Security analysis: Phenomenon, technology, market

CIO channel weekly Hot "dot" article

How does the CIO resolve interpersonal conflicts in IT teams? Hold and give up: how the CIO decides

How to reshape the Government CIO function? Challenges faced by CIOs in the 2009 and their coping strategies

Three lessons I have experienced in the strategic transition story away from CEO "intuitive decision" CIO how to seize the opportunity?

70 years ago, the investment industry, "trend technology analysis" to the global 10 million people benefited from the Bible, people learn the technology of trend analysis and grasp the economic lifeline of skills. Coincidentally, when the financial tsunami intensified, the industry's grasp of the future trend is divided. Here, the reporter is not intended to speculate about the future, just hope that by virtue of years of experience, combined with the latest changes in the security industry, to provide readers with a "Security trend analysis method" to facilitate the broad masses of users to judge the current situation, grasp the investment and return of enterprises.

It is really difficult to start a trend analysis of the entire security technology, not a flaw in the technology itself, but a limited sample of the analysis. Reporter this time in the sample selection will be super large security enterprises, medium-sized security enterprises, as well as high-speed development of security enterprises screening, according to the technical trend and application of the classification. As a result, the reporter concludes that the analysis of security trends can be condensed into three propositions: sensitive phenomena, technological change, market tolerance.

Proposition One: Sensitive phenomena

The proliferation of mergers and acquisitions in the area of security is likely to lead to a reversal of some form of market. Internet security vendors have been buying a lot of these years. Users simply search the search engine, you can see Cpsecure, MessageLabs, securecomputing, IronPort, SurfControl, Postini and many other security vendors were acquired news.

From an investor's point of view, many companies dedicated to providing cybersecurity solutions have been operating from the outset for acquisitions. Such companies tend to see a new area, with 0 of profits and even negative profits of low-cost weapons quickly occupy the market, and then by virtue of market share grabs, seek the acquisition of large enterprises, so as to earn "lever difference."

Aside from the capital operation, users need to

The phenomenon of such acquisitions has a new look: see what these operations mean. As one of the samples tracked by reporters, Websense has long been seen as a representative of medium-sized security companies, and SurfControl was once included. Prior to Websense China General manager Wang Yueye in an exclusive interview with this newspaper, said that the security industry frequent mergers and acquisitions confirmed two ideas: on the one hand, many manufacturers very much need to integrate, mergers and acquisitions of other manufacturers to supplement existing product lines and technology, to provide the most complete solution. From the current so frequent integration of mergers and acquisitions, integrated, integrated security solutions for users of greater significance. These vendors enrich their own product lines and technology, so as to achieve the combination of interaction; On the other hand, web security has been paid more and more attention, especially with the application of Web2.0 dynamic communication technology, which brings more hidden trouble for enterprise's information security, and users for Web 2.0 The need for safety protection is also increasing.

At present, too frequent acquisition behavior may cause users to doubt the security market itself maturity. But at present, whether at home or abroad, the overall security market is still relatively mature, the security companies have done a lot of things to deal with the previous security attacks. But at the same time, new security attacks and threats are becoming more frequent, and new vendors are dealing with new

Attacks may be better, and older firms need to devote more effort to dealing with these things. So the old manufacturers will acquire, merge and introduce some technology.

In the reporter's opinion, any market environment will exist fish situation, so the acquisition of this situation is very normal. For users, if you can get more technical integration, in security to achieve enhanced function, to achieve better protection effect, is undoubtedly beneficial. In fact, according to the reporter's investigation, in the face of the gradual expansion of the security industry, more and more security companies want to achieve the Union Longitudinal Alliance. Whether it's the multinationals like Symantec, trend Technology, Websense, or

Days Rong Xin, hillstone these domestic first-class security companies, the basic recognition of the attitude of the alliance.

"In fact, it is very necessary to establish a coalition." Because the technology of the manufacturer is all the lead, and the security solution is unable to rely on a manufacturer to solve all the problems, so we advocate with other manufacturers to promote cooperation, and has been doing so. So it is basically understood that there is a natural association between security firms. Wang Yueye said.

