DDoS Prevention Appliances



Similar documents
IDG Connect DDoS Survey

Data Center Security Strategies and Vendor Leadership: North American Enterprise Survey

Delivering Security Virtually Everywhere with SDN and NFV

Infonetics Research White Paper Infonetics Research, Inc.

Corero Network Security plc

Enterprise Networking and Communication Vendor Scorecard

Carrier WiFi. Vendor Scorecard IHS INFONETICS REPORT EXCERPTS. Excerpts. July By Research Director Richard Webb

INSERT COMPANY LOGO HERE

Reducing Downtime Costs with Network-Based IPS

OTN, MPLS, and Control Plane Strategies

High-End Firewall Strategies

Leveraging SDN and NFV in the WAN

SDN and NFV in the WAN

Global DDoS Prevention Market

Understanding the Business Case of Network Function Virtualization

DNS Server Security Survey

Cloud VPN & The Role of the Service Provider in Disrupting the VPN Market

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

Worldwide Advanced and Predictive Analytics Software Market Shares, 2014: The Rise of the Long Tail

Table of Contents. Technical paper Open source comes of age for ERP customers

Protection Solution. Strategic White Paper

Emerging Trends in the Network Security Market in India, CY 2013

The Benefits of SD-WAN with Integrated Branch Security

Case study: Telenor Sweden

Introduction to DDoS Attacks. Chris Beal Chief Security Architect on Twitter

Security Solutions for the New Threads

The Changing Role of Policy Management

When Reputation is Not Enough. Barracuda Security Gateway s Predictive Sender Profiling. White Paper

software networking Jithesh TJ, Santhosh Karipur QuEST Global

The Future Of The Firewall

2015 Pyramid Research Latin America Telecom Insider

SecurityDAM On-demand, Cloud-based DDoS Mitigation

Trends in the Telecom industry Drivers for our connected age Gabrielle Gauthey President, Government and Public Sector Global Forum- Geneva-17

DDoS Mitigation Strategies

Business Case for NFV/SDN Programmable Networks

Making the Internet Business-Ready

Websense Data Security Gateway and Citrix NetScaler SDX Platform Overview

Global Workforce Management (WFM) Software Market in Healthcare

2012 North American Managed Security Service Providers Growth Leadership Award

Threat-Centric Security for Service Providers

Multi- Path Networking Is a Key to Maximizing Cloud Value

GUIDEBOOK MICROSOFT DYNAMICS SL

Full year results. Corero Network Security plc, the AIM network security company, announces its audited results for the year ended 31 December 2014.

Global Web Application Firewall (WAF) Market

Business Case for Virtual Managed Services

US Business Services 2015

How WAN Design Needs to Change

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s

CYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting your DataCenter. Marco Mazzoleni Consulting Systems Engineer, Cisco GSSO

INTRODUCING isheriff CLOUD SECURITY

Requirements When Considering a Next- Generation Firewall

SDP Hackathon #4 Analysis & Report

The Distributed Cloud: Automating, Scaling, Securing & Orchestrating the Edge

Management & Orchestration of Metaswitch s Perimeta Virtual SBC

Business Case for a DDoS Consolidated Solution

Accenture Technology Consulting. Clearing the Path for Business Growth

VIRTUALIZING THE EDGE

Global Scheduling and Automation Software Market

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

Lantiq s DSLTE technology enables carriers to offer combined DSL and LTE for highest data rates

Cisco Security Intelligence Operations

US Data Services

The Evolution of SDN and NFV Orchestration

Buying vs. Building Business Analytics. A decision resource for technology and product teams

Worldwide Security and Vulnerability Management Forecast and 2013 Vendor Shares

SOFTWARE DEFINED NETWORKING

Transcription:

IHS REPORT EXCERPTS DDoS Prevention Appliances Biannual Worldwide and Regional Market Share and Forecasts: 2nd Edition Excerpts December 2015 By Senior Research Director Jeff Wilson 695 Campbell Technology Parkway Suite 200 Campbell California 95008 t 408.583.0011 f 408.583.0031 www.infonetics.com Silicon Valley, CA Boston, MA London, UK

Table of Contents TOP TAKEAWAYS: DDOS PREVENTION APPLIANCES PASS $107M IN 1Q15, UP 21% YoY 1 MARKET BACKGROUND AND KEY DRIVERS 1 LONG-TERM FORECAST: DATA CENTER DEPLOYMENTS MAINTAIN LEAD, MOBILE PASSES CARRIER TRANSPORT BY 2018 3 MANUFACTURERS AND MARKET SHARE ANALYSIS: ARBOR NETWORKS GROWS LEAD IN 3Q15 4 DEMAND-SIDE DATA 5 REPORT AUTHOR 6 ABOUT IHS INFONETICS RESEARCH 6 REPORT REPRINTS AND CUSTOM RESEARCH ERROR! BOOKMARK NOT DEFINED. List of Exhibits Exhibit 1 Worldwide DDoS Prevention Appliance Revenue by Deployment Location 4 Exhibit 2 DDoS Prevention Worldwide Quarterly Revenue Market Share 5

