Frost & Sullivan North America Measurement & Instrumentation
Frost & Sullivan is in the process of publishing a new study (MD2C-30) focused on the network and application security market. The total network security market reached $304.3 million in 2016, with the network security test market growing by 15% from the previous year. Frost & Sullivan foresees a sustained and strong double-digit compound annual growth rate (CAGR) of 14.9% over the forecast period of 2017–2021.
The North American region continues to dominate the network security market. In 2016, 48.2% of the total revenue was generated in North America. The region’s spending on network test solutions has been steady. Asia-Pacific is the fastest growing market, competing closely with the European market in terms of revenue contribution. The Middle East is experiencing growth in terms of new cyber security test solutions. Latin America is still in the nascent stage of its overall growth life cycle and has not recorded significant growth in the base year, 2016.
Market Trends
To keep pace with the growing network traffic, extensive use of encryption and higher performance of security test platforms are needed. Currently, any relevant traffic is encrypted. While about 67% of the global Internet traffic is encrypted, the world is increasingly moving toward a 100% encrypted environment. However, about 70% of the networks deployed do not have any kind of Secure Sockets Layer (SSL) inspection turned on. SSL is expected to constitute a huge part of network traffic in future. Moving forward, enterprises need to understand the impact of SSL inspection on application performance. Currently, the focus is on conducting SSL proxies’ inspections. All network security devices have to be able to inspect SSL traffic.
With the proliferation of the Internet of Things (IoT), mitigating Distributed Denial-of-Service (DDoS) attacks is becoming a key concern. These attacks are on the rise and are becoming more complex, highlighting the need for a more unified platform approach in the course of providing network security for multi cloud-scale validation. Users do not know where and how to protect. Some of the data is in the cloud and the rest on premise. Today, organizations are adopting more than six clouds (public and private) on average. The increasing combination of public, hybrid, and virtual private clouds beyond traditional enterprise private clouds increases the demand opportunity for effective security testing of multi-cloud deployments. While service providers regularly test networks, there is a need for a unified test solution that can balance security and performance for the next-generation cloud-based infrastructure. With more data moving into the cloud and different cloud environments, a common set of visibility tools is required to support security implications in network designs. There is a need to validate traffic and test scenarios between different private clouds, Web servers, and database servers for secure deployments.
Today, next-generation firewalls have extended routes to cover internal segmentation. It is difficult to differentiate between current HTTP traffic and non-HTTP services tunneling over port 80. It is not enough to cover the test analysis of destination, protocol combinations, and port. There is a need to support the increased complexity of network applications with application-level monitoring. Next-generation firewalls should be able to support deep packet test and inspection with a comprehensive coverage for all packets and protocols. Next-generation firewalls should include SSL inspection capacity, integrated IPS, and application control and group control. Many test vendors are pushing into the next-generation firewalls and 40, 100 G capabilities firewalls.
The key capabilities that organizations are looking at to select a comprehensive test solution are:
- Test coverage capabilities to scrutinize all types and a full range of traffic and being able to module realistic traffic
- Comprehensive capacity to support historical known attacks and vulnerabilities to ensure that policies and security devices are updated
- Test capabilities to match the scale of existing attacks
- Repeatability and configurable test scenarios
- Full test platform coverage
- Automation capabilities that reduce the time to test
Last Thoughts
DDoS mitigation testing is an area of coverage for security testing as most attackers reuse simple approaches including DDoS distractions. There are a number of networks that are not widely tested before deployment. Every deployment should trigger validation testing.
Moreover, there is a shortage of capabilities in terms of SSL traffic inspection. There is a need to inspect encrypted traffic including SSL. This is an area attackers have been using to hide malware.