Only in the opinion of reporters, if a large enterprise users in the face of frequent security acquisitions, the most tricky way is to choose a relatively leading enterprises, or choose to work with their own assets similar to the size of the enterprise cooperation, to avoid encountering unnecessary trouble.

Proposition Two: technological change

With the Web security technology, cloud security technology as the representative of the change tide swept the security industry. Interestingly, both technologies are still evolving.

Web Security

In the era of Web2.0, the interactive nature of the web system has been strengthened, and there has been a method of "instantaneous" attacks like SQL injection and XSS, in which case, the "Firewall + Intrusion Detection linkage" solution is not working, The web-tamper-proof system is also unable to function due to the fact that the database is constantly being updated. Web business Security defense requires an Internet Security application-level solution that can cut off attacks in real time.

With the Internet becoming a part of the daily operation of enterprises, network security has become the basic production tools. However, the company's huge daily business volume makes the load of the enterprise network increasing, a wide range of worms, viruses, trojans and other malicious code, as well as spam is constantly eroding the enterprise network resources, affecting the normal operation of the network.

Therefore, how to ensure the security and robustness of the internal network, eliminate the web-level virus, Trojan, spyware, malicious attacks, spam and other security threats has become the focus of the current.

Rigid security gateways have been difficult to meet the needs of users, enthusiastic innovation people want to anti-virus technology, DLP (data Disclosure Protection) technology to join, and traditional UTM, the new generation of web security gateway with more powerful performance, and more understanding of "business", More handy for application layer control and data protection.

Earlier Symantec China President Wu Xiyuan and Hillstoneceo Tongjian in an interview with reporters expressed a unanimous view. As representatives of fast-growing security vendors, they are very optimistic about the integration of web security gateways and anti-virus technologies, and have been balancing the resulting performance overhead in the development of their multi-core products.

In addition, Anchiva Global research and development Vice President Zheng also said that the integration of anti-virus and web security technology has reached a global consensus. In North America, anti-virus is the focus of the next-generation security gateway technology standards. In fact, this change has led to a change in traditional anti-virus manufacturers: First, Kaspersky successfully bind the virus library to many web security gateways, followed by McAfee's direct annexation of securecomputing, to push new generation of web security technology directly.

To implement the specific technology change, the reporter admires two manufacturers: Websense and McAfee. The two companies were so far away that last year reporters had "secretly" visited the companies ' security experts, who were surprisingly consistent in their views: integrating all of their technical resources and launching comprehensive solutions based on web security technologies. Now with

McAfee's acquisition of Securecomputing, as well as the integration of DLP technology into the EIP (Critical Information Protection) program, is a more aggressive and comprehensive web security solution for Websense.

In this regard, Wang Yueye to reporters that the EIP of this new Web security program will bring more profound changes in the industry, because the new product line will be for the user's business content, data, mail to provide all-round protection. In addition to the traditional web security and mail Security solutions, DLP technology provides data security solutions that better integrate the relationship between Web security and message security, and secure data from a broader perspective.

It is understood that the standard DLP technology mainly focus on 4 aspects, namely, "who", "What Information", "in what manner", "through which channels for transmission or leakage." DLP through these aspects to provide users with a new way of data security. This includes judging the legality of the transmission of the information being transmitted, thus more accurately monitoring the data leakage problem of the enterprise and protecting the information security.

In general, DLP provides complete, content data security leak protection, and not just stay at the file level and other aspects. In fact, according to the IDC survey, revealed that a considerable number of leaks from within the system occurred, such as ERP. And DLP can handle CRM, ERP or a variety of customer information, employee data, such as database system data, can be data

The contents of the library are collected and protected. In other words, the complete DLP technology relies on the data fingerprint rather than the identification technology to achieve.

