Quocirca's Straight Talking: Vendor battleground - filtering
Do you have a one-stop shop for security?
Content filtering now goes way beyond spam email, encompassing outbound email, IM, web access and back-up. Quocirca service director Bob Tarzey identifies some of the likely winners...
Ensuring that the content passing through corporate firewalls is safe, clean and useful is now big business. Content filtering had a new injection of life a few years ago, when the volume of unwanted email (spam) targeted at businesses was getting out of control. The IT industry came up with a series of point solutions to address the problem. Many of the vendors grew rapidly, responding to heavy demand.
Today, spam seems less of a problem - not because it is not there anymore but because the solutions provided, to a greater or lesser extent, worked. The spam problem is now largely under control.
Job done, the vendors involved were left with a problem: how to carry on growing their businesses. The uptake had been so rapid there was no longer enough demand from new customers to maintain growth. Some took advantage of their market strength and sold out to larger vendors who wanted to add spam filtering to their portfolio. Brightmail was acquired by Symantec in 2004 and in 2005 Microsoft acquired Frontbridge.
But others decided to broaden their own offerings and continued to compete and grow by offering a broader range of services, still largely based around content filtering. These days you can get lot more from content filtering vendors than just a spam filter. The offerings fall into three broad categories: extended message security, web access security and back-up services.
Extended message security makes sense. Most vendors rapidly extended their services to include outgoing as well incoming email, encroaching on services long offered by another group of vendors such as Clearswift and NetIQ that existed before the spam onslaught. (They responded in kind by adding their own incoming message filters).
But this was all still to do with corporate email. Similar threats existed around instant messaging (IM), webmail, file transfer (FTP) and other ways of posting content outside of the business such as wikis and blogs.
CipherTrust, originally a provider of email filtering appliances, now offers appliances for controlling IM and these other web-based threats. They go further than most but nearly all vendors are at least looking at IM filtering. IM filtering is disappearing as an independent sector, the most high-profile independent vendor, IM Logic, having been recently acquired by Symantec.
Those vendors that are looking to web security to grow their revenues are encroaching on another area that until recently was separate. This includes controlling how and when users access the web and protecting businesses from web-borne threats such as web viruses and spyware.
Web access filtering differs from email filtering in that it has to be very responsive. Mostly you don’t know if the delivery of an email is delayed but you sure do know if the web page download is held up.
Undaunted, some of the spam filtering vendors are branching out in this direction. IronPort, which also started out as a vendor of spam-filtering appliances is in this game, as are BlackSpider and MessageLabs, which both now offer web filtering alongside their hosted email filtering service. This has brought them into conflict or partnership with companies such as BlueCoat, Secure Computing, SurfControl and WebSense who have always specialised in aspects of web filtering.
This activity has more or less killed off another sector that was independent for a short time: spyware filtering. Nearly all vendors who offer a web filtering product or service now address the problem, including broad-based security vendors such as CA and Microsoft, both of which have made spyware filtering acquisitions in the last 18 months.
Content filtering vendors who provide a hosted service are particularly well suited to expanding in the third area: back-up services. Few businesses are unaware of the importance of back-up but for many it is a drudge. However, if you are already working with a third-party that touches every email coming into your organisation why not get them to keep a copy too?
MessageLabs and Postini are both now offering such services, keeping an offsite email archive for those customers who want it. And if they can do email why not other corporate data, backed up and safely stored offsite? Perhaps this is the next level of expansion, the content filtering encroaching on another sector - offsite data back-up.
In short, we can see lots of vendors starting with point solutions and extending their services in different directions.
For the purchasers of such services this may sound complicated but there are some fairly simple ground rules. The day of small vendors with point solutions for content filtering is over. This is now a broad discipline and those that are left either have to expand themselves, be acquired or die. In the past you may have purchased separate solutions in these different areas but the chances are that you can reduce the number of vendors - and reduce upfront and ongoing costs - by looking at which of your suppliers can now offer the best consolidated service.
In addition, the broad security vendors, including Cisco, McAfee, Microsoft, Symantec and Trend Micro are including many of these capabilities in their products, so make sure you are not paying a premium for something that is now provided as an inexpensive add-on to another product already purchased.
All this consolidation in the content security market and this article has not even touched on the largest area of consolidation - content security and content management itself. This was underlined by the merger early in 2005 of security and storage giants Symantec and Veritas, bringing together storage management and security capabilities - something which CA had started doing a year or so before, already having both capabilities in-house.
Expect more such activity as content security becomes part of the very fabric of content storage. The serial acquirer of the storage industry, EMC, has hardly touched the security market - yet.