Who Will Win Field Security Appliance Market?
I’m not going to pick a winner this early, but two factors will determine the winner if history is any guide.
1) The better management system
Check Point dominated the firewall market for a very long time primarily based on the easy of use and power of their firewall management. The difference between managing 20 Cisco PIX or Network Associates Gauntlet firewalls and Check Point was huge throughout the 90’s. It is surprising that Check Point still has this advantage although the gap has narrowed.
The contenders for the field firewall market have learned from this and are paying attention to their management solutions. It would be very interesting to do a bake off of the management systems and see if one is clearly superior.
2) Integration into field device platforms
So how did Cisco become a major player in the firewall market? It certainly wasn’t based on their product. Cisco won deals because they were at companies selling routers, switches, and other infrastructure equipment. They had Cisco devotees in those companies and adding a firewall or two to the stream of orders was not difficult. The same case can be made for the higher end controllers. Do you want a security module with your PLC?
The early score on this is in. Byres Security’s Tofino has MTL. Innominate MGuard has Hirschmann and a couple of others that are not announced but easy to guess if you play detective. Siemens has their own. The field on this is still wide open.
Meeting environmental specifications and other appliance hardening necessary field deployment may also knock out some vendors, but this is a ticket to entry and not necessarily a competitive advantage.
Update: Ralph brings up a good question in his comment - Is there a field security appliance market to win? We analyzed the business case in an earlier blog entry.
Author: Dale Peterson
Posted: April 4th, 2007 under Field Communication, Firewall / Perimeter, Security Vendor.
Comments: 1
Comments
Comment from Ralph Langner
Time: April 5, 2007, 6:03 am
Some additional thought from the other side of the pond…
1. The field firewall market does not exist at this time. It has to be created. The need is there (as WE know), but customers don’t buy (because THEY don’t know). It will take at least five more years until we see volume sales.
2. A major factor in the buying decision will be the question if the product or the vendor is already well known in the company. We see customers install Cisco products on the plant floor just because they know how to handle the product. We see customers buy Siemens firewalls just because they buy all their automation stuff from Siemens. The decision making will, as always, be also largely depending on who makes the decision. In most big corporations, IT security is owned by the IT department. Therefore, the IT guys will buy what they regard as a good firewall. If operations is making the decision, they will look into other things such as form factor, environmental specs, ease of configuration and integration with field devices.
3. Outsiders do have a chance if they excel in functionality. Examples are integration of field devices and easy configuration (Tofino is good looking here) or remote access capability (=PPPoE support; innominate does it well). Outsiders will have problems though if the giants do their homework. On the other hand, probably they just won’t do their homework because SCADA security isn’t attractive enough for them and, in the case of suppliers such as Siemens, they just don’t want to tell folks that their existing products really aren’t all that secure and should probably be protected by some other 1000$ product.
Write a comment