Calculating the Business Value of Next Generation Firewall

Similar documents
The Business Value of VCE Vblock Systems: Leveraging Convergence to Drive Business Agility

WHITE PAPER JBoss Operations Network: Measuring Business Impact and ROI

Assessing the Business Value of the Secured Datacenter

The Business Value of Network-Based Intrusion Prevention Systems

WHITE PAPER Linux Management with Red Hat Network Satellite Server: Measuring Business Impact and ROI

Allstate Getting Much More from Its IT Services with ServiceNow Cloud-Based IT Service Management Solution

Pulsant Delivers Agile and Cost-Effective Hybrid Cloud Services with Cisco ACI

WHITE PAPER Business Value of JBoss Enterprise Application Platform

WSSC Building on Oracle Engineered Systems to Become a Smart, Real-Time Utility Provider

The Business Value of IT Certification

WHITE PAPER Using SAP Solution Manager to Improve IT Staff Efficiency While Reducing IT Costs and Improving Availability

Equinix Increases IT and Employee Productivity with ServiceNow Cloud-Based IT Service Automation Solution

Assessing the Business Value of SDN Datacenter Security Solutions

W H I T E P A P E R T h e R O I o f C o n s o l i d a t i n g B a c k u p a n d A r c h i v e D a t a

Nimble Storage Leverages Operational Data to Drive Its Business with Analytics Delivered by HP Vertica

How To Know The Roi Of Cesp Workload Automation Software

Achieving Organizational Transformation with HP Converged Infrastructure Solutions for SDDC

Using Converged Infrastructure to Enable Rapid, Cost-Effective Private Cloud Deployments

Converged and Integrated Datacenter Systems: Creating Operational Efficiencies

How To Understand Cloud Economics

IDC ExpertROI SPOTLIGHT

AT&T Leverages HP Vertica Analytics Platform to Change the Economics of Providing Actionable Insights to Decision Makers

University of Kentucky Leveraging SAP HANA to Lead the Way in Use of Analytics in Higher Education

Reducing Cost While Simplifying Administration: Monetizing the Benefits of SAP ASE

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Global Headquarters: 5 Speen Street Framingham, MA USA P F

DevOps and the Cost of Downtime: Fortune 1000 Best Practice Metrics Quantified

Impact of Juniper Training and Certification on Network Management Activities

Quantifying the Business Value of Amazon Web Services

Global Headquarters: 5 Speen Street Framingham, MA USA P F

W H I T E P A P E R L i n u x M a n a g e m e n t w i t h R e d H a t S a t e l l i t e : M e a s u r i n g B u s i n e s s I m p a c t a n d R O I

W H I T E P A P E R T h e B u s i n e s s V a l u e o f t h e H P P r o a c t i v e I n s i g h t E x p e r i e n c e

DNS Server Security Survey

IT as a Service Emerges as a New Management Paradigm in the Software-Defined Datacenter Era

Enhancing Business Value with HP Wireless Networking Solutions

IDC MarketScape: Worldwide Life Science Sales and Marketing BPO 2015 Vendor Assessment

WHITE PAPER Determining the Return-on-Investment from Deploying Consolidated Event and Performance Management

HP Networking Portfolio: Delivering ROI and Value from Edge to Core

Enterprise Workloads on the IBM X6 Portfolio: Driving Business Advantages

WHITE PAPER IN THIS WHITE PAPER EXECUTIVE SUMMARY. Sponsored by: Salesforce. August 2015

IDC MarketScape: Worldwide Datacenter Infrastructure Management 2015 Vendor Assessment

Microsoft Office 365: How the Hosted Exchange Server Is Redefining SMB Cloud IT Adoption

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

W H I T E P A P E R M y t h s a n d R e a l i t i e s o f C e n t r a l i z e d V i r t u a l D e s k t o p A d o p t i o n

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Understanding the Business Value of Social Solutions in Sales

Windows Server 2003 Migration: Take a Fresh Look at Your IT Infrastructure

ScienceLogic Offers Unified Infrastructure Monitoring and Analytics for Hybrid IT

