welcome to beyond security new york - westcon-comstor · strategy, operations, and software...
TRANSCRIPT
-
1
Welcome to Beyond Security New York
-
Opening Session: The Evolution of Westcon
Carol Neslund and Lou Guiga
-
3
A HUGE Thank You to FY17 Vendor Sponsors
PresenterPresentation NotesREAD:Our Diamond Sponsor: Palo Alto Networks
Emerald Sponsors: FireEye, Gemalto
Sapphire Sponsors: Check Point, Firemon, F5, HPE, Juniper, Symantec + Blue Coat, Tripwire
Ruby Sponsors: ForeScout & Guidance
-
4
Evolution of Westcon
0
1000000
2000000
3000000
4000000
5000000
6000000
7000000
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
Juniper
Palo Alto Networks
F5 Networks
Gemalto
FireEye
Blue Coat + Symantec
HPE
Check Point
Tripwire
Westcon Cloud Solutions
Westcon Professional Services
Westcon Emerging Vendors: Firemon, Guidance Software,
ForeScout
Launched Westcon Security
-
5
Welcome, Carol!
Carol Neslund, VP Security Solutions, Westcon
-
Inside the Threat Matrix
Bill Hardin
PresenterPresentation NotesCarol: Thank you, BillNow, please welcome our Diamond Sponsor, Palo Alto Networks(Roman Kochanowsky) & he will be using the whiteboard today
-
Inside the Threat Matrix
Risk Management for Cyber Security Events
-
Private and Confidential
Your Presenter Today
8
Bill Hardin has worked on hundreds of forensic engagements in the areas of data breach and cyber incident response, theft of trade secrets, white collar crime, FCPA investigations, and enterprise risk management. Many of his cases have been mentioned in The Wall Street Journal, Financial Times, Forbes, and Krebs on Security, amongst other publications. With a background in finance, operations, and software development, he brings valuable insights to clients from multiple dimensions. In addition to his forensic engagement assignments, Bill has served in numerous interim management roles for organizations experiencing disruption. He has assisted companies with various management consulting assignments pertaining to strategy, operations, and software implementations.
Mr. Hardin is a CPA/CFF, Certified Fraud Examiner (CFE), and a certified Project Management Professional (PMP). Mr. Hardin has spoken at numerous events on cybercrime, risk management, and strategy/operations consulting. He serves on the board for Legal Prep Charter Schools and is an adjunct professor at DePaul University in Chicago.
You can reach him at [email protected]
mailto:[email protected]
-
Private and Confidential
DISCLAIMER
9
The material presented in this presentation is not intended to provide legal or other expert advice as to any of the subjectsmentioned, but rather is presented for general information only. You should consult knowledgeable legal counsel, forensicexperts, or other knowledgeable experts as to any legal or technical information.
-
Private and Confidential10
-
Private and Confidential
Agenda for Today
11
• In the News
• Threats
• Valuation
• Behavioral Aspects
• Game Simulation
• Questions and Answers
-
Private and Confidential12
-
Private and Confidential
In the News
13
IF WHENWHIF
-
Private and Confidential14
DISRUPTIONWe Are Here, There, and Everywhere
-
Private and Confidential
Threats
15
Employee Mistakes
CriminalHackersHacktivists
Cloud or 3rd Party
Compromise
Malicious Insider
-
Private and Confidential
Black Market Economics
16
Value of your data
Name Date of
BirthChallenge Questions
Social Security Number
Employee ID
Driver’s License
User Name
Password
Medical Record Number
Email Address
EmailAddress
Social Security Number
User Name
Password
-
Private and Confidential
Game Theory in Practice
17
Behavioral Economics - To cooperate or not to cooperate?
-
Private and Confidential
Ransomware – Jigsaw Variant
18
-
Private and Confidential
Business Email Compromise – Example 1
19
Dear John,
Please wire the proceeds of the sale to the following account in the amount of $50,000. This is related to the Sun transaction.
Confirm receipt of this email.
Emanuel Goldstein
-
Private and Confidential
Business Email Compromise – Example 2
20
Dear John,
Please send me the W-2 information for all company employees. Please provide in an excel spreadsheet or send me the PDFs.
Confirm receipt of this email.
Emanuel Goldstein CEO
-
Private and Confidential21
Phishing Emails
STAGE ONE
300 Individuals
STAGE TWO
15 Individuals Clicked Document and Backdoor
created
30 Individuals Clicked Document and Not Impacted
255 Individuals did not do anything
Threat Actor has full control over asset (including file
share access, email, local file access, installed programs)
-
Private and Confidential22
Ransom – Example 1
PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS!
We have chosen your website/network as target for our next DDoS attack. All of your servers will be subject to a DDoS attack starting in two days.
How do I stop this? We are willing to refrain from attacking your servers for a small fee. The current fee is 5 Bitcoins (BTC). The fee will increase by 5 Bitcoins for each day that has passed without payment.
What if I don't pay? This is not a hoax, do not reply to this email, don't try to reason or negotiate, we will not read any replies. Once you have paid we won't start the attack and you will never hear from us again! Please note that Bitcoin is anonymous and no one will find out that you have complied.
-
Private and Confidential23
An email is sent to the , CFO with the following:
Dear CFO,
We managed to gain access to some things we probably shouldn't have had access to. After looking through these files and information we found something that stood out to us. Pricing information, employee data, customer lists, etc..
Like you, we are a for-profit group. Due to security reasons we are only able to receive our payment in bitcoin. If you are interested in keeping this information private, please send 35 bitcoins to the bitcoin address listed at the very bottom of this email.
We advise you to keep this confidential.
Bitcoin Address:1P4STNLNAOGNrLRFCyER2vfQVjKRMG7ihGDoy8
Two days. noon pacific time.
Ransom – Example 2
-
Private and Confidential
Ransom Letter - The Next Day
24
CFO receives another email:
Paying our fee is less expensive that going out of business. Here is proof of my request.
(Two documents are attached – one is an excel report, while the other is a word document).
You have one more day to pay my fee or information will be released.
-
Private and Confidential
Statistics Telling the Story
25
Cyber Industry Trends
Paper 5%
Human Error 15%
Privacy Policy 8%
Hack 29%
Rogue Employee
14%
Software Error3%
Other 8%
Laptops13%
Hard Drives3%
Other 2%
Lost/Stolen Devices
18%
Industry Breakout:• Healthcare –
30%• Technology –
11%• Professional
Services – 14%• Retail – 9%• Financial
Institutions – 7%
-
Private and Confidential
Cyber Industry Trends (10 years)Triggers by Industry Segment (as of 10/2015)
26
0%10%20%30%
7%
25%18% 21%
10%
Healthcare
0%10%20%30%40%
36%
8%21%
10% 12%
Technology
0%10%20%30%40%50%
50%
11% 11% 3% 14%
Retail
0%5%
10%15%20%25%30%
23%
10%
26%20%
5%
Professional Services
-
Private and Confidential
Exposure for a Company
27
Exposure
Liability
Suits from your
customers
Consumer
Class Action Suits
Regulatory
Settlements with the FTC, State AGs, HHS,
FINRA, SEC, etc.
Privacy Regulat
ory Proceeding inc. Fines and
Consumer
Redress Funds
Defense costs
Privacy Event Expenses
Notification Costs
Forensics
Legaland PR
Credit Monitor
ing
-
2016 and 2017 Predications
-
Question and Answer Period
-
Diamond Sponsor: Palo Alto Networks
Roman Kochanowsky
PresenterPresentation NotesCarol: Thank you, BillNow, please welcome our Diamond Sponsor, Palo Alto Networks(Roman Kochanowsky) & he will be using the whiteboard today
-
Up the Cloud Game
Matt KarstSenior Director- North America Cloud Practice
-
32
The Why
The What
The How
PresenterPresentation NotesIn the next 20 mins, I want to cover the following 3 items. Why the Cloud is not only important in our industry, but why it is strategically important to us as a cloud distributor and why it should be very important to you. Secondly, what are we doing to help our resellers through this journey to the cloudLastly, how to get started. We will give you a path.
-
PresenterPresentation NotesSince it is now the beginning of football season, I thought that these jersey numbers could help with understanding the WHY cloud is such an important topic to embrace. Over half of customers surveyed in a recent 2016 Spotlight report will spend 15%+ of their IT budget on cloudOver 80% have begun planning or implementing some cloud based environment within their companyCloud security market is expected to grow at a 15% CAGR and reach US $8.7B by 201957% believe that insufficient data protection strategies and solutions contribute to insider data attacks
1, 2 Cloud Security 2016 Spotlight Report, CrowdResearchPartners3 Markets and Markets, 20154 “Market Share Analysis: Security Software, Worldwide, 2015,” Gartner, Inc.
-
34
2015 201920172016 2018
Staying competitive requires hybrid solutions
5 YR CAGR = 6.33%
5 YR CAGR =18.34%
PresenterPresentation NotesThe good news is that On Prem enterprise security revenues are not going away anytime soon, but the combination of HW and cloud, a hybrid solution, must be focused on.
Chart1
20152015
20162016
20172017
20182018
20192019
On-premise enterprise security
Cloud
13510
1340
14500
1671
15500
1984
16500
2333
17268
2627
Sheet1
On-premise enterprise securityCloud
2015$ 13,510$ 1,340
2016$ 14,500$ 1,671
2017$ 15,500$ 1,984
2018$ 16,500$ 2,333
2019$ 17,268$ 2,627
-
35
The Opportunity is Clear
PresenterPresentation NotesSo we recognize the opportunity is clear, but we wanted to know why we should insert ourselves into this cloud supply chain. So, we developed a Channel Cloud Survey in June that ran for 3 months.
-
36
2016 “Cloud in the Channel” survey
PresenterPresentation NotesLaunched in mid-June/closes at the end of August
OBJECTIVE�Understand our reseller customers and where they are on their cloud journey, solution needs and how we can help them accelerate cloud adoptionAPPROACH�Survey to existing resellers, vendors, Sis, prospectsPromoted through social and other online channels (email footers, etc)
Results in September, full webinar in October1st Wednesday!!!!
