Deployment Guide. AX Series with Oracle Application Server

Cloud UC. North America Service Provider Scorecard INFONETICS RESEARCH REPORT EXCERPTS. May 2015

How To Get A Fortinet Security System For Free

Comparative Performance and Resilience Test Results - UTM Appliances. Miercom tests comparing Sophos SG Series appliances against the competition

How CPG manufacturers and retailers can collaborate to create offers that will make a difference. Implications of the Winning with Digital Study

The Data Center of the Future: Creating New Jobs in Europe

How to Build a Massively Scalable Next-Generation Firewall

Using SAP Smart Forms for Bar Code Label Printing from mysap Business Suite A ZEBRA BLACK&WHITE

Load Balancing Security Gateways WHITE PAPER

Deployment Guide AX Series with Microsoft Windows Server 2008 Terminal Services

Deployment Guide. AX Series with Microsoft Office Communications Server

iservice Support Portfolio Quality global support from Oxford Instruments

Global Network Security Appliance Market

Global Engineering Collaboration Using CAD in the Cloud

BENEFITS OF SERVERLESS COMPUTING

IPv6: Network Security and the Next Generation of IP Communication

Consolidating Multiple Network Appliances

TIME TO RETHINK SDN AND NFV

Secure SSL, Fast SSL

2013 Thomas Skybakmoen, Francisco Artes, Bob Walder, Ryan Liles

The Evolution of SDN and NFV Orchestration

TIME TO RETHINK NETWORK SECURITY

Mainstreaming the Cloud in Contact Centers

Pacnet Global EIPL Point-to-Multipoint Service

Point Topic s Broadband Operators and Tariffs

Achieving Export Sales Growth

Stephen Worn Global CTO & Board Director DatacenterDynamics

Performance of Cisco IPS 4500 and 4300 Series Sensors

TIME TO RETHINK REAL-TIME BIG DATA ANALYTICS

Introduction Insurance Industry Overview and Major Trends

CASE STUDY. NEXON ASIA PACIFIC Nexon Securely Onboards 25 Cloud Customers in Only Eight Months

1 McKinsey Global Survey Results Building the Web 2.0 Enterprise

Recent Interview with Dean Haritos, CEO of PushMX Software of Silicon Valley, California

Asia Pacific Video Conferencing Infrastructure Markets

Improving Profitability for MSSPs Targeting SMBs

Peak Hosting, founded in 2001, provides comprehensive ITas-a-service

Point Topic s Broadband Operators and Tariffs

Lawson Business Intelligence. Solutions for Healthcare

BT Connect Networks that think

GLOBAL INTERNET GEOGRAPHY

June Palo Alto Networks 3300 Olcott Street Santa Clara, CA

Pacnet MPLS-Based IP VPN Keeping pace with your growth

SonicWALL Unified Threat Management. Alvin Mann April 2009

Global Investing 2013 Morningstar. All Rights Reserved. 3/1/2013

Reducing Cycle Times and Work in Process Management Costs: Aerospace and Defense Industry

Security and Services

MAGPOWR Spyder Firmware Update Instruction Manual

Keeping up with the KPIs 10 steps to help identify and monitor key performance indicators for your business

Market comparison: sales and distribution of travel insurance and the growth of bancassurance

Unified Communications, Diverse Benefits

Preparing Your IP Network for High Definition Video Conferencing

Data Center Security Market by Solution, by Services, by Data Center Types and by Region - Global Forecast to 2020

It looks like your regular telephone.