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Global Headquarters: 5 Speen Street Framingham, MA USA P F

IDC MarketScape: Worldwide Life Science Sales and Marketing ITO 2015 Vendor Assessment

IDC MarketScape: Worldwide Life Science Manufacturing and Supply Chain ITO 2015 Vendor Assessment

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Global Headquarters: 5 Speen Street Framingham, MA USA P F

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s

Perspective: Cloud Solutions and Deployment for Healthcare Payers in 2014

WHITE PAPER Get Your Business Intelligence in a "Box": Start Making Better Decisions Faster with the New HP Business Decision Appliance

Global Headquarters: 5 Speen Street Framingham, MA USA P F

IDC MarketScape: U.S. Population Health Management 2014 Vendor Assessment

Affordable, Scalable, Reliable OLTP in a Cloud and Big Data World: IBM DB2 purescale

Network Management Services: A Cost-Effective Approach to Complexity

Worldwide Security and Vulnerability Management Forecast and 2013 Vendor Shares

IDC MarketScape: Worldwide Life Science Social Media Analytics 2014 Vendor Assessment

IDC MarketScape Excerpt: Worldwide Life Science R&D Strategic Consulting Services 2014 Vendor Assessment

Scott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.

Understanding the Business Value of Migrating to Windows Server 2012

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Securing Virtualization with Check Point and Consolidation with Virtualized Security

IDC MarketScape: Worldwide Service Desk Management Software 2014 Vendor Analysis

W H I T E P A P E R E n a b l i n g D a t a c e n t e r A u t o mation with Virtualized Infrastructure

E-Guide. Sponsored By:

W H I T E P A P E R T h e I m p a c t o f A u t o S u p p o r t: Leveraging Advanced Remote and Automated Support

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Cirba Targets Software-Defined Infrastructure Control with Workload-Aware Predictive Analytics

Business Value of Microsoft System Center 2012 Configuration Manager

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Virtualized Security: The Next Generation of Consolidation

Securing the Intelligent Network

TECHNICAL BRIEF Optimizing Server Management

Quantifying the Business Value of Nutanix Solutions

Transcription:

Sponsored by: Intel Security Authors: John Grady Randy Perry October 2014 Calculating the Business Value of Next Generation Firewall EXECUTIVE SUMMARY Companies today are facing a difficult dilemma. Unprecedented demand for business growth is driving the introduction of new applications and IT services to support a more productive and mobile workforce scattered across the globe. This creates complexity and constant change as well as a whole wave of issues for IT, which has to ensure the security of these new resources. Companies that had been trying to address this dilemma by employing a wide array of point solutions found that they were unable to keep pace with the constant Business Value Highlights Improvement in event response time 84% Decrease in security-related downtime 94% Reduction in infrastructure costs 30% Five-year total business benefits $5.3M Five-year ROI: 527% Payback period: 6 months change and have transitioned to McAfee Next Generation Firewall (NGFW) to provide a corporationwide integrated and scalable security solution. Organizations using McAfee NGFW are achieving significant IT and business benefits. McAfee customers interviewed by IDC implemented their NGFW solution to ensure the security of their business operations. These McAfee customers are realizing the following benefits:» Improved user and customer experience» Proactive IT operations supporting greater innovation» More reliable business operations driving productivity and revenue» Enhanced business agility In This White Paper This white paper articulates the business benefits derived by companies that have deployed NGFW. The data is based on in depth interviews with eight McAfee customers. These companies were mostly large organizations with an average employee base of 7,082. Interviewees came from a variety of industries energy, financial services, manufacturing, Document #251721 2014 IDC. www.idc.com Page 1