-
37
The channel is reshaping their business for cloud;Most resellers are at the beginning of their journey
$•••
Source: Westcon-Comstor Voice of the Customer Research, 2016
PresenterPresentation NotesHuge upside for businesses providing cloud services–We found that our partners are on this journey as well.Nearly 2/3rds of you are re-shaping your business, preparing for this changeOnly 12% of the channel is currently deriving more than 50% of their revenue from cloudMost channel partners are just at the beginning phases of their journey to cloud50 % just putting in plans to increase sales and compensation providers
-
38
Strategies resellers are using to transform their business
Source: Westcon-Comstor Voice of the Customer Research, 2016
PresenterPresentation NotesAs mentioned before, we did our own research and here is what resellers told us they are doing to transform their business
Portfolio expansionNew service developmentBundlingLeveraging distributors
In all areas that are being used, Westcon-Comstor can play a significant role, reinforcing that investments in enablement, strategic programs and a cloud centric portfolio are critical.
-
39
WHAT we provide
PresenterPresentation NotesSo, what role can we play in the cloud supply chain. First, lean on us for our deep security expertise. Second, our best of breed cloud portfolio. Third, we MUST bring our partners new services, programs, assets to leverage.
Let’s review our current best of breed portfolio.
-
40
Best of Breed Security Cloud PortfolioNorth America
DDoS- Distributed Denial of Service
Threat Intelligence Web Security
Cloud Access Security Broker
Email Security Compliance
Encryption
http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwiX8vDB_orPAhXKGj4KHaKzAnUQjRwIBw&url=http%3A%2F%2Fwww.networkequipment.net%2Fproducts%2Fpalo-alto-networks%2F&psig=AFQjCNGgM2cqh_bpB39Ult-BNla6utOw_g&ust=1473809267078032http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwiX8vDB_orPAhXKGj4KHaKzAnUQjRwIBw&url=http%3A%2F%2Fwww.networkequipment.net%2Fproducts%2Fpalo-alto-networks%2F&psig=AFQjCNGgM2cqh_bpB39Ult-BNla6utOw_g&ust=1473809267078032
-
41
Best of Breed Security Cloud Portfolio
North AmericaThreat Protection
WAF - Web Application Firewall
Network Forensics
Firewall Management
http://www.bing.com/images/search?q=blue+coat+logo&id=14F658E9E6A8D4CE08494EA26646626AF9C3F6C4&FORM=IQFRBAhttp://www.bing.com/images/search?q=blue+coat+logo&id=14F658E9E6A8D4CE08494EA26646626AF9C3F6C4&FORM=IQFRBAhttp://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwiX8vDB_orPAhXKGj4KHaKzAnUQjRwIBw&url=http%3A%2F%2Fwww.networkequipment.net%2Fproducts%2Fpalo-alto-networks%2F&psig=AFQjCNGgM2cqh_bpB39Ult-BNla6utOw_g&ust=1473809267078032http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwiX8vDB_orPAhXKGj4KHaKzAnUQjRwIBw&url=http%3A%2F%2Fwww.networkequipment.net%2Fproducts%2Fpalo-alto-networks%2F&psig=AFQjCNGgM2cqh_bpB39Ult-BNla6utOw_g&ust=1473809267078032
-
42
North America Cloud Matrix- Quick Reference Guide
-
43
Click Here for this Asset
Click Here for this Asset
https://www.westconcomstor.com/us/en/capabilities/cloud/Documentation.htmlhttps://www.westconcomstor.com/us/en/capabilities/cloud/Documentation.html
-
44
Resources You May Also Like:
.
Learn More
Click Here for this Asset
Click Here for this Asset
https://www.westconcomstor.com/us/en/capabilities/cloud.htmlhttps://www.westconcomstor.com/us/en/capabilities/cloud/Documentation.htmlhttps://www.westconcomstor.com/us/en/capabilities/cloud/Documentation.html
-
45
HOW do I start?
Understand your true cloud “readiness” position in your business to be effective in the cloud services marketplace…
-
46
Request access to our “Readiness” SaaS Platform [email protected]
2 Provisioning information sent back from [email protected]
View 10 minute user training video at https://www.dropbox.com/s/sbelkykobchkhdp/Kloud_Readiness_Episode_2.mp4?dl=0
Go to www.kloudreadiness.com Complete Businesstrakker platform interaction
3
4
mailto:[email protected]?subject=Request%20to%20Access%20Readiness%20Saas%20Platformmailto:[email protected]://www.dropbox.com/s/sbelkykobchkhdp/Kloud_Readiness_Episode_2.mp4?dl=0http://www.kloudreadiness.com/
-
47
Outcome – Results Dashboard
• Current Stature• Actions Required• Business Mix Profile• Best in Class Profile
-
48
Level 2: Content Library• Plan your Revenue Path
• Project your Profitability
• Examine desired Business Mix
• Review Financial Composite
• Validate appetite to properly Invest
• Align Organizational Model
48
• Assess Adaptability of Current Sales Team
• Don’t Disrupt Core Selling Focus
• Define Cloud Selling Objectives
• Create Dedicated Selling Team
• Train & Strain to Make Quick Gain
• Align with Go-to-Market Strategy
PresenterPresentation NotesFor the first 10 partners that hand me their business card or send an email to me at [email protected], I will not only cover the first license for Level 1 asessment, but I will will cover the second level cost as well. This is a several hundred $ value, you just need to commit to the journey.
-
49
Thank you!
PresenterPresentation NotesFor the first 10 partners that hand me their business card or send an email to me at [email protected], I will not only cover the first license for Level 1 asessment, but I will will cover the second level cost as well. This is a several hundred $ value, you just need to commit to the journey.
-
50
Be not the first by which a new thing is tried, or the last to lay the old aside.
- Alexander Pope
-
Senior Director- Cloud Practice
[email protected](303) 704-8719
Matt Karst
-
Break
PresenterPresentation NotesCarol: Thanks, Matt! NOW we have a 15 minute break with refreshments in the hall
-
Emerald Sponsor: Gemalto
Dante Tuccero
PresenterPresentation NotesLou: Welcome back everyone… I hope you enjoyed the 7th inning stretch.Next, I would like to Welcome our Emerald Sponsor, Gemalto (Dante Tuccero)
-
Identity & Data Protection Overview
Dante TucceroChannel Account Manager – Northeast
-
Accept the Breach
1
Protect What Matters, Where It Matters
2
Secure the Breach
3
Perimeter security alone is no longer enough.
Data is the new perimeter.
Attach security to the data and applications. Insider threat is greater than ever.
Breaches will happen – we must prepare!
A New Mindset is Needed…
55 Introduction to Identity Data Protection 04.10.16
-
Who We Protect.
Gemalto IDP is trusted by 25,000 customers and partners in 100 countries, including blue-chip organizations
UK Government
56 Introduction to Identity Data Protection 04.10.16
http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&ved=0CAQQjRw&url=http://en.wikipedia.org/wiki/Cisco_Systems&ei=DuZfU8GkNIa1yATP0YCwCQ&bvm=bv.65636070,d.aWw&psig=AFQjCNGbBX8wCX_keBocuhFC56TZYt0FKw&ust=1398880142909319http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&ved=0CAQQjRw&url=http://en.wikipedia.org/wiki/Cisco_Systems&ei=DuZfU8GkNIa1yATP0YCwCQ&bvm=bv.65636070,d.aWw&psig=AFQjCNGbBX8wCX_keBocuhFC56TZYt0FKw&ust=1398880142909319
-
Crypto Management
Key Manager
HSM
Crypto Provisioning
System
Applications
SaaS Apps
File Servers
Databases
Virtual Machines
Storage Networks Physical Data
Virtual Data Data in the Cloud
ENCRYPT THE DATA
Data at Rest Encryption Data in Motion Encryption1
Crypto Management
Key Manager
HSM
Crypto Provisioning
System
SECURE & MANAGE KEYS
2
Internal Users +Administrators
Cloud ProvidersAdmins/Superusers
Internal Users +Administrators
Cloud ProvidersAdmins/Superusers
Strong Authentication
CONTROL ACCESS
Internal Users +Administrators
Cloud ProvidersAdmins/Superusers
Customers +Partners
3
Our Three Pronged Approach to Protecting Data
57 Introduction to Identity Data Protection 04.10.16
-
30KeySecureIntegrations
-
307HSM
Integrations
-
SafeNet’s Authentication Portfolio
VPNs Web AppsWeb-mailVDI
SaaS Apps ERP IAM
SafeNet’s Authentication Ecosystem
Enterprise Endpoints
SafeNet Authentication
60 Identity Protection
“OTP” “PKI”
-
Gartner Magic Quadrant:User Authentication 2014
The most highly ranked vendor
Considered the most visionary
Cited for the best execution
Recognized as having:
Very sound market understanding
Very strong product strategy
Innovation
The competitor others need to beat!
61 Identity Protection
-
136Authentication
Integrations
-
Why Choose Gemalto?
USE CASE COVERAGE│ COMPREHENSIVE KEY MANAGEMENT AND DATA ENCRYPTION
SUPERIOR ECOSYSTEM│ LEADER WITH THE MOST STORAGE, APPLICATION & DATABASE VENDOR INTEGRATIONS
CLOUD READY│ ENCRYPT DATA AND SECURELY MANAGE KEYS ON-PREMISE AND IN THE CLOUD
HIGH ASSURANCE OPTIONS│ INCREASE THE LEVEL OF SECURITY WITH SECURE NETWORK ACCESS AND PROTECTION OF DATA
2
4
© SafeNet Confidential and Proprietary
PresenterPresentation NotesTrue enterprise key management enables uniform, consistent key management and policy management across heterogeneous environments.Centralize key management lifecycle Reduces operational costsSeparation of dutiesUnique keys
-
Three Phases Of A Multi-Year Security Spending Cycle
Michael Turits, Raymond James
PresenterPresentation NotesLou: Thanks, Dante! Next, I am pleased to Welcome Michael Turits from Raymond James
-
65
U.S. Research
September 27, 2016
© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863
Please read disclosure/risk information and Analyst Certification beginning on slide 33.
