Redefining Security

The offering has enabled San Carlos, Calif.-based Emagined to help customers evaluate threats and balance costs with addressing vulnerabilities, said CEO David Sockol. "In many ways, security [event] management has been the key to our growth over the last few months," he said.

What's happening at Emagined is no fluke. As security becomes more of a core network function, it is being woven into the fabric of everything inside the network: storage, telecommunications and more. Symantec's pending acquisition of storage provider Veritas Software is a perfect example of this—data, in whatever form it moves around a corporate infrastructure, must be secure.

For solution providers this shift presents huge revenue opportunities, not only in security but in other areas as well. Across the country, companies like Emagined are confronting this evolution in security by changing their business models, expanding their areas of specialization, adopting new technology expertise and forging partnerships with new and different vendors.

The scope of these changes is evident in what's planned for next week's RSA Conference in San Francisco. Vendors at the show are expected to peddle a slew of new tools that help solution providers deliver the latest and greatest in every area of security, including authentication, encrypted e-mail and application firewalls. Some vendors are even expected to unveil devices that broaden security inside the LAN, effectively redefining the "perimeter" as we know it.

THE NEXT BIG THING
No single technology demonstrates the evolution of security better than security information management. SIM takes a high-level approach to managing security across an entire network, correlating divergent security functions under one, easy-to-access portal or interface. It was recently tabbed by research firms Gartner and Forrester Research as a "high-growth" area in the security space. It also is the key to a new managed service from WANStrategies, a solution provider in Keene, N.H.

Later this month, WANStrategies plans to launch a service to help customers tackle asset management, gateway protection and secure end-point access, all at once. Dubbed SecureWorkplace, the service combines proprietary programming with technologies from vendors including SonicWall, Sunnyvale, Calif.; AEP Systems, Raleigh, N.C.; and LPI Level Platforms, Ottawa.

In all, WANStrategies President Steven Ryder said he invested less than $100,000 up-front to set up the new service. By charging customers a minimum monthly fee of $199, he expects at least a 200 percent return on his investment by Dec. 31. Then, of course, there's all of the additional work (and revenue) Ryder expects to land once he informs customers of vulnerabilities his service has discovered.

"The value-add with this service is not reactive management but being proactive and going to customers saying, 'Hey, here are some other things we should look at,' " he explained. "With the comprehensive approach of [SecureWorkplace], everyone can better manage their time."

Other solution providers, wary of sinking hundreds of thousands of dollars up-front into building their own secure operation centers, have eschewed managed services and instead opted for point SIM solutions from vendors such as Intellitactics, Reston, Va.; netForensics, Edison, N.J.; and Orchestria, New York.

David Glenn, vice president of business development at Creative Breakthroughs, Shelby Township, Mich., said he plans to use the brand-new Network Security Analyzer product from Acton, Mass.-based eIQnetworks to centralize security information from heterogeneous products into one interface.

At Blue Spruce Technologies, Greenland, N.H., President Steve Pettit said Cupertino, Calif.-based ArcSight offers exceptional products in the SIM space. Still, Pettit was wary to endorse one vendor over another, noting that he prefers to assess customer needs before pushing any particular products. "So many products can work for customers in need," he said. "We prefer to lead with a strategy, create a service model, and see what products fill in the gaps." OTHER WINDFALLS
Solution providers don't necessarily have to wait for the full flowering of SIM to begin working toward the future of security. Many said they are expecting huge revenue opportunities in authentication technologies, which can be woven into larger identity and network management architectures and implementations.

Tom Gobeille, president and CEO of Network Computing Architects, Bellevue, Wash., hailed the RSA Sign-On Manager from Bedford, Mass.-based RSA as a great tool for enterprise-level single sign-on implementations. Robert Hoghaug, CTO of Sig-Tec, Minneapolis, went one step further, saying he was making big bucks selling biometrics authentication solutions from Silex Technology, a Japanese fingerprint scanning vendor with U.S. headquarters in Salt Lake City.

"As security becomes more important, you need to make sure users are who they say they are," Hoghaug said. "Smart cards and passwords are good, but those two in conjunction with a biometric of some sort are even better."

Encrypted e-mail is another area where solution providers expect some traction, especially with health-care and financial services customers who need broad security technologies to comply with the Gramm-Leach-Bliley Act and HIPAA.

In this area, Voltage Security, Palo Alto, Calif., stands to steal some of the spotlight with the much-ballyhooed launch of a channel program. Don Kirk, president of Secure Netcomm, a solution provider in Marietta, Ga., has worked with Voltage for the past few months and said he has been making money "hand over fist" reselling the identity-based encryption technology to health-care customers.

As an enterprise's network perimeter is spread out over remote locations and literally thousands of end points, another way to ensure compliance is to secure those end points, making SSL VPN technologies good moneymakers. Dean Hawley, director of business development at 1Source Technologies, South San Francisco, uses the EX-1500 and EX-750 from Aventail, Seattle. Brian Haboush, vice president of sales at Intelligent Connections, Royal Oak, Mich., prefers the VPN-1 solution from Check Point Software Technologies, Redwood City, Calif.

"The perimeter of a network has expanded out beyond the four walls of a company," said Haboush. "The need now for an overall comprehensive remote-access strategy is greater than ever."

DOWN THE ROAD
Solution providers also are making money on security solutions they can sell now, including antivirus, antispam, antispyware, intrusion prevention and firewalls.

Bernie Mikula, CEO of Go2Communications, Woburn, Mass., has pinned his hopes on catchall perimeter unified threat management tools such as the FortiGate line of appliances from Fortinet, Sunnyvale, Calif. Eileen Stroup, president of Titus Networking, Butler, Pa., focuses almost exclusively on stopping enterprise malware, selling the new eTrust PestPatrol enterprise antispyware products from Computer Associates International, Islandia, N.Y.

Then, of course, there's the application firewall, designed to protect individual Web applications as if each were a separate network. Solution providers have found success with selling products from vendors Imperva, Foster City, Calif.; Teros, Santa Clara, Calif.; and eEye Digital Security, Aliso Viejo, Calif. The most popular tools, however, are the TrafficShield from F5 Networks, Seattle, and the NetContinuum Application Security Gateway from NetContinuum, Santa Clara.

Brian Phillips, director of technical operations at NST, a solution provider in Naperville, Ill., said application firewalls are the perfect mix of old and new, blending traditional firewall technologies but applying them to the challenges as security bleeds into other areas of networking.

"People don't realize what they are asking for until we finish their wish list and show them products in this space," he said. "Security responsibilities are increasing in every area, and this is a great way to protect parts of a network."