retail, service provider, technology, and education. Most of the organizations are headquartered in the United States and Europe, but a number have worldwide operations. On average, these organizations have used McAfee products for eight years. Table 1 provides an aggregate profile of the organizations interviewed for this white paper. TABLE 1 Demographics of Organizations Interviewed Average Employees 7,082 Intranet users 5,883 Extranet users 17,550 IT staff 179 Security staff 5 Firewalls 48 Industries Energy, financial services, manufacturing, retail, service provider, technology, education Situation Overview Employees expect instant access to corporate resources, no matter where they are in the world or what device they are using. As technology has changed the way businesses operate, IT departments have been forced to adapt to what is often a faster-paced and more decentralized approach. Employees expect instant access to corporate resources, no matter where they are in the world or what device they are using. They also want the freedom to leverage a variety of cloud applications, often blurring the lines between personal and corporate use. If IT attempts to prevent any of these initiatives, employees will seek a workaround, which can often pose a greater threat to the network than the original action. Further, the network itself continues to become more complex. Many organizations are distributed, with branch offices and remote employees scattered across the globe. Datacenters continue to become more virtualized, but the majority of datacenters remain a mix of physical and virtual resources. As a result of these changes, security can often become an afterthought, especially if it inhibits business processes and productivity. Many legacy security solutions were not designed with today s challenges in mind, leaving organizations at an increased risk of attack. To address these issues, network security products must deliver on a few key concepts. First, Document #251721 2014 IDC. www.idc.com Page 2

they must be flexible. A single platform supporting a long list of security applications is preferable to a one-box, one-function scenario. Enterprises still often deploy appliances in a specialized fashion, but the ability to add services over time as needs change is important to protect the capital investment on the product for a longer period. Further, the consolidated management that a single-platform/multifunction solution provides can greatly streamline the administration process, improving both efficiency and security. While a hardware appliance may be necessary at the edge of the datacenter and at certain points within to control north/south traffic, virtual instances are preferable for granular segmentation inside the datacenter and to ensure visibility into east/west (inter- VM) traffic. In addition to feature flexibility, solutions must secure both physical and virtual environments. While a hardware appliance may be necessary at the edge of the datacenter and at certain points within to control north/south traffic, virtual instances are preferable for granular segmentation inside the datacenter and to ensure visibility into east/west (inter- VM) traffic. Management of both physical and virtual security solutions from a single console helps organizations maintain a consistent security policy and drive staff efficiency. Finally (but arguably most importantly), security efficacy must be high. This has become increasingly difficult in recent years. Threats have become more specialized and advanced. Hackers no longer send a single piece of code to millions of targets; rather, they modify their attacks to exploit particular vulnerabilities (whether they are people or technology based) within a target. Limiting threat vectors through application control and traditional filtering technologies serves to weed out more common threats; however, advanced scanning is becoming table stakes for network security products. Signature-based technologies are not dead, but increasingly, intelligence from multiple sources is being consolidated and correlated to drive threat prevention in real time. McAfee Next Generation Firewall Solution McAfee has always been known for its strong endpoint protection products but boasts a very broad portfolio of security technologies, including network security. Its Next Generation Firewall offers a flexible platform to address a variety of use cases and deployment scenarios. Key features include IPS, application control, antivirus, URL filtering, and VPN. All capabilities are inherent in the software, enabling users to turn on needed features depending on network requirements, without bolting on additional technologies. The solution can be deployed as a stateful firewall with VPN termination, full NGFW with IPS and application control, Layer 2 firewall for datacenter deployments, or IPsec VPN gateway for branch office connectivity. A variety of dedicated hardware appliances offer throughput ranging from 100Mbps to 120Gbps. McAfee Next Generation Firewall can also be deployed as software on standard x86 systems or as a virtual appliance on the VMware ESX or KVM platform. Document #251721 2014 IDC. www.idc.com Page 3

