1 / 33

Buyer Beware: 2004 Vendor Report Card

Buyer Beware: 2004 Vendor Report Card. Andrew Briney, Information Security Magazine David Taylor, TheInfoPro (TIP). 2004 Priorities Survey. TIP Wave 3 Study Feb-March 2004 175 decision-makers interviewed in 6 month “waves” Ave. interview: 1 hr

ryder
Télécharger la présentation

Buyer Beware: 2004 Vendor Report Card

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Buyer Beware: 2004 Vendor Report Card Andrew Briney, Information Security Magazine David Taylor, TheInfoPro (TIP)

  2. 2004 Priorities Survey

  3. TIP Wave 3 Study • Feb-March 2004 • 175 decision-makers interviewed in 6 month “waves” • Ave. interview: 1 hr • Ratings and commentary on 40 market sectors

  4. 2004 Priorities Survey • 175 in-depth interviews • SME’s: Perimeter Focus, First-Generation Defense • Fortune 1000: “Portfolio Approach” • Even Distribution of Spending • Focus on Intelligence, Granularity, Analytics

  5. The Security Spending Priority is Infrastructure for F500s; Perimeter Security is a Higher Priority for SMEs 2004 Budget Allocation 2003 Security Expenditure TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  6. 2004 Priorities Survey Fortune 1000 Priorities: • Perimeter • Application intelligence (IPS, App FWs) • Layered security controls • Infrastructure • Provisioning • Identity Management • Wireless • Management • Patch Management • Vulnerability Management • Scorecard/Dashboard

  7. Other Emerging Trends • Infrastructure demand is driving interest in ESM, Single Sign-on & ID Management - Users are seeking more “architected” solutions, but have a lot of homegrown management tools that require integration • Spending on tactical security products narrowing to “visible” problems - Anti-Spam and patch management are high “tactical” priorities

  8. Other Emerging Trends, II • HIDS, HIPS, Secure Messaging, ID Management are other spending priorities - These are relatively “open” markets with few dominant vendors • TippingPoint, Cisco & NetScreen/Neoteris have the most “exciting” new products - High “Exciting” score is indicative of marketing and message effectiveness

  9. Other Emerging Trends, III • Head-to-head comparisons of Firewall and AV leaders show NetScreen slightly ahead of Cisco and Check Point, and Symantec ahead of NAI and Trend Micro - They don’t make deals; interoperability and sales quality are differentiators • Vendors rated best by their customers on key indicators Product Quality and Delivery as Promised include: NetScreen, Websense, VeriSign, Bindview and NAI. - Of the 12 ratings TIP gets on each vendor, these show differentiation well

  10. Customers Plan to Spend More On Focused, Sector-Leading Vendors Percent of Customers TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  11. Perimeter Roadmap: IPS, Secure Msg. and Integrated Appliances Shine Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  12. Infrastructure Roadmap: A Wealth of Projects are Being Launched Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  13. Management Roadmap: Homegrown Tools & Lots of New Spending Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  14. Percentage of Users PlanningImplementations in the Next 6 Months Which of these technologies do you plan to implement in the next 6 months? Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  15. Information Security Technology Heat Index:Sectors With the Most Immediate Needs and Highest Spending and Preferred Vendors TheInfoPro Study Security Wave 3 heat index weights near term plans higher than long term plans and weights the priorities of those enterprises with larger budgets higher than those with smaller budgets.

