Proofpoint to acquire social media security with Nexgate

November 21st, 2014 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

Proofpoint followed up its acquisition of NetCitadel this year, as well as Sendmail and Armorize Technologies last year, with the announcement October 23 of an agreement to acquire social media security provider Nexgate for $35m. Nexgate, founded in 2011, has a set of products designed to identify and inventory a company’s social media accounts. It also provides tools for managing those accounts – such as update/approve workflows and keeping trusted configurations in place – and provides monitoring to avoid problematic social updates associated with a company’s brand (e.g., updates from outside hackers or from disgruntled/inept employees).


Proofpoint is most often cited under email security solutions in the Wave 17 study, reflecting the company’s early and best-known value proposition, capturing about 6% of responses under anti-spam/email security. Proofpoint has a number of offerings under this umbrella, including email security, email encryption, message archiving and data-loss prevention (DLP) solutions around outbound messaging, offered via both on-premises and SaaS-based delivery.

Quotes from security managers about Proofpoint from the Wave 17 Information Security Study included the following:

  • “Don’t know if we’ll renew Proofpoint or go to Microsoft 365. Feedback I’ve gotten – it [Microsoft] may be adequate but not as feature-capable as Proofpoint, but [offers] tighter integration in 365 environment. Biggest pro is no cost, cheaper. I question their ability to truly protect the environment as well as some of the established brands in that space.” – LE, Consumer Goods/Retail
  • “We will evaluate Proofpoint. We have to see. Proofpoint, we had just the basic conversation. When salespeople move their lips, they’re lying, so we have to see. Proofpoint may close some potential gaps.” – LE, Education
  • “Doing a POC to move. I am an original Postini person who won’t buy into Google, so we’re evaluating Proofpoint.” – MSE, Telecom/Technology
  • “Proofpoint’s record management and archiving is quite exciting for me.” – MSE, Education

The inverse nature of external cloud storage

November 19th, 2014 by AnnMarie Jordan

Marco Coulter, Research Director for Storage

Enterprise technologies are commonly deployed first in large enterprises. Then, as the technology finds more customers and costs decrease, the technology moves down into usage by midsize and smaller enterprises. However, public cloud storage is exhibiting a reverse pattern. The largest enterprises are lagging behind midsize enterprises in adoption. There are some good reasons for this, but not all the inhibitors are business-based.

Larger enterprises have a choice. Compared to small and midsize enterprises, they are much better equipped to build private cloud storage environments. Normally, they are staffed with a larger team of skilled technicians and have sufficient budget flexibility to resource the endeavor.

When we compare current implementation in the accompanying chart, only 16% of large enterprises are using external cloud storage to support production workloads, while 27% of midsize enterprises already have external cloud storage in use. Even when we take longer-term plans into account, MSE implementations will still outpace implementations among LEs for the next 18 months.


The various industry verticals identify different inhibitors to using external cloud storage. Security and compliance were some of the best reasons to be cautious about moving data to external cloud storage, although they are becoming less of a justification as cloud providers increasingly provide compliant offerings. Where compliance sets geographic boundaries, it will require a greater investment from providers to introduce new datacenters.

Some large enterprises may just be biding their time. Cloud economics do not always compete with internal architectures where the workloads are not elastic enough to see a benefit from hourly chargeback. Other storage professionals see the technology as immature compared to the hardened architectures developed internally.

On-premises cloud storage is seeing the opposite adoption path; it is being more heavily taken on by large enterprises than by midsize ones.

Narrative comments reveal that reasons for avoiding or deferring external cloud adoption range from specific legal guidance to simple reluctance.