TOP TAKEAWAYS: DDOS PREVENTION APPLIANCES PASS $107M IN 1Q15, UP 21% YoY Key observations from the last 6 months: DDoS prevention appliance revenue was up QoQ in 3Q15, and YoY revenue growth was strong; this is a sign of the maturation of the market it s now starting to fall into normal seasonal growth trends. There is an opportunity to make a capital investment in on-premises DDoS mitigation to deal with the cluster of lower-bandwidth attacks, then hand off larger attacks to a dedicated cloud provider; this is driving adoption of hybrid solutions and sales of hardware at the lower end of the market. Arbor maintained its market share leadership position, increasing its share to 46% of worldwide revenue; Arbor has led this market for a decade and continues to stay on top of emerging trends like hybrid DDoS mitigation deployments, managed services, on-premises solutions for a wide range of deployment scenarios, and virtual appliances. MARKET BACKGROUND AND KEY DRIVERS DDoS prevention appliances are the first line of defense for most service providers and large enterprises around the globe looking to protect themselves from brute-force attacks on network or resource availability, and with the unprecedented number, size, and coverage of DDoS attacks since the floodgates opens in 2008, vendors who build DDoS prevention solutions have seen and continue to see a significant increase in demand. This report covers actuals for 2Q15 and 3Q15. Verizon s DBIR had an entire section dedicated to DDoS attacks this year, and confirmed with data from multiple sources what many suspected: while the total number of attacks are skyrocketing, volumetric attacks are bifurcating into very-high velocity/bandwidth attacks (59Gbps and up, and 15 million pps and up), and lowerbandwidth attacks (15Gbps/3 million pps). This has significance for everyone, but particularly large enterprises and mid-sized cloud and hosting providers. The opportunity to make a capital investment in on-premises DDoS mitigation to deal with the cluster of lower-bandwidth attacks, and then hand off larger attacks to a dedicated cloud provider will drive both adoption of hybrid solutions and sales of hardware at the lower end of the market. These new hardware sales are one of the primary drivers for our aggressive (and recently increased) forecast through 2019. 1

We cover broad market drivers later in this report, but put simply, the key drivers for increased investment in DDoS prevention solutions include: The increasing volume of highly visible attacks, including a mix of politically motivated attacks, statesponsored electronic warfare, social activism, organized crime, and good old fashioned pointless mischief and mayhem, driven by the easy availability of bots/botnets for hire and easily distributed crowd-sourced attack tools Increasing number of sophisticated application-layer attacks like R.U.D.Y and Slowloris that some DDoS detection and mitigation infrastructure can t identify and block, forcing companies to make new investments in DDoS solutions Emergence of new varieties of amplification attacks like the DNS amplification attack aimed at Spamhaus in 2013 that topped 300G, and the NTP amplification attack earlier this year that topped 400G; these attacks are pushing the boundaries of mitigation performance Internet traffic growth, which has driven major carriers to upgrade their backbone infrastructure to increase capacity, driving a need for increased capacity DDoS prevention solutions; Cisco predicts global IP traffic to reach the zettabyte threshold by 2015, and to top 1.4 zettabytes by 2014, the CAGR for global IP traffic from 2012 to 2017 at 23% Enterprise and tier 2/3 carrier and mid-sized hosting provider demand for on-premises solutions is growing every day even though conventional wisdom says that most large enterprises and regional carriers and mid-sized hosting companies should deploy cloud-based solutions for DDoS mitigation; there are many enterprise environments where data simply cannot leave privately owned networks and data centers to be scrubbed in the cloud (mostly for compliance reasons), and many smaller regional SPs and hosting providers are looking to leverage on-premises tools to lower operating costs and generate revenue from customers for customized services Data center consolidation, data center upgrades, and the rollout of the cloud infrastructure that will underpin the next generation of cloud services; large data centers and cloud providers are highly visible targets who must protect their own infrastructure and the customers who trust them to host data and applications; in the last 5 years the scale and architecture of most medium and large data centers have changed significantly, and large enterprises and hosting/cloud providers need DDoS solutions with improved performance, faster physical interfaces, and advanced detection and mitigation technologies Mobile network upgrades, which many mobile providers are making to deliver 3G and 4G services and meet the demand for broadband data for mobile devices, are forcing providers to add new layers of network protection and increase their overall security processing capacity; backhaul networks alone are adding orders of magnitude more capacity, driving the need for new DDoS solutions Managed DDoS mitigation services; in addition to purchasing DDoS solutions to protect their own infrastructure, many carriers around the globe are buying DDoS products to build out managed services for their customers, and specialized hosted DDoS service providers (like Prolexic) are gaining popularity with enterprise customers looking for DDoS prevention but lacking the expertise or capital to deploy their own; we now track these services in our Cloud and CPE Managed Security Services report 2