Published by Raymond James & Associates
Three Phases Of A Multi-Year Security Spending Cycle
Grow th, Diversification, CloudMichael Turits, Managing Director
Infrastructure Software Research+1 (212) 297-5617
Jeremy Benatar, CFA, Senior Research AssociateAustin Dietz, Research Associate
mailto:[email protected]
-
6666
Michael Turits Bio
Michael Turits is Managing Director and Senior Equity Research Analyst for Infrastructure Software at Raymond James. Mr. Turits covers 20 companies across the infrastructure software industry including software flagships Microsoft and Oracle as well as Raymond James co-managed IPOs Atlassian, Rapid7, New Relic, MobileIron and Palo Alto Networks.
Mr. Turits' research focuses on Infrastructure Software including: IT Security, Cloud Infrastructure, Data and Analytics, Storage Software, and Content Delivery Networks (CDN). He publishes topical industry reports around his field research including the recent “Evolving to Software-Centric Networks: Implications for Systems and Software,” a software-defined networking report co-authored with analysts Simon Leopold and Tavis McCourt. Mr. Turits has been quoted or made appearances for media outlets including: The Wall Street Journal, Barron’s, Bloomberg, Reuters, Dow Jones, Bloomberg Television, Forbes, and Business Week.
Prior to Raymond James, Mr. Turits covered the infrastructure software sector as a Senior Vice President and Senior Software Analyst at Prudential Equity Group, LLC. Before shifting his focus to infrastructure software companies, he followed the telecommunications services sector as an associate analyst for Prudential.
Prior to becoming an equity research analyst, Mr. Turits was the owner/operator of an aviation services company, and also edited and contributed articles to 1-800 Magazine: A Review of Technology and Society. Mr. Turits earned a master’s degree in international economics and management from SDA Bocconi University (of Milan), a Ph.D. in comparative literature from the University of Massachusetts, an M.A. in comparative literature from New York University, and a B.A. from Georgetown University. He is also a Certified Flight Instructor and holds an Airline Transport Pilot rating.
-
6767
Infrastructure SoftwareCoverage Universe
Source: FactSet, Raymond James
Share Shares Market Ent.Price Out. Cap Value 2016E 2017E 2016E 2017E 2016E 2017E 2016E 2017E Gross EBIT
Service Now NOW Strong Buy $77.45 173 13,369 13,021 37% 27% 9.5X 7.5X — — — 29.3X 75% 12%Microsoft MSFT Strong Buy $57.43 7,929 455,362 395,809 1% 6% 4.3X 4.0X 20.9X 18.8X 16.4X 13.7X 64% 30%Palo Alto Networks PANW Outperform $151.22 92 13,867 12,437 38% 30% 7.9X 6.0X — 47.1X 19.9X 15.6X 78% 18%New Relic NEWR Outperform $37.75 56 2,102 1,906 46% 28% 8.0X 6.3X — — — — 80% -13%Splunk SPLK Outperform $58.15 137 7,965 6,939 36% 31% 7.6X 5.8X — — 44.2X 26.2X 84% 5%Rapid7 RPD Outperform $17.55 44 764 680 40% 26% 4.4X 3.5X — — — — 77% -24%Fortinet FTNT Outperform $36.33 176 6,405 5,183 26% 20% 4.1X 3.4X — 41.8X 18.3X 13.3X 74% 15%Atlassian TEAM Outperform $30.75 232 7,132 6,388 35% 30% 12.2X 9.4X — — — 37.2X 86% 17%MobileIron MOBL Outperform $2.74 98 267 182 9% 12% 1.1X 1.0X — — — — 82% -23%Oracle ORCL Outperform $39.23 4,221 165,590 151,250 0% 3% 4.0X 3.9X 15.0X 13.8X 11.9X 11.5X 80% 42%Red Hat RHT Outperform $79.13 183 14,493 13,039 17% 14% 5.4X 4.8X 35.7X 30.4X 17.5X 15.5X 87% 23%Symantec SYMC Mkt. Perform $25.04 641 16,042 18,096 13% 12% 5.1X 5.1X 21.9X 19.9X — 24.0X 84% 30%VMware VMW Mkt. Perform $73.38 427 31,341 24,176 5% 5% 3.5X 3.3X 17.1X 16.0X 11.3X 11.3X 87% 32%Checkpoint CHKP Mkt. Perform $75.70 175 13,234 9,526 5% 6% 5.6X 5.2X 17.0X 15.4X 10.2X 9.7X 89% 55%FireEye FEYE Mkt. Perform $14.37 169 2,425 2,232 16% 12% 3.1X 2.8X — — — 32.7X 72% -27%Akamai AKAM Mkt. Perform $52.25 176 9,218 8,247 5% 10% 3.6X 3.2X 20.4X 19.4X 18.3X 17.7X 76% 27%CA CA Mkt. Perform $32.63 415 13,541 12,715 1% 1% 3.1X 3.1X 12.9X 12.6X 12.5X 12.2X 86% 38%CommVault CVLT Mkt. Perform $53.31 46 2,441 2,031 7% 8% 3.2X 3.0X — 49.9X 27.2X 23.8X 87% 11%Citrix CTXS Mkt. Perform $84.91 157 13,303 12,427 3% 4% 3.7X 3.5X 16.8X 15.5X 12.3X 11.6X 85% 30%Limelight LLNW Underperform $1.66 104 172 142 1% 4% 0.8X 0.8X — — — — 54% 1%
Coverage Max — — — — — 46% 31% 12.2X 9.4X 35.7X 49.9X 44.2X 37.2X 89% 55%Coverage Mean — — — — — 17% 14% 5.0X 4.3X 19.8X 25.0X 18.3X 19.1X 79% 24%Coverage Median — — — — — 11% 12% 4.2X 3.7X 17.1X 19.1X 16.9X 15.6X 81% 28%Coverage Min — — — — — 0% 1% 0.8X 0.8X 12.9X 12.6X 10.2X 9.7X 54% -27%
Software Mean — — — — — 13% 13% 4.4X 3.9X 24.0X 23.5X 22.9X 20.2X 71% 13%Software Median — — — — — 8% 10% 3.9X 3.5X 20.5X 19.4X 20.4X 18.0X 72% 16%
S&P 500 SPX — $2,164.69 — — — — — — 17.9X 16.9X — — — —
Coverage stocks based on closest FY, softw are mean CY, dollars in millions except per share dataNote: Microsoft, Oracle, and Palo Alto Netw orks are valued on a Calendar Year Basis, Microsoft excludes effect of Window s 10 deferrals, all NTM estimates are consensusSB1=Strong Buy, MO2=Market Outperform, MP3=Market Perform, MU4=Market Underperform; EVRG=EV/revenue to revenue grow thSource: Raymond James research, FactSet
RJ Software Coverage Ticker Rev. Y/Y%Rating 2016E MarginEV/Revs P/E EV/FCF
-
6868
Security Software Universe
Next-Gen Endpoint IAM "Cloud" CASB OtherCylance Okta Illumio Skyhigh Networks Logrhythm
CrowdStrike Sailpoint vArmour Netskope ForcepointSentinelOne Centrify zScaler Ciphercloud Tenable
Bromium Ping Identity CloudFlare Last LineInvinceaTanium
MalwareBytes
Key Private Vendors
Source: FactSet, Raymond James
Share Shares Market Ent.Price Out. Cap Value 2016E 2017E 2016E 2017E 2016E 2017E 2016E 2017E Gross EBIT
Palo Alto Networks, Inc. PANW Outperform $148.49 92 13,617 12,186 38% 32% 7.7X 5.8X — 45.1X 18.3X 13.1X 68% 15%Splunk SPLK Outperform $59.36 137 8,131 8,016 37% 28% 8.8X 6.9X — — — 30.4X 85% 5%Rapid7 RPD Outperform $16.35 44 712 627 40% 27% 4.1X 3.2X — — — — 77% -26%Fortinet, Inc. FTNT Outperform $35.67 176 6,289 5,067 27% 19% 4.0X 3.3X — 40.3X 17.3X 12.1X 74% 15%FireEye, Inc. FEYE Perform $14.08 169 2,376 2,184 16% 15% 3.0X 2.6X — — — 43.9X 72% -27%Symantec Corporation SYMC Perform $24.87 641 15,933 17,988 13% 12% 4.7X 4.0X 24.6X 15.8X — 22.6X 89% 28%Check Point Software CHKP Perform $75.51 175 13,200 9,492 6% 6% 5.5X 5.2X 16.9X 15.6X 10.2X 9.6X 89% 54%Proofpoint, Inc. PFPT — $76.12 47 3,590 3,534 37% 29% 9.7X 7.6X — — — 44.9X 75% 2%Imperva, Inc. IMPV — $44.25 33 1,455 1,200 8% 20% 4.8X 4.0X — — — — 79% -10%CyberArk Software CYBR — $50.87 36 1,821 1,584 32% 22% 7.5X 6.1X 48.2X 39.4X 30.3X 22.3X 87% 23%Qualys, Inc. QLYS — $35.64 38 1,359 1,145 21% 19% 5.8X 4.9X 45.2X 38.3X 23.4X 18.5X 80% 24%Varonis Systems, Inc. VRNS — $29.01 29 852 743 26% 19% 4.7X 3.9X — — — — 91% -5%AVG Technologies AVG — $24.87 56 1,385 1,497 2% -4% 3.4X 3.6X 12.9X 11.6X 17.1X 13.5X 86% 30%Guidance Software, Inc. GUID — $5.72 29 168 155 3% 7% 1.4X 1.3X — — — — 69% -8%Trend Micro TMICY — $34.78 138 4,789 3,578 25% 14% 2.8X 2.4X 26.4X 23.4X 13.3X 8.9X 83% 22%Barracuda Networks, Inc. CUDA — $23.89 53 1,263 1,100 11% 6% 3.2X 3.0X 40.2X 39.6X 22.0X 18.0X 80% 13%Mimecast Limited MIME — $15.11 58 871 768 — 23% 4.7X 3.8X — — — — 75% -1%Cisco CSCO — $31.31 5,067 158,648 121,535 -1% 3% 2.5X 2.4X 13.1X 12.6X 10.5X 9.0X 63% 31%SecureWorks SCWX — $12.60 80 1,008 895 — 20% 2.1X 1.8X — — — — 53% -10%
Max: 40% 32% 9.7X 7.6X 48.2X 45.1X 30.3X 44.9X 91% 54%Security Software Mean: 20% 17% 4.7X 4.0X 28.4X 28.2X 18.1X 20.5X 78% 9%Min: -1% -4% 1.4X 1.3X 12.9X 11.6X 10.2X 8.9X 53% -27%
EV/Revs P/E EV/FCF Margin 2016Rev. Y/Y%Security Software Ticker Rating
-
6969
Security Our Top Sector Pick in Infrastructure Software Multi-year security investment cycle driven by IT, economic, and behavioral change: cloud, mobile, big data,
social. Security spending outpacing IT spending growth. Increases from 3.2% to 4.9% of total IT spend 2013 to 2020. Security stock trends: Security outperformed the S&P 500 by 64% in the last 3 years. Spending areas: Network Security (NGFW, ATP), Endpoint (NGEP), Analytics, Identity, Services
Security Spend (Phase 1): 2013-2015. Growth at the Beginning of the Cycle: Network Security (NGFW, ATP) Security spending: growth increases from 6% to 9% Y/Y USD 2013-2015 Stock performance: Security stock index peaks at 142% return (1/13 to 7/15) versus 48% for the S&P 500. strong
network security performance (PANW FTNT CHKP FEYE) Major drivers: Network Security (NGFW, ATP)
Security Spend (Phase 2): 2015-2016. Spending Easing and Diversifying (NGEP, Identity, Analytics/Visibility) Security spending: growth easing to 8% Y/Y Stock performance: Security stock index down 12% from its 7/15 peak versus 2% for the S&P 500, network security
stocks weaker, diversified outperformers (PFPT CYBR SYMC RPD QLYS) Major Drivers: Next-Gen Endpoint, Identity, Analytics/Visibility, Services. Question: Will network security vendors consolidate these functions into a “platform”? What about SYMC/BlueCoat?