  • “‘We’ve already investigated that. Conclusion was that we have so many different PCI and SEC compliances that the plan is to build our own private cloud.” – LE, Telecom/Technology
  • “When we talk about what’s happened and lawyers tell us … it’s illegal to put ITAR data in other countries and cheaper cloud can’t guarantee it won’t be stored out of the country. We just can’t trust it really. So no cloud.” – LE, Education
  • “No [external cloud] today. If we have a use case where the economics work, we’re willing to go there. Not averse to the model, but most of our demands are persistent, not elastic. The economics still favor an internal capitalized solution.” – LE, Financial Services
  • “Not gonna be able to get it cheaper outside. And a large firm already has alternate sites. I get it for small and medium-size businesses that don’t have infrastructure, but we do.” – LE, Financial Services
  • “Over the next few years, we expect cloud storage will be easier to get to. … Right now it’s still not very user-friendly to use.” – LE, Industrial/Manufacturing
  • “We’re against any cloud thing or any off-site thing.” – LE, Services: Business/Accounting/Engineering

Enterprise cloud platforms gather momentum: Watch OpenStack and ‘don’t blink!’

November 17th, 2014 by AnnMarie Jordan

Peter ffoulkes, Research Director for Servers and Cloud Computing


With the IT industry experiencing the biggest transformation since the introduction of the IBM PC in the early 1980s, it is not surprising to see some tectonic scale shifts happening. Some investment companies consider the big-name datacenter companies such as Cisco, EMC, HP, IBM and Oracle as zombies – the walking dead. The question has been asked: “If you had to pick one that might possibly survive, which would it be?” The answer lies in their ability to transform into major suppliers for a cloudy future.

‘If cloud is the future, which platform should I embark from?’

That, indeed, is the question. In our recently completed – and yet-to-be-published – enterprise platform study, the OpenStack community appears to be perceived as a light at the end of the tunnel in the enterprise journey toward the cloud and is gathering momentum like an oncoming freight train.

As part of 451 Research’s Customer Insight service, new data from the recent Wave 14 Servers and Virtualization Study shows cloud platforms as the technology with the greatest upside opportunity for first-time adoption in the next two-plus years at 31% of respondents, 10 percentage points ahead of service catalogs, the next-highest technology. As the development and deployment environment for future enterprise workloads, the choice of cloud platform is a critical strategic decision, probably the most important choice enterprises will make in the next two years.

Twelve short months ago, VMware was the leader for cloud platforms, with 12% in use and 19% in plan. Just a year later, in-plan consideration for VMware-based cloud platforms has dropped from 19% to 16%, while the OpenStack community planned usage has doubled from 7% to 14%, nipping at the heels of VMware. It should be noted that this survey was completed prior to VMware’s announcement of its ‘VMware Integrated OpenStack’ offering, and that the OpenStack Community numbers do not include VMware. In addition, since this data is based upon vendor citations, the OpenStack community numbers may include some legacy technologies offered by the community members and, thus, represent a best-case scenario for OpenStack. Either way, the data supporting the growing momentum behind OpenStack is compelling.

Anecdotal commentary illustrates the early-stage thoughts expressed by TheInfoPro’s respondent community about cloud platforms and OpenStack:

  • “Cloud platform, looking at HP, OpenStack, IBM, as well as some others. Right now we’re testing VCAC.” – LE, Financial Services
  • “Shifting from CloudStack to OpenStack.” – LE, Other
  • “They are looking to sunset vCloud Director, the front end we use. Will retire it in favor of direct access.” – LE, Services: Business/Accounting/Engineering
  • “OpenStack (RHAT) – frankly, the team here is still trying to figure out how and why to use OpenStack. Take Research out of the equation, and VMware is the overwhelmingly dominant hypervisor. There’s this push to get out to AWS for public cloud, for reasons that may not be coherent. OpenStack is an attempt to build an open source private cloud, but I’m not sure we have the use cases for that.” – LE, Education
  • “OpenStack – in our calendar, we have a bit of a lull in January and will pilot OpenStack for about three months to see how it might fit into our strategy. The VMware licensing takes a big bite, and this could be a cost-efficiency solution for us. Will look at Hyper-V at the same time.” – MSE, Public Sector

NAC heats up

November 14th, 2014 by AnnMarie Jordan

Daniel Kennedy, Research Director for Information Security

Network access control (NAC) is seeing renewed interest in the current mobile computing environment, where security and system requirements must be enforced on guest laptops, and increasingly on employee-owned mobile devices. As a result, NAC sits atop the Wave 11 Information Security Study’s Network Technology Heat Index. This ranking is more a reflection of interest than implementation. In other words, most of our respondents’ NAC plans are in the long-term or past-long-term range, indicating a penciled-in plan to deploy NAC, rather than projects currently under way.


