Recently, many traditional firewall vendors have been adding more capabilities, such as antivirus and antispam, to their security offerings.
This all-in-one approach has both proponents and opponents. Proponents say more all-inclusive security devices can simplify the all-too-complex life of an IT manager. On the negative side, opponents note that if a business purchases an all-in-one solution, it cannot ensure it is buying best-of-breed technology in every area.
This debate is taking place in a fast-growing market. By 2005, sales of firewall hardware and software will reach US$2.5 billion, according to Meta Group. Infonetics Research is even more bullish. Early this year, the research firm predicted worldwide firewall revenue will reach $3.8 billion by 2005, up from $1.7 billion in 2001.
In December 2003, Fortinet unveiled the FortiGate 800 Antivirus Firewall, the latest addition to its Antivirus Firewall product line, which debuted in May 2002. In addition to features that were present in earlier versions — including ICSA-certified antivirus, worm and Trojan protection; ICSA-certified IPsec VPN; ICSA-certified intrusion detection; Web content filtering; and traffic shaping — Fortinet added intrusion prevention and antispam capabilities.
“We’re having huge success with that [line],” said Rick Kagan, vice president of marketing at the Sunnyvale, California-based firewall vendor, in an interview with the E-Commerce Times. He noted that Fortinet has sold more than 20,000 Antivirus Firewall units.
“What vendor in the firewall market isn’t now trying to include multiple capabilities into their hardware?” he said. “In networking, performance is king. You cannot separate networking from security or security from networking.”
More and More
Fortinet recently took the wraps off of even more built-in capabilities, Kaganadded. “[We announced] over 50 new enhancements, including Dynamic Threat Protection, so we can dynamically update our intrusion prevention system as well as our antivirus system, which has always been dynamically updated in real-time to provide protection against each new attack.”
Looking ahead, in 2004 the company expects to add higher-end systems targeted toward the carrier market. “We’re also enhancing our centralized management platform — FortiManager System — adding additional logging and reporting functions, and a host of additional capabilities,” Kagan said.
Financial and staff constraints will further boost sales of more all-encompassing firewalls. “Few organizations have the capital budget to purchase multiple independent systems, and even fewer have the personnel needed to maintain a collection of different systems,” he said. “Integrated, multifunction security systems will become dominant because they’re much more cost effective, easier to deploy and manage, and have the ability to use multiple functions in concert to thwart attacks.”
Partnering for Success
Not all firewall vendors are choosing to act alone when adding more functions to their products. Both NetScreen and Cisco have partnered with Trend Micro, a longtime developer of network antivirus and Internet content security software, to add Trend Micro’s capabilities to their products.
In November, the Cupertino, California-based antivirus company unveiled the Trend Micro GateLock 3000 and GateLock 5000 Remote Appliances. Those devices incorporate Trend Micro’s antivirus technology into NetScreen’s firewall and virtual private network (VPN) solutions. Trend Micro also has inked separate agreements with Cisco and Postini, John Maddison, product group manager for Internet gateway products at the company, told the E-Commerce Times.
Trend Micro is limiting which vendors it works with, allying only with the best of breed, he noted. “There are so many partnerships out there,” Maddison said. “If you have too many, you end up just getting into competition with them.”
Although its pact with NetScreen is only a few weeks old, Trend Micro thinks the deal will bring in new customers. The company expects uber firewalls to succeed primarily in the remote office and SMB spaces — areas that it traditionally has not focused on, according to Maddison.
“If it’s an enterprise customer, they definitely won’t buy a package that’s best-of-breed in all areas,” Maddison said. “They still prefer [security] to be software for flexibility. A remote office doesn’t have IT people. They just stick this box behind the router, and it does everything.”
Note of Caution
However, not everyone thinks the move toward super-firewalls is inevitable. Although such devices were growing in popularity earlier this year, that trend may be reversing, according to Stephen Northcutt, director of training and certification at the SANS Institute. The reason? Worms such as SoBig and Blaster caused firewall appliances to crash.
“They were going like yo-yos,” Northcutt told the E-Commerce Times. “On. Off. On. Off.
“While we were seeing a trend six months ago [toward all-in-one firewalls], you’re starting to go back to separate products,” he added. “In order to get the maximum performance, you need to purchase the components.”
Lillian Vernon, a Rye, New York-based catalog and online retailer, is one company that prefers to buy its firewall from one vendor and its antispam, antivirus and Internet security software separately, said David Hochberg, vice president of public affairs at the company.
“We don’t necessarily think it’s a good idea [for an all-in-one],” he told the E-Commerce Times. “The whole idea of putting all your eggs in one basket is risky.”
Eventually, though, even enterprises could buy into all-in-one devices, Trend Micro’s Maddison said. “I think it’s going to be two or three years before the enterprise adopts these things,” he noted. “[Now] you will see these devices in the 100- to 150-[employee] SMB. I see that area definitely adopting them.”