Security Spend (Phase 3): 2017+ Impact of Cloud& SDN?(+) Increased firewall demand, other cloud driven products(+) Opportunity to provide hybrid and cloud based security, new needs for visibility and automation(-) Increased competition with native cloud service provider (CSP) and third party competitors(-) Uncertain economics of cloud/software based products versus current on prem offerings
Conclusions: We’ve come past the period of the strongest security growth, driven by network security spending. Strong growth opportunities remain, but enterprises need help:
a) getting value out of the wide array of security product categories b) managing the transition to cloud
Three Phases Of A Multi-Year Security Spending CycleGrow th, Diversification, Cloud
Source: Gartner, FactSet, Raymond James
-
7070
Security Spending Outpacing ITSecurity Spend Growth Well Above Total IT Spend, With Signs Of
Resiliency
6%
8%
9%
8% 8%7% 7% 6%
0%
2%
-5%
0%
3% 3% 3% 3%
-8%
-6%
-4%
-2%
0%
2%
4%
6%
8%
10%
2013 2014 2015 2016 2017 2018 2019 2020
Enterprise Security Growth vs. Total IT Growth (Y/Y%)
Enterprise & Networking Spending (ΔY/Y%) IT Spending (ΔY/Y%)
Source: Gartner, Raymond James
PresenterPresentation NotesLABEL: SECURITY SPENDING , CHECK
Pt 2: Strong multi-year/secular growth market growing well above inflation/IT spend for years to come. What are the CISO’s saying?
-
7171
Security Becoming A Bigger Piece Of Overall IT Spending
Source: Gartner, Raymond James: Total security spending divided by IT spending
3.2%
3.5%
3.9%
4.1%4.3%
4.5%
4.7%
4.9%
2.5%
3.0%
3.5%
4.0%
4.5%
5.0%
2013 2014 2015 2016 2017 2018 2019 2020
Security as a % of IT Spend
Security % of IT Spend
PresenterPresentation NotesPt. 1: Spending increasingDEfFINE TERMS
-
72
Security Stock Performance Security Outperformed the S&P 500 by 64% last three years
72
80
100
120
140
160
180
200
220
240
1/02/2013 5/06/2013 9/05/2013 1/07/2014 5/09/2014 9/10/2014 1/12/2015 5/14/2015 9/15/2015 1/15/2016 5/18/2016 9/19/2016
RJ Security Software Index
RJ Security Software Index S&P 500
Source: FactSet, Raymond James
64%
RJ Security Software Index: CHKP, PANW, SYMC, SPLK, FTNT, GUID, TMICY, IMPV, QYLS, PFPT
PresenterPresentation NotesMT: What do you want to say for the subtitle? Used what Jeremy said on the table of contents. – AD
Add this to the footnote: RJ Security Software Index includes: CHKP, PANW, SYMC, SPLK, FTNT, GUID, TMICY, IMPV, QYLS, PFPT.
-
73
Security Stock Performance Last 3 Years Strong Security Performance Across the Board
73 Source: FactSet, Raymond James
15%
33%
52%59%
67%73%
100%
134%
152%
183%
0%
50%
100%
150%
200%
TMICY SYMC S&P 500 CHKP IMPV FTNT SPLK Sec. Avg. QLYS PANW PFPT
Security Software Performance (1/1/13 - 9/22/16)
522%
PresenterPresentation NotesMT: What do you want to say for the subtitle? Used what Jeremy said on the table of contents. – AD
Add this to the footnote: RJ Security Software Index includes: CHKP, PANW, SYMC, SPLK, FTNT, GUID, TMICY, IMPV, QYLS, PFPT.
-
74
Security: Our Top Sector Pick in Infrastructure SoftwareInvestment Themes: Network Security, Endpoint, Visibility, Identity, Services
1. Network security: Next Gen Firewall (NGFW) and ATP. Midway through the NGFW upgrade & refresh cycle with ATP (e.g. Palo Alto Wildfire), boosting the cycle.– Palo Alto (PANW/Outperform): Next Gen Firewall leader, enterprise leader, expanding platform and end markets– Fortinet (FTNT/Outperform): SMB/UTM leader, very strong in carrier and investing in enterprise– Check Point (CHKP/Market Perform) : Enterprise leader, huge installed base, fast follower in NGFW– Proofpoint (PFPT/Not Rated): Email and email ATP Security.– Cisco (CSCO/Outperform by Simon Leopold): Network equipment giant prioritizing security and making acquisitions
(Sourcefire, etc).– FireEye (FEYE/Market Perform): Network ATP bought into services with Mandiant, product outlook uncertain
2. Endpoint: Next-Gen Endpoint (NGEP) Disrupting Core AV Market. AV market is mature but we see opportunity in the shift and potential expansion of budget dollars to Next-Gen Endpoint technology to supplement or replace AV and extend to proliferating Internet of Things (IoT) devices.– Endpoint and consolidated vendors: SYMC/BC (Market Perform): While the Antivirus/Endpoint leader faces major risks as
budgets shift away from traditional endpoint, it could also be a big opportunity if they are able to execute on an ambitious NGEP roadmap.
– Expanding Network Security Vendors: PANW Traps, CHKP Capsule, FTNT FortiClient, FEYE HX Series, GUID (NR)– Private Pure-Play Vendors: Tanium, Cylance, CrowdStrike, SentinelOne, Bromium, Invincea
3. Visibility & Automation: SIEM, Analytics, NAC: Customers are recognizing the need to deploy advanced security analytics across the sea of “big security data” coming in from enterprise infrastructures and make their spending on security smarter
– Splunk (SPLK/Market Perform) : “Big data” pioneer with a broad horizontal platform and increasing mix of security use cases (~40% of revenue). Recent acquisitions into UBA indicate commitment and vision in security.
– Rapid7 (RPD/Market Perform): Vulnerability Management leader with newly launched security analytics product UserInsight aimed at important User Behavior Analytics. Rapid7 has been building an emerging security services practice with hires from Mandiant and TrustWave.
– Symantec (SYMC/Market Perform): Targeted analytics including UBA.– Other Public Vendors: PANW (Outperform) AutoFocus, FEYE (Market Perform) Threat Analytics Platform TAP
4. Identity: Security Beyond The Perimeter. Identity becomes key an IT world beyond the firewall : services in the cloud, employees in the coffee shop.