NAC shows short-term growth potential of 7 percentage points, with an additional 13% of interviewed network managers penciling NAC into their longer-term plans. Somewhat stagnant as recently as 2010, NAC has received increased attention due to issues in managing mobility and guest networks. One-fourth of network managers with the technology in place plan to spend more on it in 2015. Cisco retains a sizable lead in both in-use and in-plan implementations of NAC, with Aruba Networks having a growing but still-distant second position, and other players including ForeScout capturing enterprise share.

Quotes from network managers implementing NAC in 2014 included the following:

  • “It’s [NAC] creeping in. Because of the wireless devices, bring your own device, it’s forcing the issue that we have to have it be able to say ‘I’m sorry, you are not allowed here, you are only allowed here,’ and vice versa. We have BYOD in places we don’t want them right now.” – LE, Energy/Utilities
  • “Network security. We need a NAC solution.” – LE, Consumer Goods/Retail
  • “Using Cisco for end-user connections, but Aruba is the brains.” – LE, Consumer Goods/Retail
  • “We’re sticking to wireless, doing all our wireless stuff with it. Those things that go away and come back filthy.” – MSE, Energy/Utilities

VMware shows greatest future opportunity among self-service catalog alternatives

November 12th, 2014 by AnnMarie Jordan

Nikolay Yamakawa, Analyst for TheInfoPro

VMware took the lead in future project plans for self-service catalogs in the large and midsize enterprise space, which favored homegrown approaches for future deployments in our prior study. Pioneered by early adopters, the do-it-yourself approach continues to lead in implementations, but as digital infrastructures evolve, requiring more resources to maintain self-service catalogs, vendor-offered alternatives may gain traction. VMware currently shares second place with ServiceNow for implementations, but will become a close sole runner-up to homegrown approaches upon successful conversion of future project plans into use cases.

VMware is the main beneficiary of future project plans for self-service catalogs; these cited plans increased from 28% in 2H 2014 to 34% in 1H 2014. In-use implementations did not experience a similar uptick between the studies, with about one-quarter of respondents reporting deployments year over year. Spending intentions remain positive for the technology, with 23% planning to increase spending in 2014 and 29% in 2015, compared with just 1% and 3% planning spending cuts for the same time periods.

Given that there are more enterprises planning to implement self-service catalogs than those already using the technology today, there may be considerable changes on the vendor landscape in the future. VMware shows the highest future opportunity among self-service catalog alternatives at the moment, with many IT professionals having familiarity with the vendor’s technology from virtualization. Time will tell if VMware can convert future project plans into implementations as enterprises search for new, cost-efficient approaches to enable agile, automated and adaptable infrastructure.


Study respondents had the following commentary about their considerations for self-service catalogs:

  • “If VMware has an offering there [self-service catalogs], we’re so invested, we’ll look there first.” – MSE, Other
  • “There have been talks about it [a self-service catalog], but a lot of other things have to come first.” – LE, Consumer Goods/Retail
  • “[Self-service catalog is] part of cloud initiative; until we get that going, it’s not going to happen.” – MSE, Healthcare/Pharmaceuticals
  • “[Top projects:] Tangential to that is a project around overall IT service management; that has orchestration as part of it, but it also is defining the service catalog and publishing that catalog into self-provisioned services.” – LE, Consumer Goods/Retail

For policy-based provisioning, there is a changing of the guard

November 10th, 2014 by AnnMarie Jordan

Peter ffoulkes, Research Director for Servers and Cloud Computing

The journey to the cloud, in terms of evolving internal IT infrastructure to be cloud-ready, is a long one. The majority of organizations have now moved beyond the standardization and consolidation phases, while 32%, the largest individual group, are still engaged with virtualization. Automation, the phase following virtualization, has increased to 26%, the second-largest group.