The solution s unified software architecture enables better performance and the same fullfeatured deployment regardless of deployment method. One of the most important differentiators for the McAfee Next Generation Firewall is its anti-evasion technology. Cybercrime has become a multibillion-dollar business, and many hackers are well-funded and highly skilled. In addition to customized malware, these attackers can leverage advanced evasion techniques to bypass traditional defenses by obfuscating their code, delivering the payload over multiple protocols, or sending fragmented malicious packets. McAfee relies on traffic normalization to defend against over 800 million advanced evasion techniques by using vulnerability-centric fingerprints and inspecting the data stream in full as opposed to individual packets. McAfee s Security Management Center provides single-pane-of-glass control of all McAfee Next Generation Firewalls, regardless of deployment type. McAfee s Domains technology enables more efficient management for managed security service providers and large enterprise deployments by leveraging a single management server for disparate environments while keeping policy, context, and network elements separate. Up to 2,000 nodes can be managed through a single management server, which can host up to 200 domains. In addition to scalability from a management perspective, clustering of up to 16 nodes (NGFW) for high availability and performance can address datacenter and other compute-heavy use cases. Financial Benefits Analysis IDC aggregated data derived from its interviews with McAfee customers to measure the financial impact of the use of McAfee NGFW on these organizations. IDC aggregated data derived from its interviews with McAfee customers to measure the financial impact of the use of McAfee NGFW on these organizations. IDC calculates that these organizations will record an average annual benefit of $1.5 million over five years, or $27,154 per 100 users of the business applications protected by McAfee. The financial benefits fall into four main areas:» Business productivity benefits: Providing a more secure environment accelerated business processes, increasing productivity and contributing higher revenue. On average, these productivity benefits are worth $646,000 annually per organization, or $10,984 per 100 users.» Risk mitigation (end-user productivity) benefits: Securing physical and virtual environments across the organization is minimizing the business risk these organizations face from the full range of physical and cyberthreats. These benefits are worth an annual average of $465,000 per organization, or $7,896 per 100 users. Document #251721 2014 IDC. www.idc.com Page 4

» IT staff productivity gains: Leveraging efficiencies achieved with eliminating security threats is enabling McAfee customers to migrate IT staff assets to other business processes. IDC calculates that these time savings are worth an average of $390,000 per organization per year, or $6,632 per 100 users.» IT infrastructure cost reduction: Creating a scalable, consistent, and secure environment is saving McAfee customers an annual average of $97,000 per organization over five years, or $1,642 per 100 users (see Figure 1). FIGURE 1 Average Annual Benefits of McAfee NGFW per 100 Users $30,000 $25,000 $20,000 $6,632 $1,642 $15,000 $7,896 $10,000 $5,000 $10,984 $0 Business productivity benefits End-user productivity benefits IT staff productivity gains IT infrastructure cost reduction Total: $27,154 Risk Mitigation Benefits Because of the effectiveness of the McAfee security solution, the companies in this study enjoyed significantly higher security than they had before. The benefits were prevalent throughout the organization, impacting not only IT operations but business processes and corporate decision making as well. Many of the companies spoke of how much more proactive they had become and how their security programs were enhanced. As one manager related: Our whole threat management program is a lot more proactive. We ve been able to identify threats before they become events and have been able to predetermine which threats to mitigate automatically rather than mitigating manually. For example, we have recently evaluated our threat management around cipher usage identifying some encryption ciphers as weak. We have been able to use the McAfee Management Center to identify where we are using those weak ciphers and make sure that we have a smooth migration away from weak ciphers to strong ciphers. Now we are able to create a lot more reports for senior management. Document #251721 2014 IDC. www.idc.com Page 5

On average, the organizations in the study were able to leap from being 25% proactive in threat identification to 60%. In addition to limiting the security events, the organizationwide visibility enabled security teams to respond to events 84% quicker. The combination of these capabilities lowered security-related downtime by 94%. As a result of enhanced security, fewer events, and increased visibility, IT security staff have more time to support line-of-business managers with security planning for business initiatives. Table 2 shows the IT services quality enhancements from McAfee s NGFW. TABLE 2 Security KPIs Before McAfee After McAfee NGFW NGFW Proactively identify threats before they become events 25% 60% Response time to threats (minutes) 75 12 Annual security downtime (hours per user) 34.3 0.0 Time-to-market configuration for new apps (hours) 8.0 1.3 IT time available for innovation 25% 42% TABLE 3 End users of the business applications protected by security solutions feel the most significant impact of enhanced security. In the case of McAfee NGFW, each business user in the companies interviewed was able to gain an additional four workdays (32.9 hours) per year free of security attacks (see Table 3). What Table 3 does not reveal is that only one of the eight companies experienced any security-related downtime after deploying McAfee NGFW. Risk Mitigation Security-Related Downtime Before McAfee After McAfee NGFW NGFW Savings Advantage (%) Incidents per year 25.7 2.6 23.1 90 Hours per incident 4.5 2.7 1.8 41 Hours of downtime (per year) 115.7 6.9 108.8 94 Annual unplanned hours (per user) 32.9 0.0024 32.9 100 Annual planned downtime hours (per user) 1.4-1.4 100 Total downtime hours (per user) 34.3 0.0024 34.3 99.99 Document #251721 2014 IDC. www.idc.com Page 6