– Private Vendors: Okta, Ping, Sailpoint, Centrify.5. Services: Closing the Security Skills Gap. IEnterprises do not have in-house skills to manage infrastructure and respond to intrusions, driving
demand for managed security services, assessments and incident response.– SecureWorks (SCWX/Not rated) – Solution Provders, Systems Integrators
74
-
7575
Security Spend: Phase 1 (2013-14)Accelerating Spending Phase
6%
8%
9%
8% 8%
7% 7% 6%
3%
4%
5%
6%
7%
8%
9%
10%
2013 2014 2015 2016 2017 2018 2019 2020
Enterprise Security Spend Growth (Y/Y%)
Enterprise Security Spend Growth (ΔY/Y%)
Major drivers: Network Security (NGFW, ATP)
Source: Gartner, Raymond James
-
7676
Security Spend: Phase 1 (2013-14)Firewall Drives Acceleration in Security Spend
1Q14 2Q14 3Q14 4Q14 1Q15 2Q15 3Q15 4Q15 2014 2015Palo Alto Networks 49% 59% 50% 54% 55% 59% 55% 54% 53% 56%Check Point 6% 7% 8% 9% 9% 9% 9% 9% 7% 9%Cisco Security -12% 6% 5% 6% 14% 4% 6% 8% 2% 7%Fortinet 24% 25% 25% 26% 26% 30% 35% 32% 25% 27%Juniper Security -2% -11% -16% -39% -31% -4% -1% 20% -18% -6%Total 6% 12% 11% 9% 14% 16% 18% 21% 10% 17%
Y/Y% Growth Y/Y% GrowthCompany
6%
12%
11%
9%
14%
16%
18%
21%
18%17%
13%14%
0%
5%
10%
15%
20%
25%
1Q14 2Q14 3Q14 4Q14 1Q15 2Q15 3Q15 4Q15 1Q16 2Q16 3Q16E 4Q16E
Public Vendor Firewall Revenue Growth (Y/Y%)
Source: Gartner, Raymond James
PresenterPresentation NotesWhere is the acceleration coming from? NGFW. NGFW accelerates from 6% in 1Q14 to 21% in 4Q15. Leader PANW XXX
-
77
80
90
100
110
120
130
140
150
160
170
180
9/20/2013 2/05/2014 6/20/2014 11/03/2014 3/20/2015 8/04/2015 12/16/2015 5/03/2016 9/15/2016
RJ Security Software Index
Phase 1: Breaches dominate headlines, NGFW upgrade cycle, “Catch-up” security spend, point solutions thrive
RJ Security Software Index
Security Stock Performance: Phase 1 (2013-14)Strong Security Stock Performance
77
Large NGFW upgrades and “Catch Up” security spend
Breaches dominate headlines, point solutions thrive
Sell off in high growth tech stocks
Source: FactSet, Raymond James
PresenterPresentation Notes12/13/2013 Target 70M – accounts affected; credit and debit cards, names, email addresses stolen09/02/2014 Home Depot 56M – credit card numbers, email addresses08/28/2014JPMorgan Chase76M – households, 83M (including 7M small businesses) – email addresses, physical addresses11/25/2014Sony 47M – proprietary information, employee details02/05/2015Anthem80M – names, e-mail addresses, medical IDs, social security numbers, addresses05/18/2016LinkedIn117M – email, hash password combinations stolen (in 2012 6.5M passwords/emails were stolen)09/22/2016 Yahoo500M – names, email addresses, DOBs, telephone numbers, encrypted passwords
Increase in security spend reflected in security software stocks –Spend accelerated into 2015, then eased up. Security stocks gained during the same time period. Initially breaches dominate headlines but, investors buy security stocks but business impact to vendors was delayed. Board level discussions begin, spend accelerates in 2014 driven by a NGFW upgrade cycle and “catch up” security.
-
78
Security Stock Performance: Phase 1 (2013-14)Phase 1 Stock Performance Led By Firewall Stocks (and PFPT)
78 Source: FactSet, Raymond James
5%16%
36%
68%
99%
114% 116%123%
132%
236%
0%
50%
100%
150%
200%
250%
SYMC TMICY S&P 500 CHKP SPLK QLYS FTNT IMPV Sec. Avg. PANW PFPT
Security Software Performance (1/1/13- 9/22/15) 409%
PresenterPresentation NotesMT: What do you want to say for the subtitle? Used what Jeremy said on the table of contents. – AD
Add this to the footnote: RJ Security Software Index includes: CHKP, PANW, SYMC, SPLK, FTNT, GUID, TMICY, IMPV, QYLS, PFPT.
-
7979
Security Spend: Phase 2 (2015-16)Security Spend Eases But Still Well Above 2013 Levels
CISO Take: Budgets will continue to expand but at a slightly lower rate than last year. Spending diversifying into endpoint, analytics, identity, services. Also, saying vendors have to do a better job of communicating the value of security. CISOs saying lack of resources/headcount could strain product spend.
6%
8%
9%
8% 8%
7% 7% 6%
3%
4%
5%
6%
7%
8%
9%
10%
2013 2014 2015 2016 2017 2018 2019 2020
Enterprise Security Spend Growth (Y/Y%)
Enterprise Security Spend Growth (ΔY/Y%)
Source: Gartner, Raymond James
-
8080
Security Spend: Phase 2 (2015-16)Firewall/Network Security Spending Easing
6%
12%
11%
9%
14%
16%
18%
21%
18%17%
13%14%
0%
5%
10%
15%
20%
25%
1Q14 2Q14 3Q14 4Q14 1Q15 2Q15 3Q15 4Q15 1Q16 2Q16 3Q16E 4Q16E
Public Vendor Firewall Revenue Growth (Y/Y%)
1Q14 2Q14 3Q14 4Q14 1Q15 2Q15 3Q15 4Q15 1Q16 2Q16 3Q16E 4Q16E 2014 2015 2016EPalo Alto Networks 49% 59% 50% 54% 55% 59% 55% 54% 48% 41% 35% 31% 53% 56% 38%Check Point 6% 7% 8% 9% 9% 9% 9% 9% 9% 7% 5% 3% 7% 9% 6%Cisco Security -12% 6% 5% 6% 14% 4% 6% 8% 10% 10% 8% 12% 2% 7% 10%Fortinet 24% 25% 25% 26% 26% 30% 35% 32% 34% 30% 24% 22% 25% 27% 27%Juniper Security -2% -11% -16% -39% -31% -4% -1% 20% -21% -7% -15% -11% -18% -6% -13%Total 6% 12% 11% 9% 14% 16% 18% 21% 18% 17% 13% 14% 10% 17% 15%
Company Y/Y% GrowthY/Y% Growth
Source: FactSet, Company Filings, Raymond James
PresenterPresentation NotesWhere is the acceleration coming from? NGFW. NGFW accelerates from 6% in 1Q14 to 21% in 4Q15. Leader PANW XXX
-
8181
Security Spend: Phase 2 (2015-16)Spend Diversifying Beyond Firewall
Spending diversifying: Identity, SIEM/Analytics, NGEP, Services
7%
9%
14%
9%
7%
6%5%
4%
5%
7%7% 7%
8%7% 8%
8%
0%
2%
4%
6%
8%
10%
12%
14%
16%
2013 2014 2015 2016 2017 2018 2019 2020
Firewall vs. Other Enterprise Security Spend (Y/Y%)
Firewall (ΔY/Y%) Enterprise Security (ΔY/Y%)
Source: Gartner, Raymond James
PresenterPresentation NotesSo we saw in Phase 1 FW drove accelerated growth. In Phase 2, FW slows but is offset by accelerated growth in emerging markets such as NGEP, Identity, & Analytics.
-
82
Security Stock Performance: Phase 2 (2015-16)
82
80
90
100
110
120
130
140
150
160
170
180
9/20/2013 2/05/2014 6/20/2014 11/03/2014 3/20/2015 8/04/2015 12/16/2015 5/03/2016 9/15/2016
RJ Security Software Index
Phase 1: Breaches dominate headlines, NGFW upgrade cycle, “Catch-up” security spend, point solutions thrive
RJ Security Software Index
Large NGFW upgrades and “Catch Up” security spend
Breaches dominate headlines, point solutions thrive
Sell off in high growth tech stocks
Phase 2: Network Slows, macro concerns, spend diversifies
Source: FactSet, Raymond James
PresenterPresentation NotesIncrease in security spend reflected in security software stocks –Spend accelerated into 2015, then eased up. Security stocks gained during the same time period. Initially breaches dominate headlines but, investors buy security stocks but business impact to vendors was delayed. Board level discussions begin, spend accelerates in 2014 driven by a NGFW upgrade cycle and “catch up” security.
-
83
Security Stock Performance: Phase 2 (2015-16)Network security stocks trail the group
83 Source: FactSet, Raymond James
-57%
-40%
-21%
-16%-13%
-9% -6%-4% -4%
0%2%
10%13% 13%
22%26%
-60%
-55%
-50%
-45%
-40%
-35%
-30%
-25%
-20%
-15%
-10%
-5%
0%
5%
10%
15%
20%
25%
30%
FEYE IMPV FTNT PANW GUID CUDA Sec. Avg. CHKP CYBR TMICY SPLK RPD S&P 500 QLYS PFPT SYMC
Security Software LTM Performance (9/22/15 - 9/22/16)
Security stocks are down 6% LTM versus the S&P up 13%, breaches less prominent
Network security stocks underperforming as spending diversifies New areas of spending priority: Identity, NGEP, “Visibility” (SIEM/Analytics,
NAC), Analytics, Automation, Services Network security vendors strategize to become “platforms”—M&A picks up.
PresenterPresentation NotesMT: What do you want to say for the subtitle? Used what Jeremy said on the table of contents. – AD
Add this to the footnote: RJ Security Software Index includes: CHKP, PANW, SYMC, SPLK, FTNT, GUID, TMICY, IMPV, QYLS, PFPT.
-
84
0
5
10
15
20
25
30
35
2013-2014 2015-2016
Security Acquisitions
Security Acquisitions
M&A Picks Up—Building Security Platforms?
84 Source: FactSet, Raymond James
Security Software Acquisitions (2013-2016) Revenue EV/Rev RevenueAnnounced Target Acquirer Value (TTM) (TTM) Growth (%)
Sep-16 Infoblox (BLOX) Vista Equity Partners 1,600 358 4.5X 3%Sep-16 Palerra Oracle — — — —Sep-16 McAfee TPG 4,200 2,174 1.9X 5%Jul-16 Imprivata Thoma Bravo 544 125 4.4X —Jul-16 AVG Technologies (AVG) Avast 1,385 433 3.2X 4%Jun-16 CloudLock Cisco Systems, Inc. 293 13 22.2X —Jun-16 Blue Coat Symantec 4,650 755 6.2X 15%Jun-16 Ping Identity Vista Equity Partners 600 100 6.0X —Feb-16 Resilient Systems IBM 145 10 14.5X —Feb-16 Invotas FireEye 20 — — —Jan-16 iSIGHT Partners FireEye 200 40 5.0X —Dec-15 Cyveillance LookingGlass 35 18 1.9X —Nov-15 Elastica Blue Coat 280 0 681.3X —Nov-15 Secure Islands Microsoft 85 8 10.6X —Nov-15 Bloxx Akamai 19 5 3.7X —Oct-15 McAfee assets Raytheon Websense — — — —Oct-15 Lancope Cisco Systems, Inc. 453 75 6.0X —Oct-15 TippingPoint (HP) Trend Micro 300 169 1.8X —Oct-15 Logentries Rapid7 68 — — —Sep-15 Adallom Microsoft 250 — — —Aug-15 Xceedium CA Technologies 100 15 6.7X —Jul-15 Perspecsys Blue Coat 45 3 13.3X —Jul-15 Caspida Splunk 190 2 95.0X —Jun-15 OpenDNS Cisco Systems, Inc. 635 25 25.4X —Jun-15 IdMlogic CA Technologies 25 4 6.3X —Apr-15 Trustwave Singtel 770 216 3.6X —Apr-15 Lacoon Check Point Software 80 1 — —Mar-15 Xerocole Akamai — — — —Feb-15 Hyperwise Check Point Software 80 — — —Feb-15 Voltage Security HP 175 35 5.0X —Dec-14 Tripwire Belden 710 147 4.8X 6%Aug-14 SailPoint Technologies Thoma Bravo 300 60 5.0X —May-14 nPulse FireEye 70 — — —Mar-14 Cyvera Palo Alto Networks 200 — — —Jan-14 AirWatch VMware 1540 100 15.4X —Jan-14 Mandiant FireEye 989 100 9.9X 50%Dec-13 Prolexic Akamai 370 50 7.4X 30%Sep-13 Versafe F5 Networks — — — —Aug-13 Trusteer IBM 900 35 25.7X —Jul-13 Sourcefire Cisco Systems, Inc. 2,700 244.5 11.0X 25%Jul-13 Aveksa EMC Corp. 225 25 9.0X —May-13 Solera Networks Blue Coat 223 12 18.6X —May-13 Websense (WBSN) Vista Equity Partners 911 359 2.5X 0%May-13 Stonesoft Intel (McAfee) 389 53 7.4X —
-
85
CISO Feedback Less Network More Endpoint, Analytics, Identity, Services
85
Consensus: After years of investment in network/NGFW, spend is shifting to NGEP, Analytics/Visibility, Automation, Identity, and Services.
