While technology vendors and security analysts continue to endorse the notion that anti-virus software is increasingly becoming commoditized, sales of the IT systems defense tools will help drive $9.1 billion in security applications sales during 2007, according to researchers at Gartner.
The Stamford, Conn.-based analysis firm released its annual security software market growth estimates on Feb. 1, projecting the 10.7 percent gain in sales for the year, compared to the $8.2 billion in security applications sold during calendar 2006.
Gartner contends that a commanding $4.9 billion, or 53.8 percent, of all security applications sold during 2007 will be anti-virus products—made by companies such as Symantec, McAfee, Trend Micro, Sophos, Kaspersky, Panda, Microsoft and CA.
However, the research firm reported that traditional, signature-based anti-virus technologies will continue to be augmented with more pro-active defense applications—such as IPS (intrusion prevention systems), behavior-monitoring tools and NAC (network access control) software.
While signature-based anti-virus technologies take a more passive approach, relying on researchers and software providers to discover and patch malware exploits and software vulnerabilities, the more cutting-edge tools claim the ability to more actively defend against emerging attacks, such as so-called zero-day exploits. Most vendors of traditional anti-virus programs are aggressively launching behavior-based products, along with IPS and NAC technologies.
Additionally, Gartner predicted that vendors in the enterprise security market will continue to emphasize integration among their various products, offering IT workers more streamlined and centralized management of multiple applications. While most of those products will be delivered to customers in a single package—as some vendors have predicted—security software providers will seek to offer integrated anti-malware, firewall, IPS and NAC programs in the near future, Gartner said.
Despite the vendors integrated product strategies, the research firm contends that less than 15 percent of all enterprise companies will purchase such "converged clients" for their entire desktop environments over the next 18 months. Integrated security technologies will be adopted at a relatively slow pace between 2007 and 2009, Gartner predicts, by which time the newer, more-centralized systems will be in use at 35 percent of all enterprise customers.
"The move to converged endpoint suites will be a long road," Nicole Latimer-Livingston, analyst with Gartner, wrote in a summary of the report. "The enterprise desktop is closely guarded and the IT buying center is leery of introducing new technology that may inhibit user experience and increase costs."
While security software makers are touting the simplified administration and management of their integrated technologies, most customers still view the products as too volatile to adopt broadly, the analyst observed. In fact, the report contends that enterprises arent yet buying into products that integrate only anti-virus, IPS and firewalls, even with software makers aggressively pricing the technologies.
"The high costs of administration, issues with false positives and interference with software distribution have been barriers to adoption for most enterprises," wrote Latimer-Livingston. "Companies are not rapidly moving to anti-virus suites with IPS or personal firewall functionality, despite some attractive licensing incentives."
Security software is in fact, becoming significantly more complex, Gartner reports, and it is unlikely that a single technology vendor can meet all of enterprise clients demands. With some vendors pitching themselves as all-in-one providers, it will be more likely that customers do business with a small group of security software and hardware makers who can demonstrate deep integration between their products, according to the market projection.
"Customers prefer to deal with two or more vendors that already trust each others products and practices," Latimer-Livingston wrote. "As security software is increasingly imbedded in hardware, it is essential for software vendors, particularly those offering fast-growing niche solutions to partner with key hardware vendors to obtain preferential entrance into the marketplace; this relationship can be a good starting point for future developments."
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.