eSecurity Market
Mobile Comm
Global e-Business
News & Insights
Contact Us


Security breach at Target part 2
FIDO Alliance Seminar
Security Breach at Target
Myth on Web Service Security
End-to-End Security for Cloud Computing
Optimize Security Services in the Cloud
Data at Rest, Data at Risk
Data Security Best Practices
DOD Common Criteria
Need for Information Security Professionals
Protect Social Security Info
Virtual VPN Gateway
Don't Hack the Ox!
6 eSecurity Pitalls
Data Security at Risk
CCNA Certification
NAC Forum
eSecurity Market
eSecurity Philosophy
PC Security
eSecurity Facts
Encryption Tool
Checking Security
Identity Theft
Home PC Security
eSecurity Training
Security Software
eSecurity & You
Web Security
Browser Security
Spyware & Viruses
448 Bit Encryption
Vital PC Security
Spyware Security
What's PC Security
Optimize eSecurity
Delete Cookies