Security Bytes

Mar 4 2009   8:33PM GMT

Cisco’s email services — They hadda’ do it

Neil Roiter Profile: NBRoiter

I’ll throw in my nickel’s worth (two cents just isn’t worth anything) on Cisco’s announcement that its IronPort email security — long available in a series of top-shelf appliances — would be offered as a managed service.

This was a necessary, even defensive move for Cisco, when you look at it from a market perspective. Email security as a service, which has been very popular among SMBs, is getting more traction among enterprises as they look at which tasks they can offload comfortably without violating or changing security policy.

So the hybrid approach may be particularly appealing to enterprises. It’s one of three along with a hosted model in which the appliance is managed in a Cisco data center and a managed service in which Cisco manages boxes on the customer’s premises. The hybrid approach takes the chore of managing incoming filtering off the enterprise’s shoulders, while allowing the customer to keep control over their outbound data for DLP and encryption. It’s relinquishing that outbound piece that often makes enterprise security managers’ blood run cold.

SaaS, on the other hand, does more than take up the administrative chores as well as the care and feeding of more boxes on your network. The pay-as-you-go lets you treat email security as an expense. Laid off 1,000 people? Ratchet down. Good times coming? Ratchet back up. Consider whether your email security vendor can offer that kind of flexibility or comparable value if you are looking to move to some services model.

Cisco isn’t offering any new security capabilities, but to my way of thinking, if I were a vendor (thanks, but no, I prefer poverty) I’d want to tell my customers they can get the same level of security whether they buy appliances or contract for services — and IronPort appliances are considered first-rate.

So, Cisco had to start offering their email security as a service. Symantec acquired a full-blown leading SaaS vendor in MessageLabs, in addition to its own appliance and software options. Symantec already offers a stronger DLP combo than Cisco, through its acquisition of Vontu, but IronPort offers more formidable Web security.

McAfee, another big security competitor, applied some considerable pressure when they bought rival Secure Computing, which in turn, got into the email security business by acquiring CipherTrust. They also offered a hosted service option and a mix and match of hybrid combinations (the major appliance vendors also offer virtual appliances, which Symantec says may already account for as much as 20% of its appliance business).

Proofpoint, one of the increasingly rare major independent pure-play email security vendors, offers both appliances and hosted services.

This is getting down to the nitty-gritty. The email security market is pretty well consolidated, both on products and service-based options. SaaS vendors like Google and Symantec’s MessageLabs are gobbling up SMB contracts. At the high and mid-high ends of the market, in particular, competitors are going to have to offer a mix of very robust options at attractive prices.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: