Securing a hybrid cloud is not the same thing as deploying hybrid security products.
Securing a hybrid cloud describes the process by which IT employs a host of products to manage the security parameters of your hybrid cloud installation. Hybrid cloud security products can be delivered in a box that gets deployed on premise at a customer's site. But increasingly security vendors are offering a hybrid approach to their product portfolios whereby customers can buy a physical box or buy the security capability as a service.
The traditional delivery model still far outweighs the cloud-based one. In fact, Gartner estimates that in 2011, only 13% of all security products sold were purchased via a Security as a Service (SECaaS) model. That said, Gartner adds that preliminary sales data shows that for in 2012 that number was closer to 35%.
IDC says the SECaaS market should hit a value of $3.3 billion this year and continue to rise to more than $5 billion by 2016.
IDC analyst Phil Hochmuth says there is generally not a big difference between the functionality of a product offered as a service and its on-premise counterpart. "It's more of a function of giving customers more latitude in terms of where and how they can deploy these products in different parts of the enterprise," he says.
Vendors are also quick to point out that given the common root functionality of both deliverables, being able to manage both products from a common interface.
Industry analysts, security practitioner and customers interviewed for this package of stories supplied four areas of security (secure web gateways, virtualization security, security information and event management [SIEM], and identity and access governance [IAG]) in which they are looking to deploy security products in their hybrid cloud in the future regardless of whether they run them on premise or in the cloud or a little bit of both. And they have named names in terms of which vendors they are watching most closely in each category.
Secure Web Gateways
These products filter malware from user initiated Web traffic with processes such as URL filtering, malicious code detection and filtering, Web-application controls and data loss prevention. Right now, Gartner contends that 87% of the products in this market were sold in on-premise bundles in 2011, with the remaining sold as a service. The consultancy estimates the SaaS segment rose to 35% last year.
Company name: Cisco
Product Names: IronPort S-Series appliances and ScanSafe service
Why we are watching: Cisco bought IronPort in 2007 and ScanSafe in 2009 and has been steadily building links between the appliance and the service across its networking and security gear so that both are easier to implement in Cisco-focuses enterprises.
Sign up for CIO Asia eNewsletters.