Journalists believe that the release of this comprehensive web security solution for the existing Web security technology application pattern is a new change, not only based on the black and white list or cloud security technology, security vendors can use this to give more options to the user, Provide them with real-time content classification or real-time web security analysis of this new solution. This will be a new concept and implementation method. For domestic users, the emergence of new programs provides an innovative perspective of thinking, you can selectively enjoy the results of web security solutions.

Cloud Security

This newspaper has previously on the cloud security has been a series of reports, at present, cloud security and traditional gateway equipment, its technology itself more emphasis on the analysis and resource scheduling in the cloud. Former trend technology Greater China Executive President Oscar said in an interview that they had started research on cloud security two years ago, and deployed 34000 cloud servers around the world, working with top-level domain management agencies to add parameters to DNS for global domain security resolution. Undoubtedly, all efforts are made to address the challenges of web security as comprehensively as possible.

Cloud Security

The benefits are clear: when the source of malicious threats, you can implement real-time monitoring of the source, once the source of the virus has a variety, or changes, you can collect this information in time, feedback to the "cloud security" client, blocking the transmission of the virus. The current trend of technology cloud security can support an average of 5.5 billion clicks per day, 250 million samples per day collection analysis.

In fact, more and more security companies are now joining the cloud security camp. Prior to Anchiva, general manager of China Lisong in an exclusive interview with the newspaper, although the current implementation of cloud security still has a second-stage delay, but this does not prevent the development of technology itself. He believes that security solutions based on cloud security will become more and more as processing performance increases and latency shrinks.

In addition, Wang Yueye's view is that cloud security is not a new idea in itself, but that many security vendors have not focused on it as a publicity priority. From previous solutions, many vendors have been providing such security solutions. In fact, many of the "hostedservice" products are always the concept of cloud security. In addition, also includes the matrix, the Honeygrid technology and so on, are the origin homologous mentality. At present, to realize the potential of cloud security, we also need the client real-time analysis and cloud server solutions, rather than a single cloud.

It is reported that at present many domestic and foreign security manufacturers are in the layout of "cloud security" field, which shows that everyone has realized that "cloud security" is the future trend of network security.

Proposition Three: Market tolerance

Good technology, good application, need a good market environment support, need the support of user confidence. In the face of the financial tsunami attack, security came to a critical juncture. In the face of the current financial tsunami, the IT budget of large enterprises has been reduced by an average of 40% per cent, according to a security survey conducted by the network network. In this case, information security is not immune. Although historical data show that the security industry has been less impacted in times of economic depression, "opportunity favors the prepared mind", security firms must rely on "innovation" to get out of the winter.

Previously, security experts said the financial crisis will have a certain impact on the IT budget of the enterprise. But for the enterprise, the risk of it will become more and more, for like S y M ant ec, trend technology, Websense These provide data leakage protection of the vendors, it is not a bad thing. Because layoffs, financial crisis will lead to the loss of key data, security solutions can ensure that the company's patents and related technologies will not be intentionally and unintentionally spread to competitors, from this point of view, this is an opportunity.

In addition, according to Gartner's report, in the financial tsunami situation, corporate consumers more stringent requirements for security products. At present, the high web security technology will be judged by users, the technology outlet will be integrated, multi-functional, reduce the complexity of management changes.

According to the reporter understands, this aspect foreign manufacturer movement is relatively swift, like Symantec, McAfee, Trend Science and technology, Websense have already integrated, multi-function, reduce management complexity as the goal, and resolutely in this direction. According to the introduction, they have provided a completely web-based interface display, and the use of EIP to achieve web security, mail security, data security integration. In addition, the domestic hillstone is also a good example of this aspect. According to Tongjian introduced, they for the equipment function, throughput rate, management interface are put forward rich, easy to use, integration requirements.

Finally, in the context of the global financial tsunami, responsible security companies need to increase their investment in China, and even to focus on China's research and development center, so as to truly localize. In the opinion of the reporter, if the manufacturer wants to be in the market leading position, not only must be able to provide the integrated solution, but also need to continuously discover some new technology, and the service in the market truly implementation.