PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
Leading Network Security Providers
Copyright 2020, Faulkner Information Services. All
Publication Date: 2005
Report Type: MARKET
Since enterprise networks are critical assets, selecting the best
enterprise network security solutions is absolutely vital. Those in charge
of enterprise security should be implementing solutions that can
counteract traditional threats like viruses as well as protect information
exposed on cloud and virtualized environments. Today, the leading
network security providers include AT&T, Dell SecureWorks, IBM,
Broadcom, and Verizon Enterprise.
- Executive Summary
- Market Dynamics
- Market Leaders
- Market Trends
- Strategic Planning
- Web Links
- Related Reports
[return to top of this
Information is the lifeblood of the modern enterprise, and, to extend the
metaphor, enterprise networks – voice and data – are the arteries, veins,
and capillaries, each serving as an essential conduit for communicating
data between employees, between employees and customers, between employees
and business partners, and between employees and other enterprise
Related Faulkner Reports
| Secure Network Management
Since networks are considered critical assets worthy of special, even
extraordinary, protection, enterprise officials devote tens to hundreds of
thousands, of dollars to network security. In fact, since virtually all
information systems and appliances are connected to an enterprise network,
the term “network security” is virtually synonymous with the
term “information security.” Also, the term “network management” has come
to mean, in large measure, “network security management.”
As one might suspect, the field of network security is both broad and
At the simplest level, it encompasses a wide array of network security
applications, notably anti-virus, firewall, and content filtering. On a
more complex level, services will often include intrusion prevention and
data loss prevention, as well as newer functions, such as vulnerability
management and network forensics. These security measures can be be
administered by enterprise employees (especially in “teleworking”
environments), or the enterprise Security Department as an overall network
In the case of small-to-medium-sized enterprises (SMEs), which may lack
the personnel to pursue an effective network security program, network
security operations may be outsourced – in whole or in part – to managed
network security providers (MNSPs), or, as they’re more commonly
designated, managed security services providers (MSSPs). In addition to
SMEs, MSSP clients may include small and large enterprises which:
- Do not consider network security a core competency.
- Do not wish to invest in the recruitment, retention, and
near-continual training of network security specialists.
- Are alarmed at the prospect of major security breaches, such as those
famously suffered by Target and Sony.
- Are concerned about complying with a myriad of security and privacy
laws and regulation.
- Wish to stabilize, or render predictable, their network security
expenses which are generally less in a managed services atmosphere.
[return to top of this
In 2019, the global market for outsourcing was $92.5 billion USD .1
In terms of network security spending, enterprise clients will look
to major providers, like Verizon, IBM, et al., to protect IT systems
organized around new computing requirements, such as:
- Cloud Computing, itself a variation on the managed
- Virtualization, in which real servers are
partitioned into tens or even hundreds of virtual servers.
- Social Networking, especially as enterprises exploit
sites such as Facebook and Twitter for their marketing potential.
- Bring Your Own Device (BYOD) / Mobility, satisfying
employee demands to use their personal laptops, smartphones, and tablets
for business purposes.
- Vulnerability Management, as enterprises attempt to
anticipate new, targeted network threats.
- Compliance Monitoring, as enterprises struggle to
demonstrate their conformance with a myriad of security and privacy
regulations and standards.
Whatever lingering reservations that enterprise management might retain
relative to entrusting enterprise security to a managed security services
provider are slowing vanishing as the reality of the “virtual enterprise”
environment becomes more evident. An MSSP is becoming just another link in
an ever-expanding enterprise supply chain.
[return to top of this
The leading network services providers, according to many, if not most,
- From the telecommunications sector – AT&T
and Verizon Enterprise.
- From the computer industry – IBM.
- From the security sector – Dell
SecureWorks and Broadcom.
Each provider offers an extensive and highly-regarded, portfolio of
managed (i.e., network) security services.
AT&T offers an impressive portfolio of security, availability, and
recovery services that provide integrated business continuity and security
solutions for complex network environments. Network security services
- AT&T Secure Network Gateway Service – Combines
AT&T DDoS (Deliberate Denial of Services) Defense Service, AT&T
Network-Based Firewall Service, AT&T Secure E-Mail Gateway Service
and AT&T Web Security Service into one multi-layered security
service for comprehensive protection.
- E-mail Security – Screens inbound e-mail for
malicious attacks, filters outbound e-mail for privacy breaches, and
provides e-mail encryption and archiving for compliance all as a cloud
- Web Security – Scans inbound and outbound traffic and
blocks access to specific websites to help safeguard the network against
spyware, viruses and other threats that can enter via the Internet.
- Firewall Security – Helps keep unwanted traffic out
of the network and vital data in. Helps defend the network against
- AT&T Mobile Security – Integrates device-level
security features with network-based security controls and encrypted
transport for a comprehensive, holistic approach to enterprise mobile
- Security Incident & Event Management – Gathers
and analyzes information from multiple devices and device types across
the enterprise to correlate alerts and prioritize security events based
on threat and risk management methodologies.
