When I left Gartner early 2010 to work on security products, I had a perspective on macro and micro network security trends. Four years later, some trends have been turned on their heads, others are cast differently, and still others remain the same. Here are my network security snapshots, then and now:
- 2010: NGFWs were being considered as secondary tools by bleeding edge customers 2014: NGFWs are trustoworthy edge protection platforms for many mainstream customers
- 2010: Stand-alone network IPS growth showed no signs of slowing 2014: NGFW growth and sandboxing uptake limits discrete IPS opportunity at the perimeter
- 2010: WAF was a PCI checkbox that was hard to deploy and painful to maintain 2014: WAF is still a PCI checkbox for some. Usability has has improved, & it can now be useful
- 2010: Firewall rules management software was infrequently used 2014: Auditor demands & migration to NGFW drive demand. Vendors try adjacent functions
- 2010: Virtualization was going to change the nature of network security & kill the appliance 2014: SDN is going to change the nature of network security & kill the appliance
- 2010: Dominant attitude: “Segment everything!” 2014: Dominant attitude: “Segment logically.”
- 2010: Zero day threats were like UFO sightings: Often imagined, seldom seen 2014: Zero days and advanced threats have made our networks a real-life Area 51
- 2010: “Visionaries” said the perimeter was disappearing; realists said it would stay 2014: “Visionaries” tout borderless netorks; realists know the perimeter remains, but shifts
- 2010: DDoS attacks were uncommon and unsophisticated 2014: Complex DDoS attacks have become the “new normal” for financial services institutions and other targeted verticals.
- 2010: “‘Enterprise UTM’ was about to conquer the netsec universe. Really!” Umm…no. 2014: “‘Enterprise UTM’ is about to conquer the netsec universe. Really!” Umm…no.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.