Small and medium-size companies last year spent more money on hardware-based firewall appliances than on software-based systems, helping WatchGuard Technologies Inc. remain in the No. 1 position in the most competitive segment of the firewall market, according to a new analyst report.
The new study by IDC, "Return of the Black Box: Firewall/VPN Security Appliances Unleashed," concludes that for the first time, firewall appliance revenue last year surpassed software-based firewall revenue, coming in at $942.8 million. Framingham, Mass.-based IDC is a subsidiary of International Data Group, which publishes Computerworld.
In addition, Seattle-based WatchGuard won the top slot in the $US1,000-to-$5,000 firewall appliance market -- the "sweet spot" in the market, according to IDC -- for the second year in a row. The company captured a 23% market share and earned $60.7 million in worldwide revenue.
While software-based firewalls characterized the market in the mid-1990s, the growth of small and medium-size businesses and remote offices has fueled a shift away from large, enterprise software-based firewalls to simple hardware devices, said IDC analyst Charles Kolodgy. "Appliances are easier to use and install, and there is a lot of choice out there in the market," said Kolodgy, who co-authored the report.
Although large enterprises used to drive the market for software-based systems because they had the resources to manage those systems, smaller businesses prefer "a box that is preconfigured," said Kolodgy.
"People don't generally have the personnel with all of the hardware and software skills that are needed, [and] they are looking to cut costs wherever they can," said Todd Hooper, WatchGuard vice president of business development.
Thys Coetzee, director of information systems at Zinpro Corp., an animal health products manufacturer in Eden Prairie, Minn., said his company uses WatchGuard appliances for firewall and virtual private network (VPN) authentication services. "By taking advantage of existing infrastructure, we can expand our [wide-area network] at very realistic costs," he said. "The improved WatchGuard systems dramatically increase encryption throughputs [and] scale from the [small office/home office] location to the enterprise headquarters, providing security and communications at affordable levels."
But not everybody sees the growth of the firewall appliance industry, which IDC predicts will grow to $4 billion by 2005, as a good sign.
"An entire technology industry is being built around the incorrect notion that network security can be achieved by the purchase of more hardware and software, including the appliances cited by IDC," said Tim Bass, a longtime security consultant for the U.S. Air Force and now CEO of The Silk Road Group Ltd., a network security consulting firm in Centreville, Va. "The vast majority of good security measures can be achieved without hardware or software purchases. No amount of hardware or software can compensate for substandard practices."