- Threat Management – Delivers the expertise, tools and
management needed to help mitigate risks. Clients receive 24×7 data
collection, monitoring and threat analysis conducted by a team of
security experts in the AT&T Security Operations Center (SOC).
- Security Consulting – Follows a holistic, customized
approach to address almost any security challenge. Certified security
consultants can help develop solutions that not only protect your data,
but enable clients to operate as a trusted enterprise.
- AT&T Netbond – A customized link between a
customer’s applications and the cloud, with full support for mobile
Dell SecureWorks offers a wide range of security services designed to
protect network assets and ensure compliance with a host of security and
privacy regulations and standards, including GLBA, PCI, SOX, HIPAA, NERC
CIP, and ISO 27001/17799.
- Managed IPS / IDS – Full lifecycle
management and 24×7 monitoring of network Intrusion Prevention or
- – Full lifecycle management and 24×7 monitoring of Firewall
- Managed Web Application Firewall – Full
24×7 monitoring Web Application Firewalls.
- Managed Host IPS – Expert
management and 24×7 monitoring of host-based IPS deployments.
- Log Monitoring – 24×7 real-time
analysis of logs and alerts from security devices, network
infrastructure, servers and other key assets by certified security
- SIM On-Demand – Automated
aggregation, correlation and analysis of log data from security devices,
network infrastructure, servers, and other key assets.
- Log Retention – Collection,
archival, search and reporting of raw log data from security devices,
network infrastructure, servers and other log sources.
- CTU Intelligence Services Actionable information on
emerging threats and vulnerabilities from the Counter Threat Unit
- Vulnerability Management – Internal and external
vulnerability scanning managed by security experts to identify and
- Web Application Scanning – Scanning of Web
applications to identify and remediate vulnerabilities.
- Web Security Service – URL
filtering, Web content filtering and Web policy enforcement to protect
against inbound and outbound Web-borne threats.
- Security and Risk Consulting –
Expertise, processes and services to help you improve security, comply
with regulations and manage risk.
IBM Managed Security Services delivers the expertise, tools, and
infrastructure to secure clients’ information assets from Internet attacks
24/7/365. Standard services include:
- Security Intelligence Analyst –
- Firewall Management – As with
Dell SecureWorks, this service offers full lifecycle management and 24×7
monitoring of Firewall appliances.
- Unified Threat Management – An
expansion upon the traditional firewall that includes a wider range of
protections, including intrusion prevention, anti-spam, and content
- Event and Log Management – Nearly
Log Monitoring offering, with the same range of supported devices and
- Vulnerability Management – A
service to identify and prevent exposure to security flaws before they
- Mobile Device Security – Security
to secure the mobile device’s on a given enterprise’s network, including
company owned and BYOD units.
- Network Detection – A system for detecting
intrusions and attempted incursions into an enterprise network.
- Security Information and Event Management (SIEM)
– An offering for remediating and managing security events
- Identity and Access Management – Managed
of permission control for various networks and devices.
- Hosted Application Security Management – A
security service specifically designed to protect hosted applications
installations on-premise and in the cloud.
- Distributed Denial of Service (DDoS) Protection
– Protection against DDoS attacks designed to bring down a
company’s Web site, app, or other online asset.
- Application Security – Security for installed
- Email and Web Security – Security for an
enterprise’s corporate email and Web-based communications systems, as
well as their Web site.
- X-Force Hosted Threat Analysis – A team of
specifically tasked personnel given the job of analyzing and preventing
potential threats from harming a customer.
The MSS Security Intelligence Analyst helps:
- Clients who need help understanding and prioritizing vulnerabilities.
- Clients looking for deeper insight regarding security technologies.
- Clients looking to keep up on security trends in order to anticipate
changes and plan accordingly.
- Clients who are under attack and need detailed security advice
- Network or security administrators who desire assistance in
interpreting security data, and/or adjusting security device policies in
response to security events.
Broadcom purchased Symantec’s Cyber Security Services in 2019. The Cyber
Security Managed Security Services minimize the potential business impact
of increasingly sophisticated and targeted attacks by reducing the time it
takes to detect, assess and respond to security incidents. The MSS
- Information Security – An integrated set of data protection and cloud
security solutions to help organizations protect data wherever it
- Identity Security – Can balance digital trust and great user
experiencesâ€”in any environment, on any device and through any
- Symantec Endpoint Security – Keeps sensitive information stored on
devices. Includes support for storage and data center devices and
Endpoint Security Complete (includes mobile endpoints); Threat Hunting
Center; Managed EDR; and Endpoint Management.
Network Security – Web and email security offerings, as well as a shared
set of advanced threat protection technologies. It includes: Secure Web
Gateway; Web Isolation; Email & Email.Cloud; Content Analysis with
Sandboxing; and Security Analytics/SSLV
Verizon’s Managed Security Services – Monitoring and Analytics solutions
- Premium Monitoring and Analytics – Monitors and
manages the security devices that control network traffic with log
monitoring and analysis, incident investigation, and handling by the
- Advanced Threat Intelligence and Monitoring –
Proactively monitors and hunts for signs of targeted and complex attacks
with in-depth, packet-level analysis using automated and human
- Advanced Threat Detection – Offers expert help in
analyzing netflow traffic as it travels the IP network, and then
provides detailed analysis of indicators of compromise or actual
- Netflow Monitoring – Automated collection and
analysis of netflow data from Verizon’s IP backbone network, to discover
early indicators of compromise and suspicious communications.