Network: “Spending less on network, seeing the perimeter dissolve” “I don’t see network as an investment area of new dollars” “Network growth rate will be lower than everything else”
Endpoint: “Antivirus is commoditizing, looking for a way to move off the old
model and trying to adopt Microsoft SCEP or get rid of AV entirely with NGEP”
Analytics: “Drowning in too much data. Trying to figure out how to turn it
into something meaningful.” “Analytics a top conversation but not top spend yet.”
Source: Raymond James
-
86
CISO Feedback “Less Network, More Endpoint, Analytics, Identity and Services”
86
Identity: “Identity is the new perimeter” “1/3rd of budget will be identity” “Identity is highest priority and spend will go up a lot”.
Security Services and VAR “We need a trusted advisor to filter through the noise in the
market and act as a gatekeeper. Identify the emerging vendors.” “Seeing uptick in cost of labor and need for bodies to keep the
lights on from a security perspective.”
“Lack of resources and headcount putting a strain on product spend”
-
87
Phase 3: The Cloud Is Coming
87
Good Cloud or Bad Cloud?
(+) Near term: Increased firewall demand, other cloud driven products(+) Long term: opportunity to provide hybrid and cloud based security, new needs for visibility and automation(-) Long Term: increased competition with native cloud service provider (CSP) security offerings(-) Long Term: increased competition with cloud based third party competitors and other “disruptors”(-) Long Term: uncertain economics of cloud/software based products versus current on prem offerings
CISO’s are mixed in their views of cloud adoption rate, and cloud security options—uncertainty could slow overall security spend.
-
8888
17.45.7
31.9
55.170.0
14.9
75.7
160.7
020406080
100120140160180
IaaS PaaS SaaS Total
$ Bi
llion
s
Cloud Spending2015-2020
2015 2020
• Gartner expects cloud to grow at 24% CAGR through 2020 versus 5% for IT• IaaS is expected to grow the fastest of the three groups at a 32% CAGR• Growth in IaaS will mean changes for how enterprises architect security—and for vendors
Source: Garner, Raymond James
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
Good or Bad, Cloud Is Coming—IaaS Getting Bigger
-
8989
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
(+) Near Term Positive: More Security Product Demand
Increased Firewall Demand •Data Center & Firewall Capacity Upgradeso Cloud services helping drive DC bandwidth and firewall capacity upgrades (Palo Alto,
Fortinet, Check Point, Cisco, Juniper)• Next Gen Firewall (NGFW) Upgrade Cycleo Employee use of cloud services drives the need for NGFW application controlo Employee mobility and remote access drives the need for NGFW user/identity control
• Network Security Virtual Editionso Both cloud and SDN (Palo Alto, Check Point, Fortinet, Cisco). Early stage, just 5% of revenue
today
Other Cloud Driven Products: • Advanced Threat Protection (ATP) : more cloud use, more exposure (FireEye, Palo Alto, Proofpoint)• Web Application Firewall (WAF) including cloud based WAFs (Imperva, F5, Akamai, BlueCoat, ForcePoint, Fortinet): more web applications• IAM/IDaaS: Mobility and multi-cloud use driving demand for security beyond the perimeter (Okta, Ping, Centrify, Azure Active Directory)• Cloud Access Security Broker (CASB): control of SaaS applications (BC/Elastica, SkyhighNetworks, Palo Alto Aperture, CipherCloud, Microsoft/Adallom, Imperva Skyfence, Oracle/Palerra)• Secure Web Gateway (SWG) and Email Gateway (SEG): Symantec/BlueCoat, ForcePoint, Zscaler, Cisco)
-
9090
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
(+) Other Long Term Positives
• Third Party Virtual Firewall Advantages versus native CSP network securityo Better for "mode 1" enterprise workloads (Gartner)o Next gen firewall capabilities (app control, user control, IPS)o More robust firewall policy and micro-segmentation capabilitieso Consistent policy across the hybrid enterprise environments (on
prem/off prem, hardware based/SDN) and "multi-cloud"
• Need for visibility in the cloudo Positive for log management/analytics SIEM: Splunk Rapid7
• Need for automation in the cloudo Positive for Puppet, Chef, Ansible
• Need to focus on application layer securityo Positive for whitelisting vendors
-
9191
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
(-) Long Term Threats: Native CSP Offerings
Cloud Service Providers (CSPs: AWS, Azure, GCP) Offering Increasing Scope Of Security
• Basic layer 3 network security (port blocking, IP address control):o Amazon EC2 Security Groups, Amazon Virtual Private Cloudo Microsoft Azure Security Groups, Vnet, GCP Virtual Networko Gartner says these native security capabilities "suffice for smaller
organizations" and for "mode 2" workloads
• CASBo Microsoft Cloud App Security
• Identity as a Service (IDaaS)o Azure Active Directory, AWS IAM, AWS Key Management
• WAFo AWS WAF
• Monitoringo AWS Cloud Watch Cloud Trail (API) Azure Advanced Threat Analytics
-
9292
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
(-) Long Term Threats: Competition From Cloud and Other Security “Disruptors”
Incumbent on prem security vendors will face competition from third party cloud-based security vendors as well as from CSPs themselves. This could also be an opportunity to build/buy into this space, e.g., Symantec buying Bluecoat
• Secure Web Gatewayo Symantec, Zscaler, Barracuda, Cisco Cloud Web Security, ForcePoint, Intel, Zscaler, Akamai
• Emailo Proofpoint, Symantec, ForcePoint
• WAFo Bluecoat/Symantec, Akamai
• CASBo Skyhigh, CipherCloud, BlueCoat/Elastica, Microsoft Cloud App Security, Imperva Skyfence,
Oracle Palerra
• Firewall aaSo Level3, Zscaler
• OS and Software Defined Firewallso Illumio, vArmour, VMware NSX, Catbird
-
9393
Phase 3: Cloud Impact On Security Vendors: Near-term (+), Long-term (+/-)
(-) Long Term Threats: Uncertain Cloud Economics
Virtual edition firewalls that can run in the cloud are available from Palo Alto, Check Point, Fortinet, but the ultimate economics compared to on premise
appliances are a risk
• Advantages versus native CSP network securityo Better for "mode 1" enterprise workloads (Gartner)o Next gen firewall capabilities (app control, user control, IPS)o More robust firewall policy and micro-segmentation capabilitieso Consistent policy across the hybrid enterprise environments (on prem/off
prem, hardware based/SDN)
• ASPs: However with virtual edition firewalls are typically lower throughput, so ASPs will likely be lower than for larger appliances.
• Licensing: Other software vendors have seen licensing pressure in the cloud where there are more but smaller workloads (e.g., New Relic)
-
94
CISO Feedback Mixes Uncertainty could slow overall security spend
94
Cloud commentary: “There is pressure on CIO’s to reduce their costs, only way to get
there is by moving to the cloud.” “Slow to adopt the cloud, just applications” “There aren’t a lot of cloud security vendors I would invest in right
now. No vendors in the space.” “Struggling with segmentation in the cloud.” “Still need local firewalls, spend will still be on network. Won’t stop
investment but probably will not refresh as often.“
-
9595
Security Our Top Sector Pick in Infrastructure Software Multi-year security investment cycle driven by IT, economic, and behavioral change: cloud, mobile, big data,
social. Security spending outpacing IT spending growth. Increases from 3.2% to 4.9% of total IT spend 2013 to 2020. Security stock trends: Security outperformed the S&P 500 by 64% in the last 3 years. Spending areas: Network Security (NGFW, ATP), Endpoint (NGEP), Analytics, Identity, Services
Security Spend (Phase 1): 2013-2015. Growth at the Beginning of the Cycle: Network Security (NGFW, ATP) Security spending: growth increases from 6% to 9% Y/Y USD 2013-2015 Stock performance: Security stock index peaks at 142% return (1/13 to 7/15) versus 48% for the S&P 500. strong
network security performance (PANW FTNT CHKP FEYE) Major drivers: Network Security (NGFW, ATP)
Security Spend (Phase 2): 2015-2016. Spending Easing and Diversifying (NGEP, Identity, Analytics/Visibility) Security spending: growth easing to 8% Y/Y Stock performance: Security stock index down 12% from its 7/15 peak versus 2% for the S&P 500, network security
stocks weaker, diversified outperformers (PFPT CYBR SYMC RPD QLYS) Major Drivers: Next-Gen Endpoint, Identity, Analytics/Visibility, Services. Question: Will network security vendors consolidate these functions into a “platform”? What about SYMC/BlueCoat?
