Wait and Watch
But for security appliances to be a ubiquitous part of an organization's infrastructure, CIOs need to participate in the process. Are they? "A big question for CIOs is: Who buys and maintains security operations or virtual systems operations? If the main driver for moving to virtual firewalls is business agility, then it would make sense for virtual systems teams to own such technologies," says Gartner's Ahlm.
"However, for some security teams, this creates a separation of duties. CIOs will need to find the balance between security and business operations," he adds. When it comes to verticals, education and manufacturing are expected to maintain a low profile. But most other verticals can be expected to add virtual UTM to their architecture in the next couple of years.
"We have seen server virtualization across enterprises, but the client-to-Internet-mode is rare in the VM environment," says Ramsunder Papineni, Regional Director-India & SAARC, FireEye. FireEye specializes in protecting customers when communicating through e-mail or the Internet. "Virtualization has not come into this space. So, bulk of our sales today is made by selling physical appliances," he says.
Another important segment in India is SMBs. They contribute nearly one-third to the UTM market's revenues, according to strategy consulting firm AMI-Partners.
So, will SMBs prefer physical security appliances or would they hop on to the virtual appliance bandwagon? Puri believes it'll be the former. "SMBs and the lower mid-market still focus on physical security appliances as they are yet to traverse the virtualization path," he says.
AMI's study also revealed that Indian SMBs are attracted to the multi-functional all-in-one-box type of security applications which include end-point security, secure Web, and mail gateway.
"SMBs are sticking to physical UTM, but as they utilize the benefits of cloud and virtualization better, they will move to virtual UTM," says Sharma. But, Dhawan believes there will be two kinds of SMB customers. "One is the typical appliance-based and the other will be a software-based subscription model. We firmly believe in the second model," he says, adding that all three models—appliances, software-based, and VM-based models—will exist for different segments.
Cisco understands the importance of the SMB market. It is already providing comprehensive partner training programs which cater to high-end virtual security for the SMB sector. Companies slowly have to choose between the old and the new, which could mean the gradual demise of the physical appliance. But, much like in the case of the hybrid cloud, the physical and virtual world of security will have to co-exist.
When the virtual mode takes shape, we will definitely be leading the charge as we keep pace with changing technology and customer requirements at all times, says Papineni at FireEye.
Sign up for CIO Asia eNewsletters.