[return to top of this
While enterprise planners may take a risk on an up and coming
application provider, network security is another matter. This, no doubt,
explains the regular, almost automatic, appearance of security industry
stalwarts, like IBM and Verizon Enterprise, at the top of most network
security provider compilations. Needless to say, this trend should
Where differentiation among the major providers may occur – and where
opportunity lies for future niche vendors – is in the providers’ handling
of new and emerging computing and networking paradigms, particularly:
- The Rapid Adoption of Cloud Computing – With
respect to cloud computing, the successful managed security services
provider will be expected to manage not only the client’s enterprise
network but the various enterprise-cloud network connections.
- The Under-Reported, but Potentially More Disruptive,
Transition to IPv6 – Internet Protocol version 6 is the next
generation of the IP protocol, that has succeed IPv4 and will become the
basis for future enterprise intranets, and the Internet. IPv6 provides
easier administration, an expanded addressing scheme, and, most
importantly, tighter security. Ironically, however, the path to tighter
security may lead to lesser security during a prolonged and complicated
Bring-Your-Own-Device (BYOD) –
A movement in which enterprise users, who are also consumers, pressure
enterprise IT departments to allow the connection of consumer-grade
devices such as smartphones and tablets to enterprise networks. Like
the first PCs, these devices provide little security and expose
enterprise networks to malware infiltration along their endpoint
Targeted Attack Protection
– According to Gartner, “An emerging driver is support for the
protection from and detection of targeted attacks through MSSP
knowledge of the external threat environment, through insight gained
from monitoring events from a broad and global customer base, through
MSSP-based advanced analytics, or through MSSP monitoring of
customer-deployed next-generation protection and detection
Additional challenges for network security providers will be vertical,
as specific sectors expand their network operations. Examples include:
- Utilities – Increasingly, “smart grid” components
will be connected to enterprise networks over the Internet. This is a
major concern since one of the reasons electric grids are relatively
secure today is their lack of connectivity.
- Healthcare – Hospitals and other healthcare providers
want electronic medical records and tools for inventory tracking and
allocation. Ensuring compliance with the Health Insurance Portability
and Accountability Act (HIPAA) is imperative.
The network security provider community will benefit from the cloud
computing phenomenon as cloud computing further legitimizes the notion of
managed services. In fact, what could be a more compatible pairing than
cloud computing and network security provision (which could be positioned,
from a marketing perspective, as “network security in the cloud”)?
Strategic Planning Implications
[return to top of this
Considering the stakes – the integrity and confidentiality of enterprise
information, and the smooth and reliable operation of enterprise
information systems that support critical enterprise business functions –
the selection of a network security provider is a matter of strategic
importance to the enterprise and a key predictor of enterprise success.
The search should be conducted through the enterprise request for
proposal (RFP) process, in which enterprise stakeholders, including IT,
Security, and Finance, are afforded the opportunity to probe the
credentials and qualifications of prospective network security providers.
Table 1 offers a categorized list of key provider questions.3
How many outsourcing contracts do you have
How many of your clients participate in
Are the physical assets associated with
Tier Two Providers
Are any subcontractors involved in service
Do you enlist third-party providers to
How extensive are employee background
As part of the RFP process, are key
What type of training do service personnel
Are service personnel
Are service personnel trained to conduct
Is any and all intellectual property
What measures are employed to ensure that
Is all network traffic encrypted? If not,
Service Level Agreement
Does the standard service level agreement
What is the process for addressing alleged
Are unannounced site visits permitted (as
What types of information are available in
Can trend analysis reports be
Is real-time access to network and system
What is the precise process for managing a
In the event of a disaster affecting the
What is the worst case scenario for the
What is the disaster recovery/business
If the outsourcing agreement expires or is
Try Before You Buy
What types of network security support can
What specific strategies are employed to
Cloud computing –
Social networking –
Mobility – Acceptance of
IPv6 – Transition to and
1 “Global Market Size of Outsourced Services from 2000 to 2019
(in billion U.S. dollars)*” accessed May, 19, 2020, https://www.statista.com/statistics/189788/global-outsourcing-market-size/
2 Kelly M. Kavanagh. “Magic Quadrant for Global MSSPs.”
Gartner, Inc. February 26, 2014.
3 Adapted from “Request for Information (RFI) on Information
Security Outsourcing.” Network Computing and CMP Media, LLC.
[return to top of this
- AT&T: http://www.att.com/
- Broadcom: http://www.broadcom.com/
- Dell SecureWorks: http://www.secureworks.com./
- IBM: http://www.ibm.com/
- Verizon Enterprise: http://www.verizonenterprise.com/
[return to top of this