Out with the old, in with the new

As enterprises transform their infrastructure to a virtualized, cloud-ready environment, automation becomes increasingly important to achieving agility while mitigating the risks of human error. As a direct result of this transition, a new generation of policy-based provisioning tools is required, causing consumers to re-evaluate their existing suppliers and creating opportunities for new contenders. In the 12-month period between our surveys, we have observed a significant change in vendor ranking when sorted by new opportunity. Long-established management software vendors HP, IBM and CA Technologies have dropped out of the top 10, while VMware has risen to the top, overtaking Microsoft. New entrants to the top 10 include Dell, ServiceNow and ServiceMesh.


Anecdotal commentary illustrates the changes being considered by TheInfoPro’s respondent community:

  • “We have a CA tool, but it is not implemented and not likely to be.” – LE, Consumer Goods/Retail
  • “I’m trying to sell that concept – it’s a maturity thing.” – LE, Transportation
  • “For Linux, that’s where Puppet will be coming in. And we do have Microsoft SCCM.” – LE, Financial Services
  • “That is done manually. We are looking at different products like Cloupia, now Cisco Director. Specific things to help us with auto provisioning.” – LE, Consumer Goods/Retail
  • “We’re also adding BMC BladeLogic in near term.” – LE, Financial Services

Applications with specific performance requirements are on the rise

November 4th, 2014 by AnnMarie Jordan

Nikolay Yamakawa, Analyst for TheInfoPro

Applications continue to evolve, with a significantly larger number of storage professionals reporting specific IOPS or other I/O performance requirements for certain apps now compared to a year ago, fueling the demand for flash storage. In 1H 2013, about half (52%) of our study respondents had specific performance requirements for applications, but in 1H 2014, the number ballooned to 73%. The most common requirements are IOPS-based, with 47% of selections, and latency-based, with 21%, followed by tier-based and SLA-based requirements, with 16% and 11% respectively. Enterprises can move applications to flash in order to solve some of those performance-related issues. Flash implementations appeared on a list of top projects for the first time in the Wave 18 Storage Study, consistent with more enterprises reporting specific performance requirements for certain applications.

As applications evolve, many storage professionals from large and midsize enterprises are starting to develop a deeper understanding of app performance. Before, some participants recognized that performance troubleshooting is challenging, but now there is a better understanding of where performance comes from and how it is tracked. Providing and monitoring storage performance continues to be the second most common pain point, with 21% of selections in the latest storage study. Applications that may require specific IOPS or other I/O performance requirements include databases, VDI and many other apps, such as trading applications. Some decision-makers are able to nail down numbers for specific application performance requirements, while others rely on ranges.

The rise of applications with specific performance requirements has implications for both vendors and enterprises. Storage professionals should have efficient communication channels with business units to plan ahead for any adjustments in app performance requirements. Vendors can fine-tune their portfolio of offerings to better serve applications supported by storage environments of existing and potential clients.


Storage managers had the following commentary about specific IOPS or other I/O performance requirements for certain applications in their environments:

  • “We use it for our VDI environment. We try to get about 60 IOPS per desktop.” – LE, Consumer Goods/Retail
  • “We group them high, medium, low. We have ranges. And then we hit a range with enough to embrace everything in the range.” – LE, Services: Business/Accounting/Engineering
  • “Latency requirements on hospital information database.” – LE, Education
  • “As fast as we can make; different apps have different IOPS – some of them can run overnight, others need to be almost instantaneous, especially trading apps.” – LE, Financial Services
  • “SAP (Oracle DB) – every time there’s a project or addition, we work with the DBAs to set up requirements – response time and IOPS, etc.” – LE, Industrial/Manufacturing

