Battling new nasties

Appliances running multi-applications including firewall/VPN, virtualised products and intrusion detection or prevention systems were growing in popularity, he said.

Marshall Software's chief software architect, Peter Hodges, said the best defence was a layered approach because no single security solution could be perfect. The more layers a partner provided, the less likely organisations were to be attacked.

"Trojans spread across the Web, not just email, so organisations need solutions that go beyond the traditional URL filter. They need to filter Web content and traffic," he said.

"Look at the nature of data coming off the websites. We will see a range of offerings from vendors doing a much deeper, firewall type of inspection analysis."

Hodges said an emerging opportunity for resellers lay in offering gateway anti-spyware solutions.

"Users need to cover off the mail and Web front. They require more than just mail filtering," he said. "People trying to exploit phishing attacks are getting much more sophisticated so users need to increase their coverage at the gateway."

Gateway solutions that use a reputation-based approach via specialised software would be another likely shift in the market, according to Hodges.

Marshall planned to integrate the reputation-based systems with vendors in the next six months because it was starting to gain enough momentum in the market.

In addition, resellers could educate businesses on the benefits of moving towards intrusion prevention systems (IPS).

Changing landscape

"Resellers are now getting their heads around the IPS area," Owen said. "It allows actions to be taken as a result of better intelligence.

"If action is taken there are huge implications for the business. If there's a threat that turns out to be a false alarm, and the action has stopped the CEO from communicating with board members, there's a fear factor there."

Virtualisation of applications is another top area of pursuit. While traditionally done at firewall level, Owen said it was increasingly cropping up in anti-spam.

Given the changing landscape, SonicWall country manager, Chris Barton, said resellers needed to move into a consultative role to help customers understand how security fits into the IT mix.

"Without a doubt the security market is maturing and many resellers have realised the responsible way to work is not to constantly sell products followed by upgrades to an increasingly jaded customer base," he said.

"Resellers need to take a whole of business approach. This means taking far more interest in a customer's business environment in order to understand key business drivers and pain points. They need to consider how these affect decision making and security purchases."

Acting as managed security service providers (MSSP) was one way to do this, Barton said. This would make the reseller an integral part of a customer's defences and could also be a catalyst to selling other products and services.

"The MSSP model provides lucrative recurring revenue opportunities for resellers through fees that come from software and hardware updates, health checks and monthly reporting on performance," he said.

Meanwhile, Websense's Casmissar said resellers should offer computer risk assessment services.

"Help companies monitor traffic for two weeks to see the threat level and analyse four key areas - security, productivity, network bandwidth loss and legal liability," he said

Resellers needed to help organisations protect the fort and build a moat on several fronts including the Internet gateway, the network layer and the desktop, he said.

While there are an ever-growing number of security technologies to help organisations protect IT systems, research suggests many are ill-prepared for lurking threats.

Resellers can help them implementing these technologies while beefing up on standards and training. According to the experts, now is not the time customers to scale back on protective security measures or reduce budgets.