Deliver Your News to the World

’In The Cloud’ Security Services Hit the Peak of the Gartner Hype Cycle in 2009


Analysts Present Major Developments in IT Security, Privacy, Risk and Compliance at the Gartner Information Security Summit in Sydney Today

Sydney, Australia, Security services provided ‘in the cloud’ have the potential to provide cost savings and faster deployment compared with equivalent-capacity, premises-based equipment, but providers are yet to deliver on customer expectations, according to Gartner, Inc.

Defined by Gartner as internet-fabric-based managed security services, ‘in the cloud’ security services appear at the ‘peak of inflated expectations’ on Gartner’s 2009 Hype Cycle for Infrastructure Protection. Services provided may include managed firewalls, intrusion detection systems, intrusion prevention systems, antivirus services, distributed denial-of-service protection services, messaging security and Web gateway.

Speaking from the Gartner Information Security Summit at the Sydney Convention Centre today, Gartner managing vice president Ray Wagner said the introduction of in-the-cloud and as-a-service offerings in security had the potential to change the landscape for vendors by tilting the advantage toward bandwidth and security-as-a-service providers, and by giving buyers an additional option in build or buy decisions.

“Technologies at the ‘peak of inflated expectations’ on a Gartner Hype Cycle are there due to over-enthusiasm and unrealistic expectations, and limited successful implementations, as the technology is pushed to its limits,” said Mr. Wagner. “Cloud security providers must deliver on customer expectations for the effectiveness, scalability and cost savings of performing security filtering in the cloud or as a service. The small or midsize business is an appealing initial market for these delivery models at lower price points, and we expect that the technology will become mainstream within two to five years.”

Gartner recommends that organisations look at leveraging security-as-a-service providers, and bandwidth and remote connectivity service providers for opportunities to consolidate premises-based equipment into cloud-based delivery options, especially for remote-office or branch-office situations that would otherwise require on-site deployment and hardware maintenance.

Technologies at the ‘Peak of Inflated Expectations’ on a Gartner Hype Cycle generally soon tip over the peak and experience disillusionment among enterprise users.

Gartner research director Lawrence Orans said that Network Access Control (NAC) is a technology that has moved from the ‘Peak of Inflated Expectations’ down to the ‘Trough of Disillusionment’ on the Hype Cycle for Infrastructure Protection since 2006, based largely on the fact that it is not commonly deployed to fulfill its initial usage case — quarantining PCs that are missing patches or have out-of-date antivirus signatures.

According to Gartner, most early adopters of NAC have taken a different approach to NAC policies and have found worthwhile usage cases for NAC technologies. Instead of blocking users from the network (and from doing their jobs) because their PCs are missing a patch, most organizations that have deployed NAC are using it to implement guest network services.

“NAC functionality is increasingly being embedded in infrastructure and in core security products such as firewalls and endpoint protection platforms, which will help make NAC more affordable and easier to implement and manage,” said Mr. Orans. “We currently rate the technology as early mainstream and estimate that it will reach maturity within two to five years.”

Gartner’s security-related Hype Cycles assess major developments in both mature and emerging technologies in a broad range of areas related to security, risk management, compliance and governance, to help security professionals make critical technology purchasing and implementation decisions in an environment of economic uncertainty and constrained resources.

For example, security tools that are early in the development cycle are worth evaluating, but may be too immature for most enterprises to use. Enterprises that are facing immediate risks from the threats addressed by a newly introduced class of security tools, or seeking to gain competitive advantage by deploying tools early, may want to move ahead more rapidly.

Gartner has seven current security-related Hype Cycles, five of them updated far in 2009. These interactive reports track technologies and technology vendors across a comprehensive set of markets and market segments, evaluating their technological capabilities, business value and real-world viability.

Gartner’s updated security-related Hype Cycles are:

* Hype Cycle for Business Continuity Management, 2009
* Hype Cycle for Data and Application Security, 2009
* Hype Cycle for Governance, Risk and Compliance Technologies, 2009
* Hype Cycle for Identity and Access Management Technologies, 2009
* Hype Cycle for Infrastructure Protection, 2009

Additional information is available in the Gartner report ‘A Guide to Security-Related Hype Cycles, 2009’. The report is available on Gartner’s Web site at

About Gartner:
Gartner, Inc. (NYSE: IT) is the world’s leading information technology research and advisory company. Gartner delivers the technology-related insight necessary for its clients to make the right decisions, every day. From CIOs and senior IT leaders in corporations and government agencies, to business leaders in high-tech and telecom enterprises and professional services firms, to technology investors, Gartner is the indispensable partner to 60,000 clients in 10,000 distinct organizations. Through the resources of Gartner Research, Gartner Consulting and Gartner Events, Gartner works with every client to research, analyze and interpret the business of IT within the context of their individual role. Founded in 1979, Gartner is headquartered in Stamford, Connecticut, U.S.A., and has 4,000 associates, including 1,200 research analysts and consultants in 80 countries. For more information, visit


This news content was configured by WebWire editorial staff. Linking is permitted.

News Release Distribution and Press Release Distribution Services Provided by WebWire.