From its early beginnings as a research and education network, the Internet has undergone significant changes during the first half of the 1990's. Until the last few years, the Internet served mostly the academic and defense research communities.
Recently, however, there has been an enormous growth in the number of individual systems and inter-operating networks connected to the Internet. Commercial activities and the creation of the World Wide Web (WWW) are largely responsible for recent phenomenal growth rates. As the Internet population steadily increases, so to do network security threats.
A relatively new solution to these security problems is a firewall system. A firewall, in essence, is like a military compound. The compound is secure on its entire perimeter and has only one passage point.
The passage point is heavily protected by a guard who authenticates all who want to enter the compound. The passage point is the focus of administrative control. In war time, the guard may be more suspicious and heavily armed than in peace time.
To provide access between an outside, untrusted network, and an inside, private network, companies are building firewalls around their corporate networks to guard against deliberate attacks and unintended security breaches.
A firewall has two primary functions: to prevent unauthorized access to the international network from the outside, and to permit access to the external network from the inside. It is simply a mechanism that controls and monitors all data traffic.
Although a secure firewall between the Internet and a private network presents a formidable barrier to external data hackers, it does not eliminate the need for sound security practices on the systems inside the private network.
KEY TRENDS AND ISSUES
Exhibit A (on the next page) shows key trends and issues regarding the Internet and network security.
As illustrated in Exhibit B, total worldwide user expenditures on firewalls software products and services is projected to grow from $1.1 billion in 1995 to $16.2 billion in 2000, at a compounded annual growth rate (CAGR) of 70%.
U. S. MARKET SIZE
As illustrated in Exhibit C, total U.S. user expenditures on firewall software and services is projected to grow from $820 million in 1995 to $8.1 billion in 2000, at a CAGR of 58%.
The U.S. accounts for such a high proportion (72%) of the worldwide market because the majority of Internet commercial domains today are in the U.S. As the number of worldwide unduplicated Internet users increases from 53 million to 250 million over the next five years, the proportion of commercial Internet use outside of the U.S. will increase. By the year 2000, the U.S. will account for only half of the firewall software products and services market.
The tremendous growth in popularity and use of the Internet by businesses, government agencies and universities has created a significant demand for comprehensive network security solutions, namely firewalls. The firewall market offers significant opportunities for vendors, professional services providers and systems integrators. The following section provides INPUT's conclusions about the emerging firewall marketplace:
- The only way for a company's networks to be completely secure is not to be connected to the Internet.
- Some users will wait to purchase Internet security products until a standard emerges.
This section provides a summary of INPUT's recommendations for users, firewall vendors, and application vendors.
1. Recommendations for Users
- Quantify the benefits and value of security versus the cost of security.
- Develop security policies before security tactics. Implementing a solution before identifying and analyzing all potential security problems is not an effective or efficient means of securing the enterprise.
- Understand the corporate environment. This will enable users to identify abnormal activities, such as an attack on the network.
- Identify the source of threat. Users must differentiate between external danger and internal risks to ensure that their security policies address all potential security breaches
- Remember the human factors. For example, nonsensical passwords may be more difficult to crack, but will probably end up taped underneath users' keyboards.
- Control corporate secrets and limit corporate trust. The fewer people with access to passwords and permissions the better. Security should be at a very granular level. Only trust those who need access to information to accomplish their tasks.
- Educate and train users.
- Develop job positions for security administrators. This will enable organizations to create a focus of administrative control and management.
2. Recommendations for Firewall Vendors
- Educate customers.
- Differentiate products.
- Cooperate with application vendors.
3. Recommendations for Application and Services Vendors
- Design applications with security foresight.
- Text existing applications with firewall solutions.
- Build and support proxy servers.
Article submitted by INPUT, a worldwide consulting and market research firm focused on information service technologies and the software market. For further information, contact Paul Kendrick.
This article adapted from Vol. 9#2.