By Amit Singh
Software-defined security is becoming an IT buzzword, but does it live up to the hype? We take a look at the benefits and pitfalls of the technology in the enterprise.
As the scale and sophistication of cybercrime continues to increase, enterprise businesses are redefining their defence strategies. Stakeholders are recognizing that next-generation security must be built around automated and actionable intelligence that can be shared to quickly recognize and mitigate threats.
Software-defined security (SDSec) is emerging as a tenable solution for ever evolving threats and effective management of security infrastructure. As per industry estimates, the worldwide software-defined security market is expected to grow from $1.59 billion in 2016 to $6.76 billion by 2021, at an estimated compounded annual growth rate (CAGR) of 33.6 percent.
“While Indian market for SDSec is at its nascent stage with large BFSI and IT/ITes customers as early adopters, the growing demand for increased server security by enterprises is the key trend for this market,” states Anmol Singh, Principal Research Analyst, Gartner.
“With the growing usage of IT enabled services for modern technologies such as cloud, virtualization, and mobility, usage of security solutions has also increased to protect virtualized and cloud infrastructure based services. In India, SDSec will gain maturity in the next 2-3 years with wide adoption from enterprises,” highlights Singh.
Driven by sophistication
Major drivers of the SDSec market are compliance as well as need for policy-driven, scalable, and programmable security architecture; faster response against threats/risks and requirement for increased security; security staffing and budgeting constraints along with increasing surge in cloud services. These factors are expected to shape the future of the SDSec market.
“In the last 2-3 years, there has been a parallel trend toward Internet of Things (IoT) and software-defined networking (SDN). While implementation of SDN improves application performance across the network, it also necessitates security to integrate and communicate with the network controller, hence implementation of SDSec to fully secure the dynamic network,” underlines Kapil Awasthi, Director, Sales, Check Point.
Evolving SDSec space
While two years ago SDSec was merely a concept for many CIOs, it is now moving towards the discussion table. Although many solution providers are still testing the waters, few have already found success in this space.
“With the new-age data centers and businesses getting dynamic, traditional security solutions are unable to meet the demands of the discerning customers. We have seen a growing awareness among the customers toward newer threats and almost 60 percent of our enterprise customers are now discussing the technology,” says Ronny Ferrao, COO, Essen Vision.
The Mumbai-based security solutions provider has built a strong practice around software-defined security over the last two years. “We are seeing wide interest from our customers in the BFSI, manufacturing and pharma segments. We have executed over 15 projects with values ranging from $50,000 to $100,000 in the last 18 months,” discloses Ferrao.
Another Mumbai-based solutions provider, Locuz Enterprise Solutions, has developed a threat analytics solution on Cisco cloud security platform and big data analytics from Splunk. “Our real-time and proactive solution offers seamless policy-based management of the security infrastructure. It has found acceptance among defence sector and few of our large enterprise customers. Over the last 12 months we have executed over 10 such projects with average value of Rs 1 crore,” details Uttam Majumdar, President, Locuz.
The Delhi-based ACPL Systems, a Palo Alto and Arista partner, has found success with its customers in IT/ITes segment. The company has already implemented an SDSec project worth over $1 million for an ITes customer and implementing the second one for another ITes customer.
“These are very large organizations with 30,000 to 35,000 users globally. We have deployed the solution capable of handling over 20Gbps of application traffic. We are also in conversation with many of our customers and have 2-3 deals in advanced stage where the customers are moving toward software defined data center (SDDC). SDSec will be an obvious choice for them,” discloses Rajnish Kumar Niraj, CTO, ACPL.
An edge over traditional architecture
The software-defined security works with the help of virtualized solutions to avoid usage of traditional security methods and to improve security layers. This security approach helps in automating the security management and reducing errors, workloads.
“SDSec lets companies implement network segmentation, intrusion detection, and other security controls through software. It’s becoming the buzzword because traditional security tools, which rely on static network and machine configurations, are not well suited to the dynamic environment of virtual machines (VMs) and virtual networks,” says Rajesh Maurya, Regional Vice President, Fortinet, India & Saarc.
However, benefits from SDSec come from use of abstraction, automation, orchestration, scaling and application programming interfaces (APIs).
Awasthi of Trend Micro states that implementation of SDSec in a Greenfield project brings the network security costs down with the consolidation of security devices. The major savings come from reduced operational expenses as number of persons and man-hours required to manage the security operations goes down drastically.
Agrees Singh of Gartner, “As per our estimates, customers can reap up to 30 percent cost savings on operational expenses. However, the SDSec system will be as good as the defined security policies and orchestration. In fact, continuous optimization and refinement of security policies may further decrease the operational expenses.”
On the other hand, traditional network security relies on stateful devices and on static machine and network identities that are challenging to work with and difficult to change. These limitations become acute in virtualized infrastructure, which is characterized by transience and mobility.
“SDSec, by contrast, introduces simplicity to the world of network security. In this model, protection is based on logical policies not tied to any server or specialized security device. Besides, other features due to which SDSec is being adopted are: it works by integrating with other technologies such as data loss prevention, identity and access management and other software-defined networking technologies,” adds Sharda Tickoo, Technical Head, Trend Micro India.
While SDSec creates a massive opportunity for solution providers, it also carries great amount of complexity in implementation and therefore needs expertise to make sure that deployment is seamless.
“We have observed that while awareness is increasing rapidly but skills gap is a global issue among the solution providers. Skills required to take care of current cyber security threats and SDSec implementation are limited and is one of the biggest challenges,” highlights Riyaz Tambe, Head, Systems Engineering, Palo Alto Networks.
Adds Niraj of ACPL, “Solution providers need to develop skills around automation, orchestration, application development and API integration. Besides identifying and partnering with vendors offering mature tools and technologies, they need to build team with experts on networking and security layers and with policy-driven approach.”
At the same time, many of the solution providers opine that the technologies like SDSec need some time to be mature enough to gain momentum. “Most of the customers view security as a cost center and are of the opinion that SDSec is good to have but not essential for them. While many of our customers have revamped their networking architecture to be SDN-ready, they are unable to fully utilize the capabilities of SDN due to interoperability issues. Unless they get their SDN piece right, they are reluctant to move to SDSec,” elaborates Gunjan Shah, Director, Insight Business Machine.
“To enable wide adoption of software-defined technologies among enterprises and SMBs, vendors need to show high level of commitment to get rid of interoperability issues. SMBs clearly would not like themselves getting into vendor lock-ins,” concludes Singh of Gartner.
As with the cloud, big data and even cyber security in recent times, SDSec is going to be the next big buzzword we will be hearing for a while. As to whether or not it turns into something very positive for the enterprise, we will have to wait and see. However, there is no reason not to be optimistic about the innovations in this area.
|What is SDSec all about?|
|Business benefits of SDSec|
|Vendors gaining strength|
In the software-defined security market there are many vendors including Cisco, Citrix, Dell EMC, Ericsson, Fortinet, Fujitsu, HPE, IBM, Intel, Juniper, Palo Alto, Symantec, Trend Micro, VMware, among others.
Last 6-12 months have seen many of the vendors, specially the networking vendors acquire network security companies to strengthen their security portfolio and to leverage the growing concerns over security threats.