Business Productivity Benefits Business processes reliant on IT services become accustomed to uninterrupted operations and become quicker and more efficient. The value of enhanced security does not end with adding days of productive time. IT users become more confident in using the business applications because they know that their information is protected. As a result, utilization of new business applications increases, which enhances user productivity and accelerates the time to value for the application. Business processes reliant on IT services become accustomed to uninterrupted operations and become quicker and more efficient. Companies in the study reported increases in operational productivity from as low as 0.1% to as high as 17%, with the average across all companies being 6%, leading to an annual benefit of $411,469. Five of the eight companies interviewed for the study experienced revenue increases from deploying McAfee NGFW. Corporate revenue is enhanced in two ways:» Half of the companies experienced increased revenue directly from reducing downtime. These organizations were losing an average of $425,000 per hour before deploying McAfee NGFW. Overall, the average annual revenue gained from eliminating securityrelated downtime was $12 million.» Three of the eight companies reported increases in revenue attributed to McAfee NGFW, although not directly from reducing hours of downtime in revenue-generating services but from being able to deliver more reliable operations. Two of the companies reported increased agility as the driver, while the other company, a service provider, felt the value it derived from McAfee NGFW was more transformative: While connectivity is required in pretty much every implementation, companies have branches that are generally in locations that are poorly serviced. Because we had no reliable security solution to have wide area network connectivity where there was none, we turned down more opportunities than we put proposals in for. McAfee changed all that. It was worthwhile putting in the investment because of the nut that it cracked it s helping us achieve more revenue it s a self-fulfilling prophecy. Since we added McAfee to the solution, we more than doubled our revenue. Overall, the average annual revenue gained from improving operations was just under $1 million. For the purposes of quantifying economic benefits, IDC treats revenue and cost savings differently. Every $1 of revenue has costs associated with it and thus cannot be combined with cost savings without first removing the costs of goods sold and operating costs, which leaves the operating margin. IDC assumes a margin of 20%. The $2,590,233 annual revenue increase is calculated as a financial benefit by applying a 20% operating margin, which results in a net revenue benefit of $518,047 (see Table 4). Document #251721 2014 IDC. www.idc.com Page 7

TABLE 4 Business Productivity Benefits Business Productivity Benefits Value Annual revenue from reducing downtime $0 to $60 million Annual new revenue from improving operations $0 to $3.5 million Total average annual revenue increase $2,590,233 Operating margin 20% Net revenue benefit $518,047 6% increase in operations productivity $411,469 Total annual business productivity benefit $929,515 Annual benefit (per 100 users) $10,984 IT Staff Productivity Gains The IT security staffs in each of the companies interviewed were, as is typically the case, small. By using McAfee NGFW to manage both physical and virtual security solutions from a single console, they were able to maintain a consistent security policy and drive staff efficiency. In fact, these organizations had an average of 28 dashboards prior to adopting McAfee solutions and 1 dashboard after. The more centralized control and greater visibility were mentioned prominently in several interviews such as the following: Our visibility was horrible before we deployed McAfee. The primary value that it s brought is outside of the security space. We have a very complex point-of-sale architecture extremely complex. It s finicky, and there had been legacy problems that we d been dealing with for years. These problems would come and go nobody really understood how they worked. Well this device gave us the ability to look into the specific network traffic and conduct network analysis. We ve been able to troubleshoot and resolve these issues, tremendously impacting operations in our stores. The impact of McAfee NGFW stretched across the IT staff as a whole reducing the time requirements for dealing with security-related downtime and service desk incidents. Each company was able to reduce the amount of time spent keeping the lights on from 75% to 58%, while lowering its annual cost per user for security staff from $122 to $81. In addition, these organizations were able to grow their operations; they were able to deploy more applications and servers and therefore more firewalls (32% annual growth in firewalls) and avoid having to add more security staff overhead. The net result is that the companies deploying McAfee NGFW have more than double the time to support more innovative activities and at less than half the cost (see Figure 2). Document #251721 2014 IDC. www.idc.com Page 8

