Buyer Beware: 2004 Vendor Report Card - PowerPoint PPT Presentation

About This Presentation
Title:

Buyer Beware: 2004 Vendor Report Card

Description:

Buyer Beware: 2004 Vendor Report Card Andrew Briney, Information Security Magazine David Taylor, TheInfoPro (TIP) 2004 Priorities Survey 2004 Priorities Survey 175 in ... – PowerPoint PPT presentation

Number of Views:102
Avg rating:3.0/5.0
Slides: 34
Provided by: cdnTtgtme
Category:

less

Transcript and Presenter's Notes

Title: Buyer Beware: 2004 Vendor Report Card


1
Buyer Beware 2004 Vendor Report Card
Andrew Briney, Information Security
Magazine David Taylor, TheInfoPro (TIP)
2
2004 Priorities Survey
3
  • TIP Wave 3 Study
  • Feb-March 2004
  • 175 decision-makers interviewed in 6 month
    waves
  • Ave. interview 1 hr
  • Ratings and commentary on 40 market sectors

4
2004 Priorities Survey
  • 175 in-depth interviews
  • SMEs Perimeter Focus, First-Generation Defense
  • Fortune 1000 Portfolio Approach
  • Even Distribution of Spending
  • Focus on Intelligence, Granularity, Analytics

5
The Security Spending Priority is Infrastructure
for F500s Perimeter Security is a Higher
Priority for SMEs
2004 Budget Allocation
2003 Security Expenditure
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
6
2004 Priorities Survey
  • Fortune 1000 Priorities
  • Perimeter
  • Application intelligence (IPS, App FWs)
  • Layered security controls
  • Infrastructure
  • Provisioning
  • Identity Management
  • Wireless
  • Management
  • Patch Management
  • Vulnerability Management
  • Scorecard/Dashboard

7
Other Emerging Trends
  • Infrastructure demand is driving interest in ESM,
    Single Sign-on ID Management
  • - Users are seeking more architected solutions,
    but have a lot of homegrown management tools that
    require integration
  • Spending on tactical security products narrowing
    to visible problems
  • - Anti-Spam and patch management are high
    tactical priorities

8
Other Emerging Trends, II
  • HIDS, HIPS, Secure Messaging, ID Management are
    other spending priorities
  • - These are relatively open markets with few
    dominant vendors
  • TippingPoint, Cisco NetScreen/Neoteris have the
    most exciting new products
  • - High Exciting score is indicative of
    marketing and message effectiveness

9
Other Emerging Trends, III
  • Head-to-head comparisons of Firewall and AV
    leaders show NetScreen slightly ahead of Cisco
    and Check Point, and Symantec ahead of NAI and
    Trend Micro
  • - They dont make deals interoperability and
    sales quality are differentiators
  • Vendors rated best by their customers on key
    indicators Product Quality and Delivery as
    Promised include NetScreen, Websense, VeriSign,
    Bindview and NAI.
  • - Of the 12 ratings TIP gets on each vendor,
    these show differentiation well

10
Customers Plan to Spend More On Focused,
Sector-Leading Vendors
Percent of Customers
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
11
Perimeter Roadmap IPS, Secure Msg. and
Integrated Appliances Shine
Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
12
Infrastructure Roadmap A Wealth of Projects
are Being Launched
Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
13
Management Roadmap Homegrown Tools Lots of
New Spending
Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
14
Percentage of Users PlanningImplementations in
the Next 6 Months
Which of these technologies do you plan to
implement in the next 6 months?
Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
15
Information Security Technology Heat
IndexSectors With the Most Immediate Needs and
Highest Spending and Preferred Vendors
TheInfoPro Study Security Wave 3 heat index
weights near term plans higher than long term
plans and weights the priorities of those
enterprises with larger budgets higher than those
with smaller budgets.
16
Intrusion Prevention Perimeter Preferred
Vendors for New Projects
TIPNetwork Quotes
  • Just implemented ISSs new features. It's not
    bad. It is a little smarter and doesn't require
    the techie knowledge of an IDS. It is more
    intuitive. It's still in a trial state.
  • We ripped Cisco out because of too many false
    positives. We replaced Cisco with Snort.
  • We are not happy with Entrusts IPS solution.
    When we turn logging on, the load cripples the
    system..
  • One of the reasons we like TippingPoint is that
    it's really more of a switch -- it checks at
    switch speeds. The design and architecture are
    built for speed and value.
  • Check Points SmartDefense has an option that we
    purchased that does application inspection
    features.
  • We use BlueCoat now, but we will look at the
    security appliance offerings for this
    functionality.
  • Someone told us about this company from Israel,
    Vsecure. We supported their launch in the U.S.
    We like to use the younger companies as beta
    sites.

Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
17
Integrated Security Appliances Preferred
Vendors for New Projects
TIPNetwork Quotes
  • There is absolute terror associated with a false
    positive because it can shut down our business.
    There are a couple of IPS devices we're looking
    at from Nokia with good heuristics and good
    packet inspection.
  • Check Point is way too expensive. We have an
    appliance for ISS for IDS. We didn't buy it, we
    outsourced to them.
  • We trust Symantec. Their appliance is reliable
    and we haven't had any breeches.as beta sites.
  • We use BlueCoats security gateway product. We
    were using them for other functions. There is a
    lot of value in one appliance.
  • We have SurfControl on an appliance for content
    management. I met them at a conference. It was
    easy to understand and their claims came through.
  • I like Crossbeam because it's blade scaleable.
    It's one big chassis with a high speed backpane.

Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
18
Single Sign-On Preferred Vendors for New
Projects
TIPNetwork Quotes
  • Netegritys SiteMinder works well. We havent
    used it a lot because it is expensive for the way
    it is licensed.We will do SSO in-house because we
    have a lot of proprietary applications we run.
  • This is number one on my list of over-hyped
    technologies. If you use an AAA server and User
    Provisioning, in conjunction with enterprise
    LDAP, you can reduce your sign-ons to one or two.
    So, why spend your money on Single Sign-on?
  • We use v-GO Single Sign-On from Passlogix. But
    there is a lot of hype on this -- it's not fully
    there yet.
  • We'll move to a Microsoft solution. We've
    migrated away from Novell in almost every
    instance, which is a decision from above.
  • IBMs Tivoli is a mature product. Though not
    perfect, they are a pretty close fit for less
    money.

Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
19
Enterprise Security Mgmt. (ESM) Preferred
Vendors for New Projects
TIPNetwork Quotes
  • No one ties everything together. We have BigFix
    which does our patching, we use Foundstone that
    tells us Vulnerability, and Active Directory.
    Couldn't find anything to correlate all this
    meaningfully.
  • The business drivers aren't there. The
    technology is fairly mature, but the ROI is hard
    to determine for it.
  • We use NAIs ePolicy Orchestrator (ePO) -- we
    have it now, for anti-virus across the
    enterprise. We just found out today that their
    Threat Scan plug-in for ePO does network
    discovery and host vulnerability assessments. If
    ePO can do all this, it will become extremely
    valuable.
  • We went with Intellitactics, based on a six to
    seven month project, including research, a
    Request for Comment, and a proof-of-concept for
    two months.
  • Use Ecora for log management. Also for
    correlation alerts and errors. It won't blast
    out alerts needlessly.

Percent of Users
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
20
Top Security Vendors Reported to Have Exciting
New Offerings
TIPNetwork Quotes
Neoteris was acquired by NetScreen. The Neoteris
sales team pushed me in a direction that caused
me to look at other solutions. The sales team
wasn't on the up and up. But, they were best,
despite the sales team.
Cisco's working on, with other vendors including
Microsoft, the ability to automatically scan when
new machine gets plugged into a network
checking for policy and software-level compliance.
I would say, ZoneAlarm is exciting. Zone Labs is
a personal fire wall vendor. ISSs BlackICE is a
competitor. Both do web content filtering.
AirDefense with their wireless security.
CipherTrust with their IronMail spam protection.
It's a leap ahead of the other spam vendors.
Brightmail has been a significant improvement
over what we had before, an older version of
Trend Micro. I think that we got Brightmail in
just in time.
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
21
Firewall -- Head-to-Head Vendor Comparison
Cisco vs. Check Point vs. NetScreen
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
22
Anti-Virus -- Head-to-Head Vendor Comparison
NAI vs. Symantec vs. Trend Micro
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
23
Perimeter Security Vendor Ratings Comparison
Quality and Fulfillment
Interviewees rated the 3-4 vendors they know best
on 12 factors. The responses are divided into
equal quintiles, so there are the same number of
responses in group, from the 0 blue boxes through
4 blue boxes. 0 blue boxes is the lowest
quintile 4 blue boxes is the highest quintile.
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
24
Infrastructure Security Vendor Ratings
Comparison Quality and Fulfillment
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
25
Management Security Vendor Ratings Comparison
Quality and Fulfillment
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
26
Services Security Vendor Ratings Comparison
Quality and Fulfillment
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
27
Content Filtering Vendor Ratings Comparison
Quality and Fulfillment
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
28
Customers Planning to Switch From Their Current
Security Vendor
TheInfoPro Study Security Wave 3 (3/9/04) Based
on 188 Interviews. Not all interviewees answer
all questions, so individual question ns will
vary.
29
Customer Narratives on Their Security Vendors
  • Check Point The problem with Check Point is
    that they have outsourced their sales to an OEM.
    The sales people here don't know anything about
    their product. They don't understand the delivery
    process or navigate the Check Point maze.
  • Nokia Nokia looked to be the best at the time.
    We're conceptually looking at alternatives.
    Would like better integration with our network
    environment.

30
Customer Narratives on Their Security Vendors, II
  • NetScreen Best in industry in an emerging
    technology. They weed out false positives faster
    and better than Check Point, and cost a bit
    less.
  • TrendMicro Central console to manage deployment
    of latest scanner and virus pattern files.
    Weaknesses are their reporting -- it's hard to
    use their product to easily write a report about
    anti-virus activity in a meaningful way to give
    to management.

31
Customer Narratives on Their Security Vendors, III
  • Symantec They catch all the viruses. They also
    have good name recognition. They do an excellent
    job of keeping signatures up-to-date. Their
    support and sales groups are weak. They have a
    habit of changing your contacts often and were
    very late to the game with the managed solution.
  • Network Associates NAIs customer service is
    strong. They have clear product upgrade paths,
    as solid technical staff. Their software has
    improved from release to release. We find few
    bugs. We get little up-sell sales pressure from
    their VAR channel, and the people are easy to
    deal with. Their financials are a weakness.
    It's hard to justify them being strategic. We
    heard they were merging with ISS then they
    bought Intruvert.

32
Coming Up in DecemberProducts of the Year
33
Thank you.Questions, comments?
Write a Comment
User Comments (0)
About PowerShow.com