NetScreen CEO Touts Integration
Speaking at the UBS Warburg telecom conference here in New York today, NetScreen president and CEO Robert Thomas said that the company sees a future for integrating more security features onto one box with a single management platform.
"We believe that firewall technology and intrusion prevention will morph together… into a security gateway in the future," he said. "The firewall and intrusion detection markets are very similar… Those two markets are merging."
The company has already started the process. NetScreen announced its line of intrusion detection and prevention appliances late last month, following its August acquisition of OneSecure, the security startup that produced them (see NetScreen To Offer IDP and NetScreen Acquires OneSecure). Now the company says it expects it will integrate the IDS capabilities into existing devices in its firewall family by next June, and it plans to merge the two management platforms by that time as well. Thomas says the company will offer an IDS blade that can be inserted in its high-end boxes.
By 2004, NetScreen will have developed new ASICs that include IDS and will release a brand new security gateway, Thomas said, adding that the new, integrated security gateway will probably include other security features, as well. As for acquiring other security companies that have products of interest: “That’s definitely an option."
“I wouldn’t be surprised if they were working on a hardware-based content inspection engine… for virus scanning,” Infonetics Research Inc. analyst Jeff Wilson says.
UBS Warburg analyst Jordan Klein says that there will be a lot of interest in the integrated security approach, but that the largest enterprises and service providers will probably continue to choose to use dedicated security appliances.
In small and mid-size corporations, however, having one security appliance for many different features is a definite plus, says Scott Lukes, director of marketing at security startup ServGate Technologies Inc. “This whole security thing is bewildering to people who aren’t security experts,” he says. ServGate will be announcing its own push towards integration tomorrow. The company has entered a partnership with McAfee, and will be adding virus scanning to its hardware-based security appliances.
For NetScreen, moving into the IDS market looks to be a smart move. Infonetics published a report today forecasting that this segment of the security market will reach $393 million by year-end. Between the second quarter of 2002 and the second quarter of 2003, Infonetics expects the market to jump 42 percent (see IDS to Hit $393M in 2002).
Growth in the IDS market is being driven by a big technology shift, according to Wilson, who authored the report. While traditional IDS technology only detected anomalies in the network, the new intrusion prevention products actively instruct the firewalls to stop malicious traffic. This wasn’t possible before, since legacy intrusion detection technologies turned up too many false negatives and interfered with good traffic.
The traditional players in this area include Internet Security Systems, Enterasys Networks Inc. (NYSE: ETS), and Cisco Systems Inc. (Nasdaq: CSCO).
— Eugénie Larson, Reporter, Light Reading