More

    Software-Defined Security Poised to Disrupt Security Appliance Market

    Branch office networks are proving to be one of the weakest links in many enterprise organizations. In the 2013 Gartner report “Bring Branch Office Network Security Up to the Enterprise Standard,” analyst Jeremy D’Hoinne wrote that “30 percent of advanced targeted threats — up from less than 5 percent today — will specifically target branch offices as an entry point.”

    The attack landscape and threat vectors have evolved since that report was published — branch security architectures for the most part have not. While point security appliances, such as next-generation firewalls (NGFWs), unified threat management (UTM) devices and software overlays in branch routers still rule the day when it comes to protecting branch perimeter security, recent advancements in network function virtualization (NFV) are allowing the exact same security features found in NGFWs and UTMs to be served via software as virtualized network functions (VNFs). In this slideshow, Versa Networks looks at eight reasons why this new world of software-defined security is poised to disrupt proprietary security appliance makers.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 1

    Improving Branch Office Security

    Click through for more on how proprietary appliances create security weak spots in branch offices and how security features served via software as virtualized network functions (VNFs) will help improve the issue, as identified by Versa Networks.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 2

    Lack of Expertise

    It’s difficult to manage multiple proprietary security appliances for different layers of security at locations where no IT/security expertise is available locally. What’s more, a different expert is often required for each vendor in the stack.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 3

    Complexity

    Beyond managing individual security layers, it’s difficult to integrate those layers into a cohesive stack without compromising overall network protection.  

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 4

    Cost

    Smaller organizations and even some mid-market organizations are not able to purchase or lease security appliances for some or all of their branch offices. As security threats targeting the branch become more advanced, and the range of required security functions grows, customer premises equipment (CPE) costs can soar. For example, a unified threat management (UTM) or next-generation app-level firewall appliance is significantly more costly than a basic stateful firewall.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 5

    Cloud Apps/Internet Connectivity

    Companies today have apps running both in the cloud and the corporate data center. Additionally, branch offices often have different connectivity requirements. Some use high speed Internet, others use MPLS and some use both technologies. Each connectivity type requires a different security approach, which adds significant complexity when deploying traditional security appliances to create a standard branch security model.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 6

    Lack of Agility

    Companies taking the traditional security appliance approach can experience long deployment times. It can take weeks, sometimes months to ship the hardware and then schedule consultants or integrators to install, integrate and test equipment. This process occurs at both initial deployment and when capacity upgrades are required.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 7

    Elasticity

    Unlike proprietary security appliances that have a finite amount of capacity, software-defined security capacity can easily and dynamically be scaled up or down without having to waste time with replacing proprietary appliances.

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 8

    Flexible and Distributed Service Architecture

    With the advent of NFV, service providers and large enterprises have the capability and flexibility to decide where to run each security layer – either on-premises in the branch office or centrally in the data center or provider point-of-presence (PoP).

    Software-Defined Security Poised to Disrupt Security Appliance Market - slide 9

    Centralize, Automated Operations

    Software-defined security also provides a way to deliver services from a single point of control, avoiding the challenging requirement for skilled personnel to be available to go onsite whenever needed. Instead, services can be deployed, increased in capacity and enhanced with additional functions, all without requiring any onsite presence, hardware refreshes or manual provisioning.

    Latest Articles