FIGURE 2 IT Staff Innovation $122 per user $171 per user $81 per user 75% 82% 58% 25% 18% 42% Keeping the lights on Contributing to innovation Before McAfee NGFW Projected without McAfee NGFW After McAfee NGFW IT Infrastructure Cost Reduction McAfee NGFW enables organizations to consolidate multiple security appliances onto one platform and because it is a very efficient platform reduce the number of firewalls as well. Organizations in our study reported reducing hardware and software costs (32%) and related bandwidth costs (28%) and power and space costs (19%). Overall infrastructure costs were reduced by 30% (see Figure 3). FIGURE 3 Infrastructure Costs per 100 Users $6,000 $5,000 $4,000 $3,000 $5,406 $2,733 $3,764 $1,857 $2,000 1,000 $0 $1,825 Before McAfee NGFW $1,258 $384 $275 $464 $374 After McAfee NGFW Hardware Software licenses Bandwidth Power and facilities Document #251721 2014 IDC. www.idc.com Page 9

ROI Analysis IDC uses a discounted cash-flow methodology to calculate the return on investment (ROI) and payback period. ROI is the ratio of the net present value (NPV) and discounted investment. The payback period is the point at which cumulative benefits equal the initial investment. IDC assessed the cost, benefits, and value associated with the use of McAfee NGFW by the eight organizations interviewed for this white paper over a five-year period. IDC calculates that these organizations are initially investing an average of $332,000 ($5,647 per 100 users) in hardware, installation, consulting, and training. Annual costs for fees and support total $144,000 ($2,448 per 100 users). These organizations will achieve annual benefits worth an average of $1.5 million per organization ($25,517 per 100 users) over five years (see Figure 4). FIGURE 4 Cost Benefit Analysis per 100 Users $120,000 $109,674 $100,000 $80,000 $60,000 $40,000 $20,000 $0 - $20,000 $26,361 $26,850 $27,460 $25,970 $20,920 -$5,647 -$2,448 -$2,448 -$2,448 -$2,448 -$2,448 Initial Year 1 Year 2 Year 3 Year 4 Year 5 Investment Benefits Cumulative benefit The five-year ROI analysis shows that the average organization interviewed for this white paper will spend $851,000 per organization ($14,471 per 100 users) to implement and support McAfee NGFW (see Table 5). In return, the average organization will realize $5.3 million per organization ($90,808 per 100 users) in benefits. This results in a net present value of $4.4 million per organization ($76,336 per 100 users). This means that interviewed organizations will have an average time of six months to break even on their investment in McAfee NGFW after installation and an ROI of 527%. Document #251721 2014 IDC. www.idc.com Page 10

TABLE 5 Five-Year ROI Analysis per 100 Users Benefits (discounted) $90,808 Investment (discounted) $14,471 Net present value (NPV) $76,336 ROI = NPV/investment 527% Payback period 6 months Discount rate 12% Challenges/Opportunities McAfee Next Generation Firewall presents a number of opportunities for the vendor, if certain challenges can be overcome. While McAfee has had proxy firewall technology for a number of years, its foray into the traditional next-generation market is more recent. This segment of the market has become incredibly competitive, and customers can be hesitant to shift from incumbent providers and replace existing deployments. There may be some confusion in the short term with the different network security technologies McAfee offers (Next Generation Firewall, Firewall Enterprise, Network Security Platform) and how the features compare and overlap between the platforms. Finally, channel support and enablement will be key. Partners will need to be educated and incentivized on the Next Generation Firewall solution. Despite these challenges, McAfee Next Generation Firewall presents McAfee with a strong opportunity to expand its network security footprint. McAfee s advanced evasion technology could be a key differentiator to accomplishing this goal. With high-profile data breaches occurring more frequently, advanced attacks are top of mind for many organizations. That being said, evasion defense is typically an afterthought to deeper malware analysis and an area McAfee can address. Further, a firewall solution leveraging the intelligence generated by the entire McAfee security portfolio is a very compelling product. In the future, the ability to utilize both local and global threat intelligence through McAfee s Threat Intelligence Exchange (TIE) will further augment the threat prevention capabilities in Next Generation Firewall. Finally, from a go-to-market perspective, service providers could become a very strong channel for this product. The platform flexibility and management scalability address many of the key issues service providers face from a cost and efficiency standpoint and could provide a strong alternative to their current equipment partnerships. Document #251721 2014 IDC. www.idc.com Page 11