SDN and NFV are pervasive trends in network and telecom infrastructure, and they will eventually touch all areas of security; though virtual appliance solutions for DDoS mitigation aren t widely available, it s not hard to imagine (particularly in an NFV context) a world where DDoS mitigation can be dynamically provisioned via software; Radware announced an SDN and NFV strategy for carriers that included DDoS functionality in February 2014, and there will be more announcements LONG-TERM FORECAST: DATA CENTER DEPLOYMENTS MAINTAIN LEAD, MOBILE PASSES CARRIER TRANSPORT BY 2018 The next exhibit shows annual revenue for the DDoS prevention appliance market split by the 4 deployment locations we track, as well as the YoY growth for the total market (the red line). DDoS prevention appliance market growth will stay in the double digits through 2017 and then move to the high single digits from 2018-2019 as some of the larger infrastructure upgrades in mobile and data center start to slow down a bit, service providers investigate and begin deploying lower cost (and virtualized) solutions, and DDoS solutions integrated with other security and networking products begin to chip away at the lower end of the enterprise space, dropping the price of DDoS prevention. Though vendors don t directly report revenue by deployment location, they do provide good guidance, and we estimate the rest based on discussions with their customers and channel partners. The traditional carrier transport market (which leading vendor Arbor has dominated for nearly a decade) was traditionally the largest market for DDoS mitigation solutions, but it s now second behind data center and has the lowest 2014 to 2019 CAGR (4.4%). The data center segment (enterprise and carrier, including hosted DDoS service environments) passed carrier transport in 2012 and maintains a healthy 19.2% 2014 to 2019 CAGR. Enterprise data center deployments continue to grow particularly well, and major cloud, hosting, large service provider, and major internet brands continue to invest in high-performance DDoS mitigation to protect their data centers from escalating attacks and deliver customized solutions to their hosting/cloud customers. 3

Exhibit 1 Worldwide DDoS Prevention Appliance Revenue by Deployment Location MANUFACTURERS AND MARKET SHARE ANALYSIS: ARBOR NETWORKS GROWS LEAD IN 3Q15 In 3Q15 total DDoS prevention appliance revenue, Arbor ranks first with 46% (up 2.9 points from 2Q15); Arbor maintains a strong leadership position despite having a wide range of challengers. The introduction of their hybrid cloud services, fully managed services, a refreshed on-premises offering, and advanced threat detection and analytics will help them grow their overall business revenue by tapping into fast-growing markets. Their transition to some subscription revenue is already impacting their appliance revenue (starting in 4Q14), but the overall business remains quite strong. 4

Exhibit 2 DDoS Prevention Worldwide Quarterly Revenue Market Share DEMAND-SIDE DATA We verify our supply-side forecasts with our demand-side research, and work closely with vendors, service providers, chip and component manufacturers, and the channel to gather and validate actual data and market trends. This gives us a thorough, accurate picture of the market. In Cloud and Data Center Security Strategies and Vendor Leadership: Global Service Provider Survey, our December 2014 survey of 26 major service providers around the globe, we found that: 69% of the providers we talked to are driven to deploy new security solutions to handle new DDoS attacks 73% will build out a hybrid DDoS mitigation infrastructure, both investing in equipment that they own and operate, but also partnering with a dedicated scrubbing provider to deal with the largest attacks We asked providers which 2 threat mitigation platforms they planned to make the largest investments in over the next year, and firewall and DDoS mitigation topped the list Despite being a narrowly-focused DDoS vendor, Arbor is seen as a top security vendor overall by large service providers 5

REPORT AUTHOR Jeff Wilson Senior Research Director, Cybersecurity Technology IHS +1 408.583.3337 jeff.wilson@ihs.com Twitter: @securityjeff ABOUT IHS INFONETICS RESEARCH Infonetics Research, now part of IHS (NYSE: IHS), is an international market research and consulting analyst firm serving the communications industry since 1990. A leader in defining and tracking emerging and established technologies in all world regions, Infonetics helps clients plan, strategize, and compete more effectively. REPORT REPRINTS AND CUSTOM RESEARCH To learn about distributing excerpts from IHS Infonetics reports or custom research, please contact: IHS Sales: +1 844-301-7334 https://www.ihs.com/about/contact-us.html 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information