New alliances, feature consolidation and M&A activity are becoming increasingly commonplace in the go-to-market strategies of network security vendors targeting the telco sector, and particularly the mobile operator segment.

I'm not talking so much about conventional OEM hardware partnerships between relatively small security vendors and the relatively large telecom vendors that have established channels into the telcos. These have been in place for a long time – think Ericsson reselling Juniper's SRX; Alcatel-Lucent reselling Fortinet's Fortigate; or NSN reselling Check Point's 61,000.

These traditional channel partnerships will continue to be central to how security vendors sell into the operators, but the market is changing. There is new demand from fixed and mobile operators for increasingly sophisticated security solutions that can be a match for the increasingly daunting efforts of the ever more sophisticated, well organized and increasingly criminally minded attackers out there.

Many operators are unhappy with the increasing assortment of single-purpose security products that is accumulating in the network. They are demanding solutions that work better together, provide a unified view of what's going on in the network and enable them to better tune their security strategies and processes toward the greatest risks in a fast moving threat landscape. Operators and security vendors are also increasingly aware that among the major telecom vendors, some are definitely better than others when it comes to delivering increasingly sophisticated IP-based security solutions.

The first of the emerging models is for security vendors to collaborate more with one another. Certainly, security vendors have always collaborated. For example, among peer vendors with which Adaptive Mobile has established go-to-market partnerships are Allot Communications, Kaspersky, Mailshell, Rainstar, Sandvine, Symantec and Tekelec.

But there is also momentum behind new security software licensing models. Crossbeam and Check Point are pioneers here. Checkpoint, McAfee and Sourcefire all sell their firewall and intrusion protection software as an application onto Crossbeam's X-series security gateway hardware. In doing so, Check Point licenses its increasingly rich variety of firewall, IPS, anti-bot and antivirus software to run on the Crossbeam platform as well as on its own 61,000 hardware platform. Clavister also buys in McAfee's Intrusion Protection software while licensing some of its 3GPP-compliant security gateway technology to Radisys, underpinning the latter's SEG-100 platform.

Nominum is another security vendor looking for peers further up or down the stack to partner with. The company already sells its DNS and DHCP engines into Fortinet, according to one line of business. Now, however, Nominum is looking to leverage its large installed base in the operators to port third-party security applications such as parental control onto its software platform. The positioning here is that since the DNS is necessarily always present in the operator's network anyway, then why not expand security capabilities onto that platform rather than introduce yet another security device into the network?

Another approach is to license security software directly to the big telecom vendors for integration into their own platforms. Earlier this year, Arbor Networks announced an agreement to license its anti-DDoS protection software to Alcatel-Lucent for use on its 7750 router. Arbor can be expected to pursue other software sales with other security specialists, as well as others among the big telecom vendors. Barring a major new acquisition in the security space, I also expect Alcatel-Lucent to license additional software from other security vendors. I also expect Ericsson to pursue a similar strategy over time with its new SSR platform – creating a potentially substantial new channel to market for third-party security software sales.

Another approach – again time-honored but increasingly evident in the network security space – is to enhance the portfolio by a combination of acquisition and internal development. Earlier this year, for example, F5 Networks, a supplier of application delivery solutions, announced that its leading Big-IP range of products has been enhanced and ICSA-certified as a high-capacity firewall product. The company then followed that up with the acquisition of mobile signaling specialist Traffix Systems, a leader in Diameter signaling and Diameter Routing Agents (DRAs).

Finally, Symantec is leveraging a time-honored model – reselling Adaptive Mobile's solutions with some additional smarts of its own – but selling it to managed service providers such as Tekmark Global Solutions, which is then selling on its mobile subscriber protection services to mobile operators in the U.S. Further leveraging the cloud services model, Symantec is also selling its 3GPP-tailored PKI solution as a managed service for mobile operators using IPsec for authentication, as well as encryption of LTE traffic.

As I point out in my new report, "Next-Generation Mobile Security Gateways for 3G & 4G Networks," operator demand is evolving. Operators need to selectively consolidate their security products and reduce the complexity – indeed the potential security risk – created by having so many different platforms in the network. But at the same time, most telecom vendor switches and routers are designed to support a subset of security functions, rather than serve primarily as security products. Moreover, a lot of telecom vendors also lack the in-house skill sets to be fully competitive across the board in security software development. That's why we're seeing so much partnership activity in the network security space at the moment – and why we're going to see a lot more going forward.

— Patrick Donegan, Senior Analyst, Wireless, Heavy Reading