Cisco and HP go head to head in network automation

October 24th, 2014 by AnnMarie Jordan

Nikolay Yamakawa, Analyst for TheInfoPro

Cisco and HP lead the race in large- and midsize-enterprise network automation, gathering the highest number of selections for in-use implementations and future project plans. HP received the most citations for current use, but is closely followed by Cisco, which has enough in-pilot/evaluation projects to put itself ahead once these plans are converted into implementation. If the two incumbents convert all their future project plans into use, the two giants will gain almost the same number of implementations, further intensifying the rivalry in the space. SolarWinds and homegrown approaches, which share third place in use, are other alternatives gaining traction in network automation.

Network automation enables new efficiencies that about 27% our study respondents are already taking advantage of in 1H 2014, in addition to 8% reporting future project plans. With network automation, end users don’t have to wait for staff to complete outstanding tasks before starting work on new requests. The technology can improve service, lower costs and reduce security risks. Spending intentions remain positive in 2014 and get stronger for the technology in 2015. About 10% of decision-makers are increasing spending on network automation this year, and 13% plan to do the same next year, while those with budget cuts remain constant at just 1% for both years.

Network managers should evaluate existing environments to see what approach to network automation is most suitable given existing assets, employee skill sets and strategies. Cisco and HP have gained traction in the space, and we expect the rivalry to continue in the future, but as IT environments evolve, increased competition from other vendors may follow.


Network managers had the following comments about network automation:

  • “Very interested in it. It would help us a great deal. It would be included in one of our growth projects.” – LE, Energy/Utilities
  • “It’s more from a compliance perspective, that’s where you’ll see them [network automation] playing a major role; it compares and looks at configurations from a security perspective.” – LE, Other
  • “I wish it [SDN] was in plan. That would allow us to do some better automation. There’s always this desire to have a self-service portal where people can go and say, ‘I need this service and this application on my PC.’ It would be really neat if more automated tools were in place to build those environments.” – LE, Consumer Goods/Retail

Top considerations when selecting workload execution venues

October 22nd, 2014 by AnnMarie Jordan

Peter ffoulkes, Research Director for Servers and Cloud Computing

In our newly published Wave 7 Cloud Computing Study, respondents were asked about their ‘likely primary’ execution venues for a wide range of workload categories in the next two years, including non-cloud and the variations between private/public, on-premises/off-premises, internal or hosted, and their reasons for those choices. When the results for each workload category are aggregated by cloud type, 30% selected the primary deployment to be non-cloud, 34% to be private cloud, 9% hybrid cloud and 27% public cloud within the next two years.

Top factors considered in selecting the best workload execution venue

Regardless of the preferred primary execution venue, whether non-cloud, private cloud, hybrid or public cloud, the top five criteria for selecting a preferred execution venue are security, cost, agility, functionality/ease of use and compliance/governance at 28%, 20%, 13%, 9% and 8%, respectively.


When looking at the detail of workload category distribution by cloud type, the more traditional types of enterprise workloads are weighted toward non-cloud, private and hybrid cloud deployment venues in the next two years. For public cloud vendors, collaborative and cloud-native applications offer the best opportunities.

For every organization and industry, there are unique considerations that influence the ultimate choice of execution venue if the same top considerations are a major part of the decision-making process. Anecdotal commentary illustrates the range of circumstances expressed by TheInfoPro’s respondent community:

  • “One of the obstructive factors to this is encryption and data security. We’d like it to be public cloud, but in reality it will be mostly off-prem non-cloud hosting. And customer requirements [are a factor].” – LE, Consumer Goods/Retail
  • “Moving into hybrid – cost savings in this category. Most back-office we’re keeping in private for integration and reliability.” – LE, Education
  • “For bursting compute capability; more elasticity.” – LE, Energy/Utilities
  • “That was one of the prime reasons they went that way, to Amazon. Quite frequently, it’s not so much a project; they’re doing an analysis. They just want a whole lot of compute power to attack it to get a solution in a reasonable amount of time. It is platform as a service, if you will, pops up and goes away when it’s done. No ongoing costs, no paying for it up front.” – LE, Healthcare/Pharmaceuticals
  • “Some of that’s coming back in-house. We do use a lot of third-party e-commerce products at brand level today. We’ll bring that back onto our enterprise platform.” – LE, Consumer Goods/Retail
  • “New next-gen apps will more likely be deployed in public cloud with linkage back to internal systems, for scale and speed, but marred with security issues.” – LE, Financial Services
  • “Depends on the application. Non-high-value data would be off-premise; high value would be on-prem.” – LE, Industrial/Manufacturing

