https://451research.com/report-short?entityId=82947&tmpl=print Impact Report Bat Blue swings for the fences in securityas-a-service market Analyst: Garrett Bekker Adrian Sanabria 1 Oct, 2014 Just when premises-based security controls started to address some of the more pressing security issues facing the industry, the rise of BYOD, work-from-home initiatives and the prevalence of hotspots caused any traditional idea of 'premises' or a 'perimeter' to evaporate. Still, the average enterprise has a large portion of its security budget poured into on-premises gear, much of which is wasted given the multitude of corporate and non-corporate-owned devices that regularly leave the company network – or never touch it in the first place. One response has been to backhaul remote device traffic through the enterprise network, or force it through a proxy containing the desired security controls. The word from customers is that this approach is fraught with bandwidth and latency issues, especially as the size of the enterprise and number of users increase. Proxies, while increasingly popular of late, are also limited to a subset of protocols and applications and can't handle bidirectional traffic. Bat Blue's approach is to reroute the entire egress path through its proprietary network of secure points of presence (SPoPs). Priority one has been to use its SPoPs to increase performance over the typically convoluted 20+ hop path that most consumers and businesses take to traverse the Internet. With the company claiming that challenge has been addressed – offering impressive latency numbers to back it up – the past few years have been devoted to further building out its security features. The 451 Take Bat Blue offers a compelling combination of cloud-based security and the ability to not only limit the impact on network performance, but actually improve it. Bat Blue's approach to rerouting, analyzing and scrubbing traffic after it leaves corporate egress points pairs well with software-defined networking trends on the other side of the enterprise wall, and its ability to filter both inbound and outbound traffic across any protocol or application should help differentiate itself from an increasingly crowded field of cloud security aspirants. Although we're security people, we've found that one of the best ways to sell security (short of beating someone over the head with the compliance stick) is by pairing it with features the customer can immediately benefit from, and Bat Blue's claims of improved network performance should serve the company well in terms of demonstrating ROI – rare in security circles. The main challenge for Bat Blue may be perception because the company's unique service doesn't easily lend itself to direct comparisons. As with any security market that has yet to be established, Bat Blue will need to turn customers' ears and convince them of its benefits – marketing and evangelizing will be key. And while Bat Blue's high-performance network provides a solid foundation to build on, the company has some work ahead to build out the security piece to keep up with its likely rivals. Context Bat Blue Networks was formed in 2007 by IGX GLOBAL founder Babak Pasdar after the midsized security VAR decided to spin off its managed services unit. The company's name has military and surveillance roots: 'Bat' derives from aircraft used to perform battlefield reconnaissance, while 'Blue' comes from the 'Blue' and 'Red' teams used in war games. The company is based in Clifton, New Jersey, with regional offices and security operations centers (SOCs) in more than 10 locations across the US and three in Europe. Bat Blue has 15 full-time employees and is self-funded, although the company hopes to tap external capital to fund both domestic and international expansion. Recent additions to Bat Blue's board of advisers include Hussein Eslambolchi, former CTO, CIO, president and CEO of AT&T Labs; Larry Blakeman, former CIO of MetLife; and Steve Katz, known as the 'world's first CISO,' who held the same title at Citigroup, JP Morgan and Merrill Lynch. Bat Blue doesn't disclose annual revenue 1 of 3 10/1/14, 3:15 PM https://451research.com/report-short?entityId=82947&tmpl=print numbers, although we estimate a current revenue run rate of $8-10m. In addition to managed services, Bat Blue initially resold cutting-edge security and networking products from up-and-coming vendors such as Palo Alto Networks, NitroSecurity (acquired by McAfee), Aerohive, A10 Networks, Varonis, Proofpoint and Imperva, in part to fund its nascent securityas-a-service offering. As cloud computing evolved from concept to reality, the company decided to go all in on a cloud-based security service and developed its flagship Cloud/Sec offering (initially called Security Anywhere) in 2008. Cloud/Sec's foundation is built on BlueNET, a proprietary Layer 2/3 virtual network designed to overcome the latency resulting from directing traffic to Bat Blue's various SOCs for inspection. The company subsequently developed additional functionality to address email security, distributed denial-of-service prevention, application delivery and mobile security. Traditional security consulting and managed services are still provided for legacy customers. Products Unlike other security-as-a-service vendors that address low-hanging security fruit perhaps more suitable to cloud delivery (such as email and Web security or vulnerability scanning), Bat Blue is attempting to provide what it refers to as a full 'security abstraction layer' in the cloud. The idea is that although mobility, BYOD and cloud computing have collectively been the final coffin nails for the notion of a traditional security perimeter, hybrid organizations still need uniform security policies across both on-premises and cloud resources. Bat Blue's flagship Cloud/Sec service enables distributed enterprises to extend their existing security perimeter to encompass both remote and mobile workers and branch offices behind a single global security policy, or what it calls 'borderless security.' Core services include traditional firewall functionality, next-gen firewalling with application control, IDS/IPS and URL filtering, SSL decryption, and integration with AD/LDAP directory services. Optional services include IPv6 support and the ability for clients to plug in their own data-loss prevention (DLP) platforms for visibility into mobile and cloud communications. A key distinction from other cloud-based security services is that Cloud/Sec is not proxy-based, so it works with all ports, protocols and applications, both inbound and outbound traffic, and does not require frequent reconfiguration. For mobile users, Cloud/Sec's security coverage extends