Perimeter defense has, today, many facets. In the old days (five years ago?) we thought of perimeter defense as something a firewall did. Or, perhaps a firewall and an intrusion prevention system (IPS). Or some sort of gateway. Then we started converging those pieces into smart gateways and next-generation firewalls. That still is fine for the traditional enterprise, but today, we are seeing entire data centers moved into clouds, whether public or private. That begs an entirely different question: How do we protect a perimeter that does not, physically, exist?
Several companies have struggled with this, and there are a few shining stars. However, the real benefits for companies that are hybrids – and that is a very large percentage these days – are that the cloud is both a source of challenge and a source of high-powered analysis. Move the security to the endpoints, continue to protect the physical perimeter of your enterprise and tie everything together, and you have a neat little package of protection.
Our Innovators in this category this year have done that and a bit more. One puts the sensors at the endpoints and does the analytics in the cloud. Lots of benefits to that architecture as you will see. The other is a deep analysis tool that figures out what is hitting the physical perimeter and addresses it without impacting – in fact, usually improving – the performance of the enterprise interface to the internet.
What we really liked about these two products was that they both take advantage of internet resources. In one case, malware checking is taken to a real extreme without adding an included anti-malware product. In the other case, attacks are stopped by aggressive active response.
Are these players innovative? We absolutely believe that they are. You'll need to decide for yourself, of course, but in our years of doing this we have not seen such simple – without being simplistic –effective responses to a couple of serious challenges. With that said, let's get to these folks and see what they have to offer.