The growing importance of public clouds, along with the ever-persistent threat on private and public sectors' infrastructures, is expected to result in the U.S. government declaring them a critical national infrastructure.
"The popularity and increased adoption of cloud-based security services, albeit at different degrees, will influence the shape of future security marketplaces," said Ruggero Contu, research director at Gartner. "Deployments of virtualization, and its replacing of traditional physical hardware platforms, are expected to impact the deployment model of future network security capabilities, which are expected to be based increasingly on virtual security appliances."
By 2016, public cloud infrastructure will include and be mandated to critical national infrastructure regulations by the U.S.
In lieu of poor economic and debt conditions globally, governments continue to seek ways to reduce their IT operating expenditures, eliminate duplication across their IT organizations and optimize their compute resources. Several key governments have created initiatives for the adoption of cloud-based services but have yet to experience significant negative impacts due to their cloud services adoption in the form of disruptions or attacks on cloud services providers. As the economy becomes heavily reliant on public cloud infrastructure for everyday computing activities, cloud services disruptions will pose greater risks to the overall economy and eventually become a threat to national security in the form of economic disruption.
"Public cloud services providers will need to comply with critical infrastructure protection mandates for systems outside of the scope of just federal government use under the FedRAMP program (Federal Risk and Authorization Management Program)," said Lawrence Pingree, research director at Gartner. "Security technology providers will need to prepare their technologies in order to address potential mandates for critical infrastructure protection of public cloud environments. Providers that lack the ability to offer compliant security controls to address critical infrastructure protection mandates will likely face sales difficulties in cloud environments and may be filtered from shortlists based on emerging critical infrastructure protection requirements."
By 2015, 10 percent of overall IT security enterprise product capabilities will be delivered in the cloud.
Growth rates for cloud-based security services are set to overtake those of traditional on-premises
security equipment over the next three years with operational cost reduction, flexibility of deployment across multiple IT environments, and fast implementation and product updates among major factors driving demand. A number of factors will inhibit higher adoption of cloud-based security services as not all businesses will be able to benefit from this delivery model in equal measure. Those organizations located in geographies where Internet connectivity is unreliable or that require high levels of product customization will be at a disadvantage in utilizing this form factor.
Growth opportunities are present across different regions and countries, but Gartner expects North America to provide the majority of spending.
"The biggest opportunities currently center on areas such as messaging and Web security as well as remote vulnerability assessment," said Mr. Contu. "However, as maturity evolves a wide variety of security offerings will emerge, such as data loss prevention (DLP), encryption and authentication, to be increasingly available in the cloud. As new startup players establish themselves with innovative offerings, established players will look to acquire them to expand their portfolios with new capabilities and remain competitive."
By 2015, 20 percent of the VPN/firewall market will be deployed in a virtual switch on a hypervisor rather than a physical security appliance.
Physical network security appliances, such as server mobility and simplified architecture, can inhibit key virtual server benefits customers seek. Partnering with hypervisor providers has become critical to offering network security on the virtual switch. Virtual switches allow for new firewall players such as host-based security software companies to enter the network firewall market. Since a virtual switch is one level of abstraction away from the physical data switch ports, providing network security is no longer just for physical network providers. Hypervisor providers are moving firewall offerings from the data center to the network edge. This could be key for new network firewall players leveraging hypervisor technologies to gain firewall market share outside of the data center.
"Growth in the firewall market could come from virtual players," said Eric Ahlm, research director at Gartner. "To date, the virtual firewall market has been limited to data-center-class firewalls, which make up the minority of the total firewall market. A push from the virtual providers to bring their technology to the edge could be a key accelerator to the virtual switch market growth. Enabling the key benefits of virtualized servers, while not compromising security, is becoming a key requirement for network data-center-class firewalls while transportability of network firewall controls outside of a customer's data center to a third-party provider is essential to customers using these providers for more critical systems."