Security Spend (Phase 3): 2017+ Impact of Cloud& SDN?(+) Increased firewall demand, other cloud driven products(+) Opportunity to provide hybrid and cloud based security, new needs for visibility and automation(-) Increased competition with native cloud service provider (CSP) and third party competitors(-) Uncertain economics of cloud/software based products versus current on prem offerings
Conclusions: We’ve come past the period of the strongest security growth, driven by network security spending. Strong growth opportunities remain, but enterprises need help:
a) getting value out of the wide array of security product categories b) managing the transition to cloud
Three Phases Of A Multi-Year Security Spending CycleGrow th, Diversification, Cloud
Source: Gartner, FactSet, Raymond James
-
9696
Thank You
If you would like to be added to our security researchdistribution list, please send an email to:
Michael TuritsManaging Director, Equity Research
Infrastructure SoftwareO: 212.297.5617 | M: 917.601.7404
-
97© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863 97
Raymond James & Associates (RJA) is a FINRA member firm and is responsible for the preparation and distribution of research created in the United States. Raymond James & Associates is located at The Raymond James Financial Center, 880 Carillon Parkway, St. Petersburg, FL 33716, (727) 567-1000. Non-U.S. affiliates, which are not FINRA member firms, include the following entities that are responsible for the creation and distribution of research in their respective areas: in Canada, Raymond James Ltd. (RJL), Suite 2100, 925 West Georgia Street, Vancouver, BC V6C 3L2, (604) 659-8200; in Latin America, Raymond James Argentina S.A., San Martin 344, 22nd Floor, Buenos Aires, C10004AAH, Argentina, +54 11 4850 2500; in Europe, Raymond James Euro Equities SAS (also trading as Raymond James International), 40, rue La Boetie, 75008, Paris, France, +33 1 45 64 0500, and Raymond James Financial International Ltd., Broadwalk House, 5 Appold Street, London, England EC2A 2AG, +44 203 798 5600.
This document is not directed to, or intended for distribution to or use by, any person or entity that is a citizen or resident of or located in any locality, state, country, or other jurisdiction where such distribution, publication, availability or use would be contrary to law or regulation. The securities discussed in this document may not be eligible for sale in some jurisdictions. This research is not an offer to sell or the solicitation of an offer to buy any security in any jurisdiction where such an offer or solicitation would be illegal. It does not constitute a personal recommendation or take into account the particular investment objectives, financial situations, or needs of individual clients. Past performance is not a guide to future performance, future returns are not guaranteed, and a loss of original capital may occur. Investors should consider this report as only a single factor in making their investment decision.
For clients in the United States: Any foreign securities discussed in this report are generally not eligible for sale in the U.S. unless they are listed on a U.S. exchange. This report is being provided to you for informational purposes only and does not represent a solicitation for the purchase or sale of a security in any state where such a solicitation would be illegal. Investing in securities of issuers organized outside of the U.S., including ADRs, may entail certain risks. The securities of non-U.S. issuers may not be registered with, nor be subject to the reporting requirements of, the U.S. Securities and Exchange Commission. There may be limited information available on such securities. Investors who have received this report may be prohibited in certain states or other jurisdictions from purchasing the securities mentioned in this report. Please ask your Financial Advisor for additional details and to determine if a particular security is eligible for purchase in your state.
The information provided is as of the date above and subject to change, and it should not be deemed a recommendation to buy or sell any security. Certain information has been obtained from third-party sources we consider reliable, but we do not guarantee that such information is accurate or complete. Persons within the Raymond James family of companies may have information that is not available to the contributors of the information contained in this publication. Raymond James, including affiliates and employees, may execute transactions in the securities listed in this publication that may not be consistent with the ratings appearing in this publication.
Additional information is available on request.
Analyst Information Registration of Non-U.S. Analysts: The analysts listed on the front of this report who are not employees of Raymond James & Associates, Inc., are not registered/qualified as
research analysts under FINRA rules, are not associated persons of Raymond James & Associates, Inc., and are not subject to NASD Rule 2711 and NYSE Rule 472 restrictions on communications with covered companies, public companies, and trading securities held by a research analyst account.
Analyst Holdings and Compensation: Equity analysts and their staffs at Raymond James are compensated based on a salary and bonus system. Several factors enter into the bonus determination including quality and performance of research product, the analyst's success in rating stocks versus an industry index, and support effectiveness to trading and the retail and institutional sales forces. Other factors may include but are not limited to: overall ratings from internal (other than investment banking) or external parties and the general productivity and revenue generated in covered stocks.
-
98© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863 98
-
99© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863 99
-
100© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863 100
Additional Risk and Disclosure information, as well as more information on the Raymond James rating system and suitability categories, is available at rjcapitalmarkets.com/Disclosures/index Copies of research or Raymond James’ summary policies relating to research analyst independence can be obtained by contacting any Raymond James & Associates or Raymond James Financi Services office (please see raymondjames.com for office locations) or by calling 727-567-1000, toll free 800-237-5643 or sending a written request to the Equity Research Library, Raymond James & Associates, Inc., Tower 3, 6th Floor, 880 Carillon Parkway, St. Petersburg, FL 33716.
For clients in the United Kingdom:
For clients of Raymond James & Associates (London Branch) and Raymond James Financial International Limited (RJFI): This document and any investment to which this document relates is intended for the sole use of the persons to whom it is addressed, being persons who are Eligible Counterparties or Professional Clients as described in the FCA rules or persons described in Articles 19(5) (Investment professionals) or 49(2) (High net worth companies, unincorporated associations etc.) of the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005 (as amended) or any other person to whom this promotion may lawfully be directed. It is not intended to be distributed or passed on, directly or indirectly, to any other class of persons and may not be relied upon by such persons and is therefore not intended for private individuals or those who would be classified as Retail Clients.
For clients of Raymond James Investment Services, Ltd.: This report is for the use of professional investment advisers and managers and is not intended for use by clients.
For purposes of the Financial Conduct Authority requirements, this research report is classified as independent with respect to conflict of interest management. RJA, RJFI, and Raymond James Investment Services, Ltd. are authorised and regulated by the Financial Conduct Authority in the United Kingdom.
For clients in France:
This document and any investment to which this document relates is intended for the sole use of the persons to whom it is addressed, being persons who are Eligible Counterparties or Professional Clients as described in “Code Monétaire et Financier” and Règlement Général de l’Autorité des Marchés Financiers. It is not intended to be distributed or passed on, directly or indirectly, to any other class of persons and may not be relied upon by such persons and is therefore not intended for private individuals or those who would be classified as Retail Clients.
For institutional clients in the European Economic Area (EEA) outside of the United Kingdom:
This document (and any attachments or exhibits hereto) is intended only for EEA institutional clients or others to whom it may lawfully be submitted.
For Canadian clients:
This report is not prepared subject to Canadian disclosure requirements, unless a Canadian analyst has contributed to the content of the report. In the case where there is Canadian analyst contribution, the report meets all applicable IIROC disclosure requirements.
Proprietary Rights Notice: By accepting a copy of this report, you acknowledge and agree as follows:
This report is provided to clients of Raymond James only for your personal, noncommercial use. Except as expressly authorized by Raymond James, you may not copy, reproduce, transmit, sell, display, distribute, publish, broadcast, circulate, modify, disseminate or commercially exploit the information contained in this report, in printed, electronic or any other form, in any manner, without the prior express written consent of Raymond James. You also agree not to use the information provided in this report for any unlawful purpose. This is RJA client releasable research
This report and its contents are the property of Raymond James and are protected by applicable copyright, trade secret or other intellectual property laws (of the United States and other countries). United States law, 17 U.S.C. Sec.501 et seq, provides for civil and criminal penalties for copyright infringement. No copyright claimed in incorporated U.S. government works.
-
101© 2016 Raymond James & Associates, Inc., member New York Stock Exchange/SIPC. All rights reserved.
International Headquarters: The Raymond James Financial Center | 880 Carillon Parkway | St. Petersburg, Florida 33716 | 800-248-8863 101
All statements in this report attributable to Gartner represent Raymond James’ interpretation of data, research opinion or viewpoints published as part of a syndicated subscription service by Gartner, Inc., and have not been reviewed by Gartner. Each Gartner publication speaks as of its original publication date (and not as of the date of this research report). The opinions expressed in Gartner publications are
not representations of fact, and are subject to change without notice.
-
Emerald Sponsor: FireEye
Erica Nicholson
PresenterPresentation NotesHeather: Thanks, Michael! Next, I would like to welcome Erica Nicholson from our Emerald Sponsor: FireEye
-
103
PROTECTING BUSINESSES AGAINST TODAY’S CYBER CRIMINALS
COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
Erica NicholsonDistribution Account [email protected]
-
104COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
FireEye Update
Spyware/Bots
FireEye is committed to the Channel• We’ve listened and know we need to be more relevant in the Channel• Streamline sales motions and coverage to maximize channel leverage: make it easier
to do business with FireEye• Stronger than ever Channel Account Management team
Simplifying our message• Products have been too complicated and hard to sell• Providing the best protection with new products
New product roadmap• Want to become less of an appliance-based company and transition to Cloud/hybrid
company• Working on bringing our price point to a more competitive level
Squash those rumors – FireEye is not being acquired• We are trying to build the strongest FireEye yet• Yes we had layoffs but necessary to be profitable and increase stock price
-
105COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.105
New Types of Attack Techniques Evade Traditional Defenses
Firewalls/NGFW
Secure WebGateways
IPSAnti-SpamGateways
Desktop AV
FireEye finds and stops attacks other security products can’t see
PresenterPresentation NotesFor the partners here that aren’t working with FireEye – to fill you in on who we are. FE helps customers protect their most valuable asses from those who mean harm.
We have the Technology: email, network, endpoint and mobile solutionsIntelligence: analysts all over the world studying threats, understand their risk and prioritize themExpertise: help customer resolve incidents quickly and prepare for tomorrow’s attacks
-
106COPYRIGHT © 2016, FIREEYE, INC. ALL RIGHTS RESERVED.
FireEye Product Overview: easier to sell, competitive price point, mid-market
• Email Threat Protection: ETP
• NX Essentials
• MVX Smart Grid (coming soon!)