Advanced Core Operating System (ACOS): Experience the Performance

Interconnec(on, Bandwidth, Complexity and Costs. Gaurab Raj Upadhaya

Cisco IT Data Center and Operations Control Center Tour

Intel DPDK Boosts Server Appliance Performance White Paper

NetFlow Tips and Tricks

Transcription:

I N F O N E T I C S R E S E A R C H S U R V E Y E X C E R P T S High-End Firewall Strategies Infonetics Research Survey Excerpts Written by Jeff Wilson October 2013

Contents Introduction 1 Respondents Feel A Need For Speed 2 Exhibit 1: High-End Firewall Purchase Drivers 2 40G Ports and 100G+ Systems A Must 3 Exhibit 2: Maximum Interface Speed Requirements 3 Exhibit 3: Maximum Throughput Requirement 4 Bottom Line 5 About Infonetics Research 6 i

Many buyers are eyeing products with 100G+ aggregate throughput and support for 40G and 100G ports over the next year. Introduction As enterprises build out data center, headquarter, and even branch office networks with ever-increasing Ethernet speeds, security infrastructure needs to keep up. In the last 3 years, a long list of firewall manufacturers have rolled out products that support between 40G and 1T of aggregate throughput, and they re all investigating the need to support new technologies and new physical interfaces at higher performance levels. In this survey, we found that high-end firewall buyers are looking for: Faster firewalls to secure faster networks; many buyers are eyeing products with 100G+ aggregate throughput and support for 40G and 100G ports over the next year Improved security; security is the number-one criterion buyers use when evaluating high-end firewall suppliers A range of new security services that can be delivered without massive impact on overall performance, and a reasonable way to evaluate real-world performance before buying Using a panel of qualified IT decision-makers, we conducted a web survey in June 2013 with 104 large organizations (over 1,000 employees) that have already deployed high-end firewalls, defined as firewalls that currently support >40G aggregate throughput. To qualify, respondents had to have detailed knowledge of the high-end firewalls their company has deployed and have influence over purchase decisions for those firewalls. All respondents are either primary decision-makers or have a lot of influence. 1

Respondents Feel A Need For Speed Without a doubt, the move to faster network technologies is forcing enterprises to look at upgrading every moving part of their IT infrastructure, and firewalls are no different; the need to add new high speed interfaces to firewalls (10G, 40G, and eventually 100G) tops the list of drivers for investing in new high-end firewalls; it is a driver for 77% of respondents. Respondents rated the importance of various drivers in the decision to purchase high-end firewalls on a scale of 1 to 7, where 1 means not a driver, 4 means somewhat of a driver, and 7 means definitely a driver. Second on the list is the need to increase the performance of multiple security functions, rated highly by 73% of respondents. When the concept of a UTM was first introduced in the mid-2000s, it was a great idea, but typically turning on anti-virus, antispam, IPS, or other features crippled the overall performance of the box. Things have changed though, and though turning on a host of functions in addition to stateful inspection may slow a firewall somewhat, it s not the 10x+ throughput decrease of the past, so customers are actually starting to deploy firewalls that are handling 2, 3, 4, or even 5 other critical security functions. The need to support faster physical interfaces is driven in many cases by network upgrades in enterprise data centers, so it makes perfect sense that 73% are buying high-end firewalls as part of a broader data center upgrade; all high-end firewall positioning should specifically call out data center applications and highlight product features that make a great data center firewall. For example, the 65% of respondents looking for better connection performance are likely trying to solve a data center problem. Exhibit 1: High-End Firewall Purchase Drivers Upgrade to high speed network interfaces on security appliances Need to increase multi-function security performance Upgrade firewalls for data center upgrade Need to increase stateful inspection throughput 77% 73% 73% 68% Consolidate security technologies into fewer platforms Support more total and concurrent TCP sessions 66% 65% 0% 20% 40% 60% 80% Percent of Respondents Rating 6 or 7 Infonetics Research, High-End Firewall Strategies and Vendor Leadership: North American Enterprise Survey, July 2013 2