  16. Intrusion Prevention – Perimeter: Preferred Vendors for New Projects TIPNetwork Quotes: • Just implemented ISS’s new features. It's not bad. It is a little smarter and doesn't require the techie knowledge of an IDS. It is more intuitive. It's still in a trial state. • We ripped Cisco out because of too many false positives. We replaced Cisco with Snort. • We are not happy with Entrust’s IPS solution. When we turn logging on, the load cripples the system.. • One of the reasons we like TippingPoint is that it's really more of a switch -- it checks at switch speeds. The design and architecture are built for speed and value. • Check Point’s SmartDefense has an option that we purchased that does application inspection features. • We use BlueCoat now, but we will look at the security appliance offerings for this functionality. • Someone told us about this company from Israel, Vsecure. We supported their launch in the U.S. We like to use the younger companies as beta sites. Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  17. Integrated Security Appliances: Preferred Vendors for New Projects TIPNetwork Quotes: • There is absolute terror associated with a false positive because it can shut down our business. There are a couple of IPS devices we're looking at from Nokia with good heuristics and good packet inspection. • Check Point is way too expensive. We have an appliance for ISS for IDS. We didn't buy it, we outsourced to them. • We trust Symantec. Their appliance is reliable and we haven't had any breeches.as beta sites. • We use BlueCoat’s security gateway product. We were using them for other functions. There is a lot of value in one appliance. • We have SurfControl on an appliance for content management. I met them at a conference. It was easy to understand and their claims came through. • I like Crossbeam because it's blade scaleable. It's one big chassis with a high speed backpane. Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  18. Single Sign-On: Preferred Vendors for New Projects TIPNetwork Quotes: • Netegrity’s SiteMinder works well. We haven’t used it a lot because it is expensive for the way it is licensed.We will do SSO in-house because we have a lot of proprietary applications we run. • This is number one on my list of over-hyped technologies. If you use an AAA server and User Provisioning, in conjunction with enterprise LDAP, you can reduce your sign-ons to one or two. So, why spend your money on Single Sign-on? • We use v-GO Single Sign-On from Passlogix. But there is a lot of hype on this -- it's not fully there yet. • We'll move to a Microsoft solution. We've migrated away from Novell in almost every instance, which is a decision from above. • IBM’s Tivoli is a mature product. Though not perfect, they are a pretty close fit for less money. Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  19. Enterprise Security Mgmt. (ESM): Preferred Vendors for New Projects TIPNetwork Quotes: • No one ties everything together. We have BigFix which does our patching, we use Foundstone that tells us Vulnerability, and Active Directory. Couldn't find anything to correlate all this meaningfully. • The business drivers aren't there. The technology is fairly mature, but the ROI is hard to determine for it. • We use NAI’s ePolicy Orchestrator (ePO) -- we have it now, for anti-virus across the enterprise. We just found out today that their Threat Scan plug-in for ePO does network discovery and host vulnerability assessments. If ePO can do all this, it will become extremely valuable. • We went with Intellitactics, based on a six to seven month project, including research, a Request for Comment, and a proof-of-concept for two months. • Use Ecora for log management. Also for correlation alerts and errors. It won't blast out alerts needlessly. Percent of Users TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  20. Top Security Vendors Reported to Have “Exciting” New Offerings TIPNetwork Quotes: Neoteris was acquired byNetScreen. The Neoteris sales team pushed me in a direction that caused me to look at other solutions. The sales team wasn't on the up and up. But, they were best, despite the sales team. Cisco's working on, with other vendors including Microsoft, the ability to automatically scan when new machine gets plugged into a network – checking for policy and software-level compliance. I would say, ZoneAlarm is exciting. Zone Labs is a personal fire wall vendor. ISS’s BlackICE is a competitor. Both do web content filtering. AirDefense with their wireless security. CipherTrustwith theirIronMailspam protection. It's a leap ahead of the other spam vendors. Brightmailhas been a significant improvement over what we had before, an older version of Trend Micro. I think that we got Brightmail in just in time. TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  21. Firewall -- Head-to-Head Vendor Comparison: Cisco vs. Check Point vs. NetScreen TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  22. Anti-Virus -- Head-to-Head Vendor Comparison: NAI vs. Symantec vs. Trend Micro TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  23. Perimeter Security Vendor Ratings Comparison: Quality and Fulfillment Interviewees rated the 3-4 vendors they know best on 12 factors. The responses are divided into equal quintiles, so there are the same number of responses in group, from the 0 blue boxes through 4 blue boxes. 0 blue boxes is the lowest quintile; 4 blue boxes is the highest quintile. TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  24. Infrastructure Security Vendor Ratings Comparison: Quality and Fulfillment TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  25. Management Security Vendor Ratings Comparison: Quality and Fulfillment TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  26. Services Security Vendor Ratings Comparison: Quality and Fulfillment TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  27. Content Filtering Vendor Ratings Comparison: Quality and Fulfillment TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  28. Customers Planning to Switch From Their Current Security Vendor TheInfoPro Study Security Wave 3 (3/9/04) Based on 188 Interviews. Not all interviewees answer all questions, so individual question n’s will vary.

  29. Customer Narratives on Their Security Vendors • Check Point: “The problem with Check Point is that they have outsourced their sales to an OEM. The sales people here don't know anything about their product. They don't understand the delivery process or navigate the Check Point maze.” • Nokia: “Nokia looked to be the best at the time. We're conceptually looking at alternatives. Would like better integration with our network environment.”

  30. Customer Narratives on Their Security Vendors, II • NetScreen: “Best in industry in an emerging technology. They weed out false positives faster and better than Check Point, and cost a bit less.” • TrendMicro: “Central console to manage deployment of latest scanner and virus pattern files. Weaknesses are their reporting -- it's hard to use their product to easily write a report about anti-virus activity in a meaningful way to give to management.“

  31. Customer Narratives on Their Security Vendors, III • Symantec: “They catch all the viruses. They also have good name recognition. They do an excellent job of keeping signatures up-to-date. Their support and sales groups are weak. They have a habit of changing your contacts often and were very late to the game with the managed solution. “ • Network Associates: “NAI’s customer service is strong. They have clear product upgrade paths, as solid technical staff. Their software has improved from release to release. We find few bugs. We get little up-sell sales pressure from their VAR channel, and the people are easy to deal with. Their financials are a weakness. It's hard to justify them being strategic. We heard they were merging with ISS & then they bought Intruvert.”

  32. Coming Up in December…Products of the Year

  33. Thank you.Questions, comments?

More Related