Security: getting proactive about it
Integrated appliances are the flavour of the season as India
Inc gets serious about security and starts taking a proactive approach, says
of the Indian security solutions market exceeded the expectations of most analysts
last year. This momentum is expected to continue in 2005 as security war chests
are expected to be opened wide this year. Analysts from Frost & Sullivan
say that the growth of the network security market in India will exceed the
projected growth rate of 32.4 percent in 2005. The IT and BPO industry will
be the biggest consumers of security solutions.
2004: beyond expectations
Frost & Sullivan had pegged the growth of the security market at 38 percent
for 2004. Although the final numbers are yet to be released officially, the
analyst firm expects the network security market to have grown by 45 percent
(valued at $45 million) in 2004 up from $29.9 million in 2003.
IT and BPO drove the market last year, accounting for 40 percent of network
security purchases. The BFSI sector was a close second with a contribution of
30 percent. Government, manufacturing and SMB (Small and Medium Businesses)
contributed the remainder.
Of the overall network security market, firewalls are expected to have grossed
$22.5 million in 2004, VPN $14.5 million, and IDS (Intrusion Detection Systems)
Shantanu Dasgupta, Industry Analyst, Technology Practice, Frost & Sullivan,
attributes the robust growth of IDS to customers who had already invested in
VPN and firewall, adding one more layer of security. 2004 saw the debut of Intrusion
Prevention Systems (IPS) that aim at taking a proactive approach to network
security by attacking the root cause of the problem rather than detecting a
problem and then fixing it. The Indian IDS sub-segment grew by 65 percent to
rank among the fastest growing in the APAC.
Last year also witnessed the growth of SSL VPN, estimated at $1.2 million by
Frost & Sullivan. The principal players in the Indian SSL VPN market are
Juniper Networks, Aventail, Nortel and NetScaler. Dasgupta says, The SSL
VPN market is new in India but it is expected to mature in 2005. The total cost
of ownership (TCO) of installing and maintaining an SSL VPN network is lower
than that of IPSec VPN. Additionally, the overheads associated with the
latter technology such as installing IPSec-VPN clients on each desktop are avoided
in the case of SSL VPN.
Another significant trend observed last year in the security market was the
emergence of integrated security appliances combining the capabilities of firewall,
VPN, IDS and anti-virus (AV) coupled with anti-spam. The market for integrated
appliances in India was close to $1 million in 2004.
Security appliances are well-suited to the needs of organisations with more
than 500 users.
As far as the AV market is concerned, there was steady demand for these solutions,
and the popularity of AV products continued as enterprises continued to buy
them. The demand for anti-virus products will sustain in the years to come.
|Companies are no longer finding solace in stand-alone
anti-virus (AV) solutions. They want capabilities such as anti-spam, firewall
and IDS, both on the client (desktop or notebook) and at the gateway. Here
are the views of some leading players:
- Pravir Arora, Director, Marketing, and Head, Channel Sales, Computer
Associates India & SAARC: Although there are no concrete figures
available from any of the analyst firms, it is believed that the AV
market in India is growing faster than the PC market. AV has become
- Kartik Shahani, Country Manager, McAfee India: [A virus or
worm] could take three minutes to strike but more than three hours to
repair depending on the severity.
- Vinod Kumar, Managing Director, Satcom Infotech: The increased
use of Internet for communication, the alarming rise in the number of
viruses reported, and awareness among users of the benefits of licenced
software will push the AV market. There has also been a new market
segment visible in terms of small and medium business enterprises that
are investing in anti-virus software.
- Ambarish Deshpande, Head-Channel and Consumer Sales, Symantec India:
Although the emphasis will be on intrusion prevention rather than
detection, we are expecting an increasing number of attacks in 2005.
Organisations will go in for integrated security (anti-virus, firewall,
IDS and anti-spam) at the gateway and the client level.
2005: BPO & IT to fuel growth
This year the IT and BPO segments will drive the security market. Dasgupta remarks,
The IT and BPO segments need to handle online customer transactions that
concern sensitive customer data. Hence, security is a major cause of concern
for them. With regulations such as the Sarbanes-Oxley Act (SOA), TurnBel
in Britain and the HIPPA for healthcare affecting Indian IT and BPO companies,
they will need to go in for foolproof security networks this year to adhere
to international regulations.
2005 will also see banks go online and continue the ongoing build-out of their
ATM networks. Comments Dasgupta, The spending from the government sector
on network security should also show an increase in 2005 as there is a trend
where government is investing in e-governance projects and computerisation programmes,
which in turn are expected to fuel the investment on network security.
The SSL VPN market is expected to grow speedily as the technology is maturing.
It will grow faster than IPSec, although on a smaller base. Both these markets
will grow steadily in 2005. Dasgupta of Frost & Sullivan comments, The
IPSec VPN market is expected to grow by 35 percent while the SSL VPN will grow
by 60 percent in 2005. Growth will be driven by those companies that have offices
spread across geographies and have a mobile workforce which needs to be securely
connected to the [head] office. The IPSec VPN market was worth $13.2 million
The IDS market is expected to grow 40 percent in 2005. The concept of IPS, which
was introduced in the market in 2004, is expected to evolve in 2005.
