Firewall companies are trying to grow up.
They once had a single purpose--to keep outsiders off corporate intranets--but are now starting to take on responsibility for the security of the entire network.
CheckPoint Software Technologies last week became the latest firewall vendor to outline a broad security framework that accounts not only for the intranet but provides a single management console from which a security manager can control a large corporation's entire security set-up.
The announcement follows a similar introduction from Secure Computing last month and Raptor Systems in July. Trusted Information Systems started with an enterprise-wide set of security tools and added firewalls later, so they can be said to started the trend.
All of them now share a single goal: "To be the vendor that delivers seamless, integrated security for the enterprise," as Mike Grandinetti, Raptor's vice president of marketing, put it.
Analysts say the new emphasis on enterprise-wide security is a predictable progression.
"Vendors know they need to move up the food chain," said Ted Julian, a firewall analyst with market research firm International Data Corporation. "With larger players moving in, all are looking for ways to diversify the kinds of products they sell."
Each firewall vendor, however, has a slightly different idea of how to get there.
CheckPoint will provide some of the security technologies itself but plans to focus on publishing application programming interfaces. This will let third-party vendors of anti-virus or Web-site filtering software, for example, adapt their software to run from the CheckPoint console and relieve CheckPoint of the necessity of providing all the software itself.
Secure Computing, on the other hand, is trying to assemble all the pieces of a comprehensive enterprise offering. To do that, it's gone on a buying spree, acquiring in the last six months, another firewall vendor Border Network Technologies, an authentication firm Enigma Logic, and a company that helps filter Web addresses, Webster Network Strategies.
Raptor has been pushing its Five Domains security model since last summer, identifying a hierarchy of security needs and building a suite of products to address each--its fifth domain is integrated enterprise security. To fill in gaps in its product lineup, Raptor picks companies that have complementary technologies and then makes sure all the software works together.
Trusted Information Systems, with roots in top-level government security consulting, retains core competencies in broad, systemwide security management.
Yankee Group predicts that the market for these kinds of integrated enterprise security solutions will grow from $200,000 last year to $1.3 billion in 2000.
Not all of that money will go to firewall companies, however. NeTegrity, a CheckPoint reseller, last month outlined its SiteMinder strategy to provide a single interface for controlling multiple security components, including firewalls from different vendors.
Market analysts are divided about whether the firewall vendors have a chance up against these companies with more enterprise experience and lots of name recognition.
Meta Group's Chris Byrnes doubts firewall companies can deliver truly enterprise solutions. "They show little understanding of system level security or security requirements," he sniffed.
But Michael Zboray at Gartner Group's thinks being a firewall vendor is a key advantage. "Most users are comparatively naive," Zboray said. "Their first contact with security ends up being a firewall. By default, the firewall guy ends up the expert."
IDC's Julian agreed: "Firewall vendors have come to be known among many as where you go when you need security."