Hackers don't go after just the data center anymore. As enterprises embrace mobility, they become vulnerable to more sophisticated security threats that target and attack users through the Internet. Enterprises are responding by spending more on mobile computing security, a shift that analysts say led to increased spending on smarter products -- such as intrusion prevention systems and SSL VPN solutions -- from network security vendors.
"What enterprises want to do is not be victimized anymore," said Jeff Wilson, principal analyst at Infonetics Research, which recently released third quarter market share results. "They don't want to wind up on the news because they have a data breach and lose a bunch of social security numbers and sensitive financial information."
After two dismal quarters of reduced enterprise spending, network security vendors crawled out of the hole as global revenue grew 7% between the second and third quarter of this year, hitting $1.26 billion, according to the report. That is still down 12.5% from $1.44 billion this time last year.
Governments, service providers and organizations upgrading security to meet compliance rules were the biggest spenders, Wilson said, and most likely they are starting projects that were delayed earlier this year.
"There wasn't a lot of money that was budgeted early in the year because no one knew what was going on [with the economy]," he said. "It wasn't [as if] anyone said, 'Because the economy is bad, we don't need security anymore.'"
Mobile computing security leads to spending on intrusion prevention systems and SSL VPN solutions
Although a smaller subset of the network security market, secure sockets layer virtual private network (SSL VPN) solutions saw global revenue grow 13.5% over the last quarter. Enterprises have embraced SSL VPN solutions in part because of the "in case of emergency" (ICE) licenses available to temporarily accommodate increased usage, Wilson said. The Internet-based access allows for a simple mobile computing security solution for employees forced to work from home.
"SSL VPN is benefiting from general global chaos -- things like the H1N1 virus," he said. "A lot of people have been buying [ICE licenses] as a disaster prep."
Cisco Systems and Juniper Networks reps said customers are increasingly interested in SSL VPN solutions because they allow network access via the Internet -- letting enterprises breathe easier about mobile computing security as more and more employees access the network remotely.
But enabling a mobile workforce via the Internet has also opened up endpoint devices to more malware-based attacks. As a result, global revenue from intrusion prevention systems (IPS) grew 11.7% over the last quarter, according to Infonetics.
"That was the bounce-back we were waiting for," Wilson said. "IPS was growing, growing, growing but ground to a halt because of Cisco's [revenue] drop. A lot of Cisco's [security] revenue is tied up to sales of routers and switches ... so when their customers don't buy routers and switches, they don't buy security in a lot of cases."
Fred Kost, director of marketing for security solutions at Cisco, said he sees enterprises adopting intrusion prevention systems to see not only whether there is an attack and what it is but also from where the attack came and what information is available about the attacker.
The most recent version of Cisco's IPS includes a "reputation score" about the attacker, pulling that information from a massive cloud database that is constantly updated, Kost said. Cisco pulls information from Internet service providers, universities, partners and from the intrusion prevention system itself -- and shares it with customers.
"It's not a 30-day [patch] cycle anymore. Attackers are targeting users and behaviors and browsers on a frequent basis," Kost said. "You'll see a lot more focus on the threat intelligence and making sure the products and services have the latest threat information because … the product is only as good as the latest update."
The nature of attacks is also changing, prompting demand from customers for more intelligent solutions from network security vendors, according to Bobby Guhasarkar, director of product marketing of the data center security business unit at Juniper Networks.
"The attacks are targeting applications and application servers a lot more than they used to in the past," Guhasarkar said. "We'd have a lot of attacks against networking gear or the operating system, but nowadays we're seeing very sophisticated stateful attacks -- attacks generated by botnets on people's PCs."
Although these attacks are often simply a nuisance and don't rob enterprises of any sensitive information, Guhasarkar cautioned that they are often used as "practice exercises" for hackers training to launch a later attack for financial gain. In response, Juniper's latest version of its operating system, Junos, includes application denial-of-service protection.
Cisco still leads while Juniper rises to No. 2 in network security market
In the network security vendor horse race, Juniper pulled ahead of Check Point last quarter for the second-place slot with a 12.5% share of the network security market -- thanks to a 20% surge in revenue for Juniper from the second quarter to the third.
"Check Point and Juniper have been doing a dance between No. 2 and No. 3 for a couple of years," Wilson said. He attributed Juniper's gain to latent spending among enterprises and the availability of several new platforms for branch offices and large enterprises.
Juniper also retained its place as the leader in subsets of the market, including SSL VPN solutions (31.7%) and data center network security (43.7%). Infonetics includes in its market share calculations software-based network security products, which are not in Juniper's product line.
Guhasarkar, of Juniper, attributed the network security vendor's recent growth to its commitment not to compromise performance and speed for security and to meet customers' demand to consolidate within the data center.
"There was really a pent-up demand in the market for tightly integrated network security that scaled up to the bandwidth needs that people have today [such as] server virtualization, rich media applications and the amount of video that people are consuming," he said.
Cisco retained its place as leader among network security vendors for all security appliance and software products, according to Infonetics. Cisco's sales made up 35% of the market, up one point from the previous quarter -- finally reversing a share decline that began in the fourth quarter of 2008.
Let us know what you think about the story; email: Jessica Scarpati, News Writer