There's no question enterprises want messaging security -- the market for products and services worldwide reached almost $3.2 billion last year, up from $2.7 billion in 2010, and will grow to $4.78 billion in 2015, according to research firm IDC. But a fundamental shift is occurring that foresees businesses favoring virtual-security appliances over more traditional messaging security software.
Just over a year ago, messaging security software for anti-spam, antivirus filtering and content monitoring of email, instant messaging and social-messaging platforms made up about 42% of the entire market, says IDC. But this share for software, traditionally run on a server or dedicated appliance, is expected to plummet to about 27% by 2015.
MORE PREDICTIONS: IDC on 2012: prep for cloud wars, mobile expansion, higher IT spending
"It's going to shift to virtual appliances," says Phil Hochmuth, IDC program manager in the area of security products, adding that "there will either be agents which run on top of, or at the same level as, the hypervisor in a virtual system." Most of what's out there today is being sold for VMware, the dominant virtualization platform at present.
Though also software, virtual security appliances are bringing a fundamental change as a more '"built-in" approach to messaging security as third-party products become more optimized for virtualization, says Hochmuth. He adds McAfee, Symantec and Trend Micro, among others, are showing the capability to do this well. IDC predicts that virtual appliances for messaging security, which accounted for only $50.3 million and 1.8% share in 2010, will leap to $585.2 million in 2015 to achieve 12.2% market share in the messaging security market.
In contrast, the third major segment IDC tracks, messaging security appliances -- hardware-based products that sold for about $978 million last year -- will be simply holding steady from 2010 to 2015, growing modestly from about a quarter of the market today to roughly 28% in 2015.
The fourth major segment, cloud-based security as a service (SaaS), is picking up speed from about $788 million in 2010 (at 28.9% share of messaging security overall) to reach $1.5 billion and an expected 31.2% share in 2015.
IDC believes the virtual-appliance trend in security is also evident in the areas of intrusion-prevention systems and firewalls, but the shift in terms of market share is most visible in messaging security at present.
"We need security controls to become virtualized," comments Gartner security analyst Neil MacDonald, who points out that according to Gartner analysis, about 50% of enterprise servers are virtualized today primarily using VMware; desktop virtualization is just starting to happen, with Gartner estimating that to be in the 4% to 5% range.
"The really smart security vendors will shift to a software architecture," says MacDonald. But any vendor that depends on selling hardware security will be "reluctantly embracing this model," MacDonald says, even as he acknowledges there is going to be honest debate about performance issues associated with virtual appliances or whether it makes sense to continue to use hardware appliances in some circumstances.
The virtual security appliance will be built on an x86 software infrastructure, he says, and often it's the smaller vendors, such as Stonesoft in virtualized firewalling and IPS and Altor in virtual firewalls (acquired by Juniper), that tackle new terrains the fastest, he notes. Established vendors such as Check Point and HP's TippingPoint are also progressing in that direction, he adds.
Virtual appliances also mean that the virtualization software platform vendors take on a more prominent role since for VMware and Citrix at least, third-party virtual appliances which run on their software platforms are likely to undergo review.
Its "Citrix Ready" program for security and other types of virtual appliances is designed to issue specific interfaces for use by vendors along with test tools to test their products against, says Joe Keller, vice president of community and alliance marketing at Citrix. If the third-party security vendor shows its security virtual appliance can meet the test requirements, it's considered "Citrix Ready."
"This is not to say that products not on the list don't work," says Keller. "But this list gives customers a higher level of confidence they will work."
Having a virtual-appliance product on the list means that the product is built specifically for Citrix and Citrix has a formal relationship with the vendor to help troubleshoot if it's needed, he notes. He says McAfee, Symantec and Trend Micro are all vendors with products on the Citrix Ready list, which has about 120 separate products.
But Citrix also encourages customers to make use of the Citrix online community resources to share experiences about third-party security products they use in virtualized environments that aren't yet on the Citrix Ready list. Opinions offered by their peers carry influence among Citrix customers, Keller says. There are some areas of security where Citrix wants to further build up the Citrix Ready program to include new categories such as data-loss prevention. "RSA is the first in process for DLP," Keller says, noting it typically takes a few weeks to get through the Citrix Ready certification process."
Read more about wide area network in Network World's Wide Area Network section.