to mobile devices with threat management and application control, DLP, and the ability to integrate with third-party MDM vendors. The 'special sauce' in Bat Blue's arsenal is BlueNET, a Layer 2/3 hybrid network designed to overcome the performance hit or 'cloud penalty' associated with forwarding traffic to the cloud for inspection. BlueNET's architecture is able to make intelligent routing decisions that provide a guaranteed 'one hop in/out' connection to any location worldwide, eliminating the latency that typically results from traversing multiple 'hops' from source to destination. BlueNET also takes advantage of peering relationships at multiple datacenters around the US and Europe (last count was 13 locations and growing). In benchmark tests with large customers in media and financial services, Bat Blue claims latency was consistently less than most Internet providers, and overall performance was 30-300% faster – a huge difference when dealing with live TV or high-frequency trading, for example. Strategy We've seen this story before, with VARs trying to reinvent themselves with proprietary product or service offerings; it's a tricky transition, and others have swung and missed. Bat Blue seems to have managed the delicate balance of weaning off of its reseller cash cow while simultaneously devoting most of its energy and resources to an entirely new business model. The company no longer generates revenue from sales of third-party products, and it claims 100% of its customers have been transitioned to its various cloud services (although it continues to manage some on-premises equipment for legacy managed security service providers (MSSP) customers). In terms of go-to-market strategy, Bat Blue is attempting to be a one-stop shop for smaller firms, or an overlay to larger firms that wish to retain some of their existing security infrastructure in-house but need uniform security coverage across their on-premises assets, cloud instances, SaaS apps and mobile devices. Sales efforts are currently focused on customers with highly distributed networks that are latency-sensitive and can benefit from Bat Blue's bundle of security and networking offerings. The company has several marquee clients, including well-known global media and financial services giants. Part of the company's strategy includes partnerships with hosting providers such as Equinix and Telx, which could offer some customer synergies. Bat Blue also plans to expand its SPoP footprint to Asia and EMEA to better serve its global customers. Competition Because Bat Blue has a fairly broad portfolio, apples-to-apples comparisons with existing cloud security vendors or MSSPs is a bit of a challenge. Firms that are looking to move internal IT resources to the cloud will still need to consider things like encryption, which is addressed by vendors such as CipherCloud, PerspecSys, Vaultive and Voltage, and identity-as-a-service (IDaaS) vendors like CA, IBM (Lighthouse), Identropy, Mycroft, Okta, OneLogin, Ping Identity, salesforce.com, SecureAuth and Simeio – some of which could integrate with Cloud/Sec or be suitable strategic partners 2 of 3 10/1/14, 3:15 PM https://451research.com/report-short?entityId=82947&tmpl=print down the road. Bat Blue's most direct competition will likely come from pure-play cloud security vendors such as Zscaler, Akamai (Prolexic), CloudFlare and also what 451 has termed 'cloud application control' (CAC) vendors such as Adallom, Bitglass, Elastica, Netskope and Skyhigh Networks. Most of the latter rely on proxy-based architectures or DNS forwarding, and as such, are generally limited to protecting a subset of applications and protocols and are restricted to either inbound or outbound traffic scanning. Looking at the broader security services landscape, Bat Blue could face a crowded field of competitors, including traditional MSSPs such as AT&T, IBM, SecureWorks, Symantec and Verizon, as well as formidable second-tier MSSPs such as SilverSky, Trustwave and Alert Logic, all of which are adding more cloud-based features. In the security-as-a-service segment, Bat Blue could face competition from vendors such as Google (Postini), Proofpoint and Webroot for malware protection. It is worth mentioning here that Bat Blue is white-labeling its own service for MSSP use, perhaps putting it once-removed from more direct competition in this market. SWOT Analysis Strengths Weaknesses Bat Blue's ability to address both inbound and outbound traffic across any port or protocol can address a large chunk of an enterprise's security needs with minimal impact on network performance. The combination of security and high-performance networking is compelling, although it may be a reach for SMB/SOHO customers or branch offices that either can't afford or don't have access to high-speed connections. The company isn't yet well known in security circles, and has its work cut out to convince customers to augment or replace existing security products. The company may need to tailor its offerings for a more diverse set of markets and use cases (healthcare, midsized enterprise). Opportunities Threats Firms with highly distributed networks are a prime target for Bat Blue, as well as firms that lack internal IT staff and wish to move resources to the cloud. Cloud/Sec seems a natural fit for MSP/MSSP white-labeling, and could be a powerful ally in 'RFP slaying' exercises. Larger, better-funded players have similar ambitions in cloud security, and the window of opportunity could close rapidly. More narrowly focused cloud security vendors could gain traction with more targeted offerings that address tactical needs for SaaS application security. This report falls under the following categories. Click on a link below to find similar documents. Company: Bat Blue Networks Other Companies: A10 Networks, Adallom, Aerohive, Akamai, Alert Logic, AT&T, AT&T Labs, Bitglass, CA Technologies, CipherCloud, Citigroup, CloudFlare, Elastica, Equinix, Google, IBM, Identropy , IGX Global, Imperva, JPMorgan Chase, Lighthouse, Intel Security, Merrill Lynch, MetLife Inc, Mycroft , Netskope , Okta, OneLogin, Palo Alto Networks, PerspecSys, Ping Identity Corp, Postini, Priority One, Prolexic, Proofpoint, salesforce.com, SecureAuth, SecureWorks, US Securities and Exchange Commission, SilverSky, Simeio Solutions, Skyhigh Networks, Symantec, The Telx Group, Trustwave, Varonis Systems, Vaultive, Verizon, Webroot, Zscaler, NitroSecurity, Voltage Security Analyst(s): Garrett Bekker Adrian Sanabria Sector(s): Security / General Enterprise networking / Network performance & management / WAN traffic optimization Copyright © 2000-2014 The 451 Group. All Rights Reserved. 3 of 3 10/1/14, 3:15 PM
© Copyright 2024 ExpyDoc