Vendors who can stay ahead of the interface curve may capture business in the next 12 months on the strength of their interface offering. 40G Ports and 100G+ Systems A Must Data center network upgrades are forcing buyers to look at faster interfaces for firewalls, and some large campus environments will certainly drive the need for 10G ports, and possibly even 40G ports in the next 3 years. We asked respondents to indicate which interfaces their new high-end firewalls must support, and the top end of what s currently available leads; 69% of respondents need new high-end firewalls to support 40G ports. Security product manufacturers are scrambling to meet port requirements; there s a fairly long list of products that offer 10G interfaces, though it s difficult to get terribly high density (more than 10 ports), and there are only a few dedicated products with 40G ports shipping now. Vendors who can stay ahead of the interface curve may capture business in the next 12 months on the strength of their interface offering, so everyone needs to line up plans for 40G and 100G Ethernet immediately. We expect many data center customers to attempt to leapfrog 40G and go straight to 100G, so vendors should talk to their largest customers to understand if (and when) they ll need to support 40G or if it will be easier to just skip 40G and go straight to developing 100G interfaces if buyers are looking at upgrades in late 2014 or early 2015 (when 100G ports become more widely available on networking gear). Exhibit 2: Maximum Interface Speed Requirements 1G Ethernet 16% 10G Ethernet 41% 40G Ethernet 69% 100G Ethernet 37% 0% 10% 20% 30% 40% 50% 60% 70% 80% Percent of Respondents Infonetics Research, High-End Firewall Strategies and Vendor Leadership: North American Enterprise Survey, July 2013 3

Many customers are looking for increased system performance to run multiple security functions. After port speeds, we asked respondents to tell us what maximum stateful inspection throughput they will require their highend firewalls to support in the next year, and over 80% are looking for platforms with over 100G of aggregate performance, with the largest group looking for 100G to 199G. The number of real-world environments that truly require this kind of performance is small, but many customers (as indicated in the drivers question) are looking for increased system performance to run multiple security functions. A 100G stateful inspection firewall is more likely to run at between 20G and 50G once other security features are enabled. This brings us to one of the really tricky issues buyers face: every firewall configuration/deployment is unique, and realworld performance is very difficult to predict because it depends on traffic types/patterns and the features enabled. Firewall companies that can help customers accurately spec high-end firewalls and give realistic estimates of real-world performance will build important trust during the purchase process. Exhibit 3: Maximum Throughput Requirement 40% Percent of Respondents 30% 20% 10% 0% 40G to 99G 100G to 199G 200G to 499G 500G to 999G 1T or above Maximum Throughput Infonetics Research, High-End Firewall Strategies and Vendor Leadership: North American Enterprise Survey, July 2013 4

Bottom Line The battle for high-end firewall market leadership is raging, and market share changes are brewing as serious challengers like Fortinet, Check Point, Palo Alto, and Dell SonicWALL continue to make strong progress at the high end. Buyers need: Major increases in throughput and connection performance; in data center environments especially, connection performance is the most important performance metric for firewalls, and many data center buyers need are looking for firewalls with 10x connection performance compared to their currently deployed products New security services that can be delivered without massive impact on overall performance, and they need a reasonable way to evaluate real-world performance before buying New solutions that offer a verifiable leap in security efficacy; security is by far the most important high-end-firewall supplier selection criterion 5

I N F O N E T I C S R E S E A R C H S U R V E Y E X C E R P T S Survey Author Jeff Wilson Principal Analyst, Security jeff@infonetics.com +1 408.583.3337 About Infonetics Research Infonetics Research is an international market research and consulting analyst firm serving the communications industry since 1990. A leader in defining and tracking emerging and established technologies in all world regions, Infonetics helps clients plan, strategize, and compete more effectively. Report Reprints and Custom Research To learn about distributing excerpts from Infonetics reports or to learn about custom research opportunities, please contact: North America (West), Asia Pacific Larry Howard, Vice President, larry@infonetics.com, +1 408.583.3335 North America (East, Midwest, Texas), Latin America Scott Coyne, Senior Account Director, scott@infonetics.com, +1 408.583.3395 Europe, Middle East, Africa, India, Singapore George Stojsavljevic, Senior Account Director, george@infonetics.com, +44 755.488.1623 Japan, South Korea, China, Taiwan http://www.infonetics.com/contact.asp 695 TECHNOLOGY PARKWAY SUITE 200 CAMPBELL, CALIFORNIA 95008 TEL 408.583.0011 FAX 408.583.0031 www.infonetics.com SILICON VALLEY BOSTON METRO LONDON AMSTERDAM SHANGHAI TOKYO

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information