Page 6 of 9
Web security may not be flashy, but it's still managing to make steady contributions to VARs' bottom lines. Web security products, including Web application security, denial of service prevention, and content filtering are well entrenched. Nearly 46 percent of solution providers responding to the State of Technology: Security survey said they sell them, putting Web security in the list of the top five security technologies currently offered by the channel. However, only 11.3 percent of VARs said they plan to add Web security to their product mix in the next 18 months, and only 14 percent expect it to be their most profitable offering over the next year.
According to the survey, solution providers that currently sell or plan to add Web security products to their portfolios in the next 18 months expect to see the strongest demand from small and midsize businesses with between 100 and 499 employees. However, VARs don't see much interest in Web security products in companies with more than 5,000 employees, or from state, local and federal governments.
But while the buzz around Web security isn't as strong as it is around other technologies, the category does account for a lot of replacement business, said Greg Hanchin, a principal at security solution provider DirSec, Centennial, Colo. Demand for content filtering continues to be particularly healthy, and these products currently account for around 20 percent of DirSec's business, Hanchin said. "We still find there are a lot of 500- to 1,000-seat organizations that don't have content filtering, so this is still a good business to be in," he said.
Some VARs said most applications still have large security holes, so the Web security space will continue to be a viable one for the channel.
There's a big push going on right now for application testing, said Andrew Plato, president at Anitian Enterprise Security, a security specialist in Beaverton, Ore.
While content filtering is becoming commoditized, it's still an important technology that needs to be part of every company's security plans, solution providers said. "You cannot have a decent security strategy without some type of Web content filtering," Plato said.