IBM, EMC and HDS battle for SDS’s key technology: storage virtualization

October 20th, 2014 by AnnMarie Jordan

Marco Coulter, Research Director for Storage

Storage virtualization warrants consideration by enterprises, not just because it is top five on TheInfoPro’s Heat Index, but more so as storage professionals see it as a pre-requisite for software-defined storage. The technology sees rejuvenation in 2014. IBM continues a multi-year run as most selected vendor for production deployments with its SVC offering. This year, EMC pulled ahead of HDS to take second place. The first vendor with an exclusively software offering, VMware, received increased production selections but stayed in fourth place.

Plans for the coming 18 months foreshadow a different picture. Enterprise plans for the technology increase, and leading vendors will share the bounty, though not equally. EMC again captured the most selections through multiple offerings. EMC’s VPLEX receives the most narrative mentions, yet some are still running the SAN switch-based Invista. Others are waiting for ViPR to be clearly defined before making a choice.


As software-defined datacenters find a definition among IT pros, storage professionals are settling on storage virtualization as a key technology for software-defined storage.

Storage virtualization is not new, and the technology’s history may end up an inhibitor to adoption. Several narrative comments mentioned failed attempts with the technology leading to reluctance to re-engage. A criticism of prior storage virtualization models was the resulting environmental complexity. The components came from different vendors, and would refresh or update with different lifecycles, making maintenance, diagnosis and refreshes complicated. This complexity remains today, as IBM’s SVC, EMC’s VPLEX and HDS’s VSP all require specific hardware.

Hopefully software-defined storage will deliver applications an opacity to this underlying complexity of storage virtualization. Today, the technology is ironically a hardware battle.

  • “We used to do that, don’t do that anymore. Because it wasn’t an integrated thing, you had to buy third party – it may not work right. The stuff went into obsolescence, but the storage didn’t. Wasn’t all in one package. We want one package, don’t want to deal with multiple vendors, don’t want them to go out of support at different times. Too many parts to work together.” – LE, Industrial/Manufacturing
  • “We tried that two years ago. That’s a question mark. Complicated, didn’t see enough value in it, big need for it. Storage people are not pushing that hard.” – LE, Transportation
  • “IBM SVC – storage virtualization enables easier data migration.” – LE, Services: Business/Accounting/Engineering
  • “Refreshing storage virtualization – from Invista to VPLEX.” – LE, Telecom/Technology
  • “[We use] IBM SVC. We’re on 6.3. Storage virtualization is a big deal with us, becoming a big VMware shop. Connecting virtualization to VMware is a big deal.” – LE, Public Sector
  • “We plan to consolidate to fewer systems and continue to migrate toward storage virtualization. Putting things behind SVC.” – LE, Telecom/Technology
  • “For block storage, it’s gonna be Hitachi Data Systems. ‘Cause with the virtualization and dynamic pooling I think they are leaders in the field. Everybody else has to follow what they’ve been doing since 2008. EMC and NetApp, several of ‘em have started adopting the pooling technology, but HDS is far superior.” – LE, Telecom/Technology
  • “We want to look at the EMC product – VPLEX.” – LE, Financial Services
  • “Awaiting EMC ViPR.” – LE, Telecom/Technology
  • “HDS VSP [for storage virtualization] in terms of performance, reliability and storage utilization. Storage virtualization to virtualize third-party vendors.” – LE, Financial Services