Q&A: Vendors Of Network Security

1. What new markets do you see opening up to network security?

Oculan Corp., Luke Rindfuss: Current market research shows a major driver of security-related purchasing decisions is new regulatory requirements imposed by the government. Two good examples are the Financial Services Modernization Act, otherwise known as the Gramm-Leach-Bliley Act (GLBA), and the federal HIPAA (Health Insurance Portability and Accountability Act of 1996) regulations imposed on the healthcare industry. Both regulations impose stringent requirements on protecting the confidentiality and security of customer/patient information. As a result, financial institutions and healthcare-related companies are seeking a broad range of security solutions with a sense of urgency. Companies that are not in compliance will face severe regulatory fines and expensive litigation.

WatchGuard Technologies, Inc., Gary Franza: As businesses decrease the amount of travel of employees, there will be an increase in dependence on intranets and extranets, as well as a growing interest in leveraging wireless local area networks (WLANs). This will drive the need for increased bandwidth and performance in network security. Further, network security will be partnered with host-based security for a complete security solution. Additional markets will open up as wireless access points are secured, enabling companies to reap the full benefits promised to Internet-distributed enterprises.

NeoScale Systems, Inc., Scott Gordon: Corporate storage infrastructures are changing dramatically. As enterprises evolve their storage consolidation, accessibility, recovery, and management strategies, so too must policies and solutions be adapted to protect storage resources and distributed information. We view the protection of distributed and stored data as a huge market opportunity. Companies have spent billions on perimeter protection and are now looking for internal protection of their back end facilities. This is especially true for companies exploring the use of storage networks, outsourced storage services, and business/data recovery.

2. What can VARs be doing now to ensure their share in the future network security market?

Oculan Corp., Luke Rindfuss: If a VAR is going to be serious about offering security solutions, they need to take a consultative approach toward bringing a complete methodology to their customers. The days of selling a firewall or intrusion detection system to a customer and calling yourself a security VAR are dwindling. VARs must assess the business needs and current state of the network for a client. Only then can a security game plan be put into place. VARs must also remember that a security solution is more than just a series of technology choices. The policies and future adherence to the original methodologies are as important as any technology choice. This is where a VAR truly adds value.

WatchGuard Technologies, Inc., Gary Franza: VARs must align themselves with security providers focused solely on security, rather than vendors who are simply adding security to their existing networking solutions. Partners specializing in security will be in the best position to provide unique services to protect users, such as ongoing, proactive, and broad security alerts. It is also important for VARs to align with partners providing VAR programs, tools, and online training (rather than stacks of manuals or simply a Web-based Q&A). We have found this level of service and expertise invaluable to our network of channel partners.

NeoScale Systems, Inc., Scott Gordon: As simple as it sounds, VARs need to listen to their customers and become a trusted source of information. VARs need to stay abreast of the market and know the latest, proven solutions. They also need to build competitive barriers with additional competencies and advantages. They need to explore opportunities to invest in new technologies and solutions which leverage their resources, strengths, and current customer base. There is a difference between being responsive and being reactive, and the difference will determine the level of a VAR's success in this market.

3. If you could get one message to the VAR channel, what would it be?

Oculan Corp., Luke Rindfuss: Keep it simple. It doesn't matter what market you serve, everyone prefers simplicity over complexity and quick deployment over long deployment. Keeping solutions simple will only become more attractive to end users as technology becomes more pervasive and critical to everyday business. If you keep the solutions you sell as simple as possible, package them as simply as you can, and deliver them with simple business processes, you will win customers and make many friends.

WatchGuard Technologies, Inc., Gary Franza: Align with a mature security company that is focused solely on security. With constant change in the industry, updates and alerts are crucial. VARs should align with a vendor that has models to fit every customer segment. Vendors should also have aggressive channel promotions, sales tools, and training available to its partners.

NeoScale Systems, Inc., Scott Gordon: Enterprise storage security. Your customers are managing sensitive, trusted, and regulated data, as well as replicating data across networks, sending data off-site, controlling massive volumes of tape media, pooling storage resources, and even considering outsourcing storage or application management. Therefore, they must consider the costly risk and liability of data theft and corruption. Storage data protection is the next component of any layered network security model.

4. What can we expect from network security in the next few years?

Oculan Corp., Luke Rindfuss: A properly managed network is a critical step toward achieving true network secuity. Traditionally when people talk about network security, you hear about firewalls, intrusion detection, and other standard offerings. But security can mean many things. An often-neglected side effect of a successful attack is downtime and the resultant loss of productivity. This component of a security breach has the most hard-dollar costs associated with it. The preeminent objective of any security solution should be reduction of downtime, availability of the network, and availability of applications that ensure the maximization of corporate productivity.

WatchGuard Technologies, Inc., Gary Franza: We believe there will be a convergence of a security solution represented by an integrated firewall - VPN (virtual private network), intrusion detection and prevention, antiviral, content filtering, and possibly secure wireless access in one interoperable system. Customers continue to look for simplicity in their security solutions, and the integrated security appliance will fill that need and aid those who continue to struggle with multiple security systems.

NeoScale Systems, Inc., Scott Gordon: We believe network and storage security will provide management economies. This will improve a customer's return on investment. We also believe innovations will enable companies to better meet new and emerging IT business initiatives. Innovations in data storage protection can enable greater data accessibility, storage consolidation, backup and recovery outsourcing, and vaulting services.