-
107
FireEye Email Threat Prevention Cloud (ETP)
THE ETP SOLUTIONKEY BENEFITS THE ETP DIFFERENCE
Always up to date cloud service with the latest defenses
No hardware or software to manage
Superior real time protection from email threats
Advanced Threat Intelligence
Dynamic analysis of attachments and URLs
Threat insight to drive response
Email is the #1 attack vector
Cloud Email ServicesETP
ETP integrates seamlessly with other cloud email services such as Microsoft Exchange Online and Gmail
End User
ATIMVX
PresenterPresentation NotesETP is the solution for organizations that wish to fully embrace the cloud. It protects against today's advanced email attacks.
Why ETP Cloud?Cost savings – Cloud-based email service can cost substantially less than maintaining an email infrastructure. No upgrading, add-on installation, or patching – IT teams can avoid mundane maintenance tasks that take up time and resources. They also avoid service outages (both planned and unplanned) often triggered by these tasks. Operational focus – By not having to deploy and maintain their own email infrastructure, enterprises can reduce some labor costs and focus on their core business. Scalability and resource distribution – With cloud-based email, organizations can more easily scale resources as their needs change and optimize how they balance mail traffic and workloads across their network.
ETP has a lower price point (than our other products) and shorter sale cycle (~ 45 days)On average ETP-only deals are: Midmarket - $40-50kSMB - $18-19k
-
108
Network Security (NX Essentials) with IPS
MVX
WEB TRAFFIC CHALLENGES
THE NX ESSENTIALS SOLUTION
KEY BENEFITS THE NX DIFFERENCE
Reduce risk of cyber breach More effective security operations Simple deployment and management
Persistent, targeted attackers Continuously evolving threat
landscape Unmanageable amount of alerts
Accurate detection of genuine attacks with low rate of false positives
Real time protection against unknown attacks (25 / 40 zero-days)
Validation of signature-triggered alerts
Dynamic analysis of web interactions Conventional signature-based defenses Real-time, globally shared intelligence
Web is the #2 attack vector
PresenterPresentation NotesNX Essentials is a cost effective solution that minimizes risk of costly breaches by accurately detecting and stopping advanced cyber attacks. NX Essentials detects both known and unknown attacks with high accuracy, unlike firewalls and AV products.For budget constrained buyers: well suited for mid market space30% lower price than current NX Series High detection accuracy & low false positivesFast deployment for IT Reduces operational overheadStops attacks in real timeAdditional channel incentive: earn significant margin with registering a deal for NX Essentials
-
109
FireEye MVX Smart Grid Architecture: initial launch in OCTOBER
54Net Promoter
Score
PresenterPresentation NotesMVX separation is so important: customers can get the sensor separate from the engine, lowering the cost of ownership.
The NX Appliance is comprised of two core components:Smart Node sensors – that deals with network traffic…filters and takes actionMVX Smart Grid – makes use of data from the sensor to detect exploits & malware. Dynamic analysis.
The MVX Smart Grid architecture consists of two core components: 1) Network Smart Nodes – a scalable customer-premise engine that provides core network security functions to effectively prevent known threats as well as detect and stop advanced, targeted and other evasive attacks while facilitating rapid response to contain the impact of critical security incidents 2) MVX Smart Grid – the centralized MVX infrastructure, deployed in the customer data center and shared by all Network Smart Nodes, to perform core dynamic analysis to detect advanced threats. With this architecture we have successfully managed to separate the core components of the industry-leading Network Security (NX Series) appliance to address the security needs and enhance the security posture of customers.This distributed architecture now enables customers to ensure consistent levels of security across their headquarters, branch and remote offices.
-
110
FireEye MVX Smart Grid Architecture: features and benefits
54Net Promoter
Score
Intelligence-enabled security: real time detection intelligence
Multi-OS support: Windows and Mac + iOS and Android threats
Flexible deployment: physical or cloud-based
Investment protection: convert existing NX appliances to Smart Nodes
Hybrid deployments: Single Central Management console across on-premise and cloud
Real time, retroactive detection: detect known and unknown threats (network, email, file)
Workflow Automation: fast validation and containment of threats
Scalable architecture: scale as you grow different ‘vectors’
High availability: Smart Grid supports load sharing
Security analytics: cloud-based security analytics to identify non-malware events
PresenterPresentation NotesMVX Separation, is a massive accomplishment that enables FireEye to win the broader enterprise and positions us well on the path to gain mid-market traction with more affordable price points. This architecture also makes it easier for partners – who are core to our future – to more easily offer a FireEye solution that is right sized at the right price. All in all, this will help us sell larger transactions at more competitive price points. It further sets us up well for up-sell and cross-sell as we continue to invest in the architecture
-
Elevate Your Business with Westcon Professional Services
Mike O'Neil
PresenterPresentation NotesHeather: Thank you, Erica! Next I want to welcome up, Mike O’Neil to learn more about how you take your security business to the next level with Westcon PS
-
112
Why Does Westcon Offer Services To Our Resellers?
• We believe that our service offerings deliver tangible value to our vendors and reseller customers
• We strive to be the partner that enables our reseller customers to compete for profitable business with services that augment or supplement their existing capabilities.
• Adding services to a product sale allows Westcon-Comstor to offer an end to end solution to your end customer through our partnership with you, our reseller customer
• Westcon-Comstor services are price competitive. Using our services enables you to utilize your higher skilled engineers to generate higher margin business.
-
113
Services Overview
Profit from our experience!Westcon-Comstor Services help to develop opportunities that deliver greater strategic insight, richer margin and longer-term customer engagements through our decades of experience and unique in-house skillsets of engineers, support desks, certifications and global delivery models.
-
114
Education Services
Authorized Training Center For• Check Point Software Technologies• Palo Alto Networks• ForeScout
Reseller Benefits
• Eliminate travel expenses• Sell Westcon training and earn high margins • Train your staff for less• Access to partner training at reduced prices
Westcon Academy• 30 year commitment to channel education• Authorized Training Center helping you meet technical vendor
requirements• Instructor-led Virtual, On-site and Custom training• Certified Instructors are practicing field Engineers• Dedicated labs available for all students
Enabled Learning
-
115
Professional Services
Professional Services Delivered By Westcon• Palo Alto Networks• ForeScout• Blue Coat – Proxy server
Reseller Benefits• All engineers are trained and certified by our
vendors, including shadowing
• Quality and Consistency of service delivery
• Higher margins to resellers with Westcon services Services Include• Implementations (remote or onsite)• Migrations and updates (remote or onsite)• Consultancy • Field based smart-hands labor
Profit From Our Experience
-
116
Support Services
Support Services Delivered By Westcon• Palo Alto Networks
Reseller Benefits• All engineers are trained and certified by our
vendors, including shadowing
• Quality and Consistency of service delivery• Enablement without competition• Improved margins over direct Vendor offers• Eliminates Capex investments related to building,
training, and supporting Vendor requirements
Services Include• Competitively-priced Tier 1 & 2 remote support• Replaces and/or enhances Vendor maintenance• White labeled support direct to the End-User• Escalation ownership to the Vendor• Product Guidance by certified experts• Nationwide 10x5 with 24/7 Emergency Response
-
117
My Ask of You
• Give us an opportunity to demonstrate our service capabilities• Tell your vendor Account Managers that you want to have Westcon services
quoted with your product order
• Provide feedback to Westcon on additional services you would like Westcon to offer
• Contact us as follows:Security Services BDM –
Abayomi Albert ([email protected]) – 720-955-0253
E-mail request – [email protected]
mailto:[email protected]
-
Managing A Enterprise Infrastructure and Digital Transformation
Andy Torregrossa
PresenterPresentation NotesHeather: Thank you, Mike!Welcome Andy Torregrossa
-
119
Westcon Digital Transformation SolutionHow does it all work?
1View is our internal sales productivity platform focused around quoting automation and order creation
CRM is a “customer relationship management” tool where we manage our customer and prospect contact information, accounts, leads and sales opportunities in one central location
.COM & eCommerce is our window to the rest of the world where partners can manage their engagement with Westcon-Comstor and shop our eCommerce portal
1ViewSales Portal• Create quote• Pricing simulator• VRF• Conversion
CRMSales Force • Sales dashboards• Leads• Accounts & contacts• Opportunities
.COM & eCommerce• Navigation• Branding• Practices• Westcon-Comstor• Shop online
PresenterPresentation NotesThe tools are able to help us better serve partners with quoting, renewals and opportunities
1View – Sales productivity tool (i.e. Pricing, required vendor info for drop ships and order conversion capabilities)CRM – Sales Force Customer relationship management tool including Sales Dashboards to manage leads, accounts and opportunities)Dot Com & Ecommerce – Partner portals to support Reseller and Vendor engagement and streamline information and process delivery/execution. eCommerce provides quoting in multiple currencies
Went Live this year with the entire suite in except for eCommerce. In the interim you can continue to utilize our legacy eCommerce solution.
This vision behind this toolset is based upon the Quote and Order Life Cycle. This next video will show you our vision for the DT program.
-
120
• Security gateways – for first line of defense of the Network layer– IPS/IDS, Proxying (reverse)
• Denial of service (DOS/DDOS) – to ensure high availability for all Web applications
• Vulnerability scanning and pen testing – shows system weaknesses and application code vulnerabilities– Identify missing patches, weak ciphers, vulnerable services (FTP, SNMP)
– Privileged escalation, SQL injection, cross site scripting
• Data protection – controlling proprietary and confidential information– Encryption of data on servers and laptops
• Static code analysis – ensures security is built into the application during the development phase– Uncover and eliminate security coding flaws
Digital Transformation Security Challenges for IT
-
121
IT General Challenges
• Constantly balancing budget for security tools against risk and value– Security tools are expensive and typically you need a number of
tools to create a layered approach for enterprise wide protection
– Lack of resources also limits the ability to implement multiple solutions on a timely basis
• Navigating across many vendors and resellers requires a clearly defined risk register to help prioritize initiatives– Build 3 year plans
– Work with existing vendors to ensure our current tools cannot provide the required