META Group says security suites don't work

Download our in-depth report: The Ultimate Guide to IT Security Vendors

Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  

META Group research indicates failure among vendors attempting to create comprehensive security integration schemes. While most users desire a single security vendor, in META Group's opinion, it is becoming apparent this is unlikely to occur. Instead, META Group expects most security vendors to focus more narrowly on tactical products to generate revenue.

Integration plays are now shifting to a multi-vendor approach, incorporating integrated threat management (ITM) consoles from companies including netForensics, PentaSafe, e-Security, OpenService, and Intellitactics. META Group believes this trend will also bolster the already rapid growth in managed security services, bodes well for public companies like ISS, and offers numerous opportunities for a number of private MSS (managed security services) vendors.

Additionally, META Group contends security budgets are somewhat insulated from the current wave of technology spending cuts, which further supports FAC/Equities' positive thesis on the entire security sector.

META Group research indicates vendors with comprehensive security integration schemes (e.g. Network Associates, IBM, Axent/Symantec) are failing to achieve broad functional security integration. Although most user organizations desire a single security vendor or integrated approach, META Group states it is becoming apparent that this is unlikely to occur other than at the security policy and management levels.

META Group expects most security vendors will begin to focus more narrowly on tactical products (e.g. firewalls, authentication, access control, intrusion detection) to create a faster return on investment for their customers. Integration plays are now shifting to a multi-vendor approach, incorporating integrated threat management (ITM) consoles (e.g., E-security, Intellitactics, Netforensics, etc.). META Group believes this trend will bolster the already rapid growth in the managed security service space and has witnessed a slew of new companies entering this nascent market including Aventail, Digital Mojo and redSiren.

As the demand for information security increases, both META Group and FAC/Equities note vendors of security suites (e.g., Tivoli, CA, Network Associates, Symantec/Axent) market their toolsets as "fully integrated, complete security solutions." Many of these product sets, according to META Group, consist of fragmented tools with low levels of integration. In addition, the functionality of the respective tools within these product suites tends to be inconsistent. While most suites contain one or more best-of-breed tools, they also contain several second-rate offerings as well.

META Group thinks there will be increased functional focus from information security vendors, which will require users to better integrate and prioritize functions. In META Group's opinion, this will lead to an increase in the number of organizations looking to outsource security. While the managed security services space is growing quickly, only certain security functions (e.g., firewall, VPN) are tested. META Group believes that significant maturation hurdles await other functions (e.g., scanning, identification, administration). META Group anticipates a number of these services will mature over the next 12 to 18 months and will be suitable for end users to address the integration of the disparate security solutions.

This story was excerpted from META FACts, a newsletter published by META Group and FAC/Equities, a division of First Albany. Matt Barzowskas is a vice president and Michael Prospero is an associate with FAC/Equities. Barzowskas can be reached at matt_barzowskas@fac.com or (617) 228-3512. Prospero can be reached at michael_prospero@fac.com or (617) 288-3112.

Submit a Comment

Loading Comments...