Network security tools such as next generation firewalls and next generation IPS will remain on-premise because organizations will need to control the flow of data into and out of their networks. The latency, delays and risks associated with running confidential data to/from a cloud provider are greater than organizations will be willing to tolerate.
Further, most modern on-premise solutions automatically update themselves with the latest protection and often leverage the cloud to provide a second layer of defense against various attacks. For example, some tools block malware at the edge of the network by utilizing a cloud database with millions of signatures. However, that type of service would typically be optional so organizations can disable it if they are not willing to let confidential data leave their network. In this case, on-premise solutions provide the best possible level of protection available today.
While it is true that some things are easier to administer through the cloud, security is not one of them. By its very nature security is something most organizations will want to keep in-house rather than turning over confidential data (even if encrypted) to a cloud provider. Some services, such as distributed denial-of-service protection, can benefit from cloud deployments, but then again, this is something that would better handled at the ISP level.
Different organizations will have varying risk tolerances which will contribute to what type of solution they choose, on-premise vs. cloud. For example, a risk adverse organization such as the Department of Defense, may insist upon keeping all data internal and thus require an on-premise solution, whereas organizations with less sensitivity may favor a cloud-based solution.
In many cases these risk tolerant companies (such as small businesses) may be the niche in which cloud providers are able to scrape by and fine-tune their technology. However, it is important to note that the total cost of ownership of utilizing an on-premise solution such as an integrated unified threat management appliance will often outweigh those of a cloud environment. When one calculates the total cost of a four to five year contract with a monthly reoccurring charge, it can turn out that on-premise solutions are actually cheaper in the long run.
Dell SonicWALL currently leverages cloud technology for various aspects of protection, however our core business will remain on-premise solutions. Examples of technologies that will live in the cloud include email security, hosted management and various aspects of our gateway anti-virus. It is important to also recognize that our comprehensive data collection and update management systems can be considered 'cloud' technology.
Examples of organizations that will likely retain on-premise security deployments include:
The military will likely always opt for closed on-premise networks because they cannot risk sensitive data related to national security being intercepted and/or modified through a cloud-based solution.
And financial institutions such as banks and credit card agencies will also likely always opt for closed on-premise networks because they cannot risk sensitive data related to financial records, accounting and money transfers being intercepted and/or modified in the cloud.
Cloud-based security does offer some advantages. Placing your network security in the cloud allows businesses to free up capital and personnel because the up-front cost to deploy is less than traditional premise-based tools and the vendor provides the bandwidth, IT staff and infrastructure to secure the data. This also allows businesses to scale quickly and with minimal effort, should the need arise. And failover is generally provided by the vendor where, with a traditional on-premise firewall, redundancy between data centers can be costly.
On-premise security tools, on the other hand, offer a level of security and control that's simply not possible in the cloud. An on-premise solution provides businesses with control over all the data, managed and handled by their own dedicated IT staff. On-premise solutions also provide significantly better threat protection than that available in cloud deployments.
The right solution will be scalable to manage even rapid corporate growth while upgrades can be scheduled to minimize business disruption. The rich feature set of on-premise network security systems makes it easier to integrate and tailor features tightly to the needs of a particular industry. This includes the ability to perform network forensics quickly and easily. All things considered, the long-term costs can be greatly decreased, especially for larger organizations, with on-site network security.
Dell SonicWALL makes security a business enabler to drive employee productivity and network performance. It provides intelligent network security and data protection solutions that empower customers and partners of all sizes and verticals to dynamically secure, control and scale their networks. For more information, visit http://www.sonicwall.com or http://www.dell.com.