The nascent integrated security appliance market in India
will see appliances being offered that combine multiple security features in
a single box. These multi-function boxes that come with integrated firewall,
VPN, IDS, anti-spam and anti-virus will be popular in 2005. 2004 saw an increase
in broadband penetration, but brought along with it a number of content-level
blended threats. Appliances have proved their capability to perform deep packet
inspection (looking inside e-mail attachments, downloads and the like), thereby
eliminating content level threats and ensuring secure content-level management.
In 2005 we hope to see players in the integrated appliance space forging
alliances to complement each others products
Vishak Raman Country ManagerIndia
SSL is not always the right technology. IPSec is a more viable technology
when it comes to intra-enterprise site-to-site connectivity
Business Development Manager
Cisco Systems, India & SAARC
Although the emphasis will be on intrusion prevention rather than detection,
we are expecting an increasing number of attacks in 2005
Head, Channel & Consumer Sales Symantec India
The government and education segments want to have content and URL filtering
at the gateway level to prevent users from accessing unwanted Web sites
The appliance advantage
India Inc. is expected to invest in security appliances on account of the ease
of manageability that these appliances offer. Appliances are easy to configure,
and deployment is smooth. Whats more, these boxes can be efficiently monitored
from a central location. Due to the ease of manageability, security appliances
have helped organisations cut down on staffing costs as they can manage security
with fewer people. Another bonus is that using appliances permits organisations
to do away with licencing fees that would otherwise have to be incurred on software-based
In the past, organisations faced accountability issues while maintaining SLAs
with vendors as each area of security was handled by a separate vendor. Whenever
a security breach occurred, it became difficult to get the matter resolved as
no one was willing to take the responsibility for the breach. But with security
appliances, CIOs can turn to a single vendor for support and hold the vendor
Even vendors are bullish about appliances. Says Ajith Pillai,
Country Manager-India, WatchGuard Technologies, Last year integrated security
appliances accounted for 80 percent of our Indian sales.
Organisations having 100 to 1,000 users are prime customers for the company.
As of now it has 500 Indian customers, and it intends to tap B&C cities
Fortinet, Inc has also had some big wins in the recent past, bagging orders
from Air-India, Ramco, Biocon and Lason. Says Vishak Raman, country manager-India
of Fortinet, In 2005 we hope to see players in the integrated appliance
space forging alliances to complement each others products, and then bundling
Elitecore has the Cyberoam appliance, and over 500 deployments at companies
such as Chambal Fertiliser & Chemical, Government of Gujarat, BSNL, Indian
Institute of Management-Bangalore, National Dairy Development Board, Indian
Institute of Remote Sensing and Bharat Heavy Electricals. Says Harish Chib,
the companys Vice-president for Marketing-Products, We have seen
a strong push from the government and education segments for our product. They
want content and URL filtering at the gateway level to stop users from accessing
unwanted Web sites.
A tale of two VPNs
Last year there was considerable debate about which VPN technology
would dominate this yearSSL or IPSec. Many believe that SSL VPNs will
eventually replace IPSec. That said, both technologies are poised to co-exist
in 2005; they already do so at many enterprises, with iGATE Global Solutions
being just one example.
SSL and IPSec are both standards-based protocols that are widely deployed. IPSec
operates at the network layer whereas SSL operates at the application layer.
As SSL is independent of operating systems, it is possible to offer a secure
environment for remote users who are, for example, accessing the corporate network
from non-secure end-points using a standard Web browser in a cyber cafe. IPSec
VPN is ideal for providing high-performance security for site-to-site VPNs where
the remote user has managed secure access to the VPN through, say, a notebook
issued by his employer.
SSL is not always the right technology. IPSec is a more viable technology
when it comes to intra-enterprise site-to-site connectivity, and it works better
when traffic from a large number of applications needs to be secured. All flavours
of VPN have their pros and cons, says Jagdish Mahapatra, who is the Business
Development Manager, Cisco Systems, India and SAARC.
IPSec VPNs can be used to connect remote or branch offices to each other or
to the head office. Muthu Kumar M, Managing Director, Aventail India, has this
to say, IPSec VPN is traditionally meant for office-to-office connectivity,
but SSL VPN is best suited for remote connectivity as it facilitates the same
level of secure access to an employee on the move as he would have working onsite.
We expect organisations that want to connect employees from far-off locations
in a secure way to opt for this technology. SSL VPN offers advantages
over IPSec because it is found everywhere, is inter-operable, and offers ease
of configuration and network layer transparency. SSL VPN can be used to provide
access from any Web browser that supports SSL; all the leading brands do. SSL
VPN fits into existing systems in a transparent manner, and is relatively easier
Cisco Systems is the leader in the Indian market for IPSec VPN. Its clientele
includes the likes of State Bank of India, Vijaya Bank and HCL Technologies.
In the SSL VPN space, Juniper Networks, Aventail and NetScaler are market leaders.
Aventail recently bagged two customers for SSL VPN: Marico Industries and iGATE
Remarks Rakesh Singh, General Manager-Asia Operations, NetScaler, The
market will mature in 2005. Large organisations with mobile workforces
needing remote connectivitybanks, ISPs, e-businesses, BPOs and e-traderswill
deploy SSL VPN.
Java Girdhar, Country Manager, India & SAARC, Juniper Networks, says, Indian
mobile operators are rolling out new platforms to deploy mobile data applications.
Cellular operators are also gearing up for metro Ethernet roll-out. This presents
an immense opportunity for SSL VPNs to enable facilities such as on-line trading,
working at home and mobile connectivityas long as the connection can be