Conclusion McAfee Next Generation Firewall addresses many of today s key concerns while providing an aggregate financial benefit to organizations. The solution leverages a flexible architecture to address both datacenter and edge deployments, provides strong security efficacy against both traditional and advanced threats, and utilizes a centralized console to simplify management. These factors contribute to tangible benefits, including improved business productivity from accelerated business processes, enhanced risk mitigation and fewer security events, reduced infrastructure costs, and increased time spent on IT innovation. Historically, security has been viewed as a sunk cost and barrier to rapid growth. The advances in mobile, cloud, and datacenter capabilities too often forced companies to choose between security and innovation. This ROI analysis reveals that security can be a business enabler and help organizations become both more agile and more secure. Appendix Methodology IDC utilized its standard ROI methodology for this project. This methodology is based on gathering data from current users of the technology as the foundation for the model. Based on these interviews, IDC performs a three-step process to calculate the ROI and payback period:» Measure the savings from reduced IT costs (staff, hardware, software, maintenance, and IT support), increased user productivity, and improved revenue over the term of the deployment.» Ascertain the investment made in deploying the solution and the associated training and support costs.» Project the costs and savings over a five-year period and calculate the ROI and payback for the deployed solution. IDC bases the payback period and ROI calculations on a number of assumptions, which are summarized as follows:» Time values are multiplied by burdened salary (salary + 28% for benefits and overhead) to quantify efficiency and manager productivity savings.» Downtime values are a product of the number of hours of downtime multiplied by the number of users affected. Document #251721 2014 IDC. www.idc.com Page 12

» The impact of unplanned downtime is quantified in terms of impaired end-user productivity and lost revenue.» Lost productivity is a product of downtime multiplied by burdened salary.» Lost revenue is a product of downtime multiplied by the average revenue generated per hour.» The net present value of the five-year savings is calculated by subtracting the amount that would have been realized by investing the original sum in an instrument yielding a 12% return to allow for the missed opportunity cost. This accounts for both the assumed cost of money and the assumed rate of return. Because every hour of downtime does not equate to a lost hour of productivity or revenue generation, IDC attributes only a fraction of the result to savings. As part of our assessment, we asked each company what fraction of downtime hours to use in calculating productivity savings and the reduction in lost revenue. IDC then taxes the revenue at that rate. Further, because IT solutions require a deployment period, the full benefits of the solution are not available during deployment. To capture this reality, IDC prorates the benefits on a monthly basis and then subtracts the deployment time from the first-year savings. Note: All numbers in this document may not be exact due to rounding. IDC Global Headquarters 5 Speen Street Framingham, MA 01701 USA 508.872.8200 Twitter: @IDC idc-insights-community.com www.idc.com Copyright Notice External Publication of IDC Information and Data Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason. About IDC International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications and consumer technology markets. IDC helps IT professionals, business executives, and the investment community make fact-based decisions on technology purchases and business strategy. More than 1,100 IDC analysts provide global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries worldwide. For 50 years, IDC has provided strategic insights to help our clients achieve their key business objectives. IDC is a subsidiary of IDG, the world s leading technology media, research, and events company. Copyright 2014 IDC. Reproduction without written permission is completely forbidden. Document #251721 2014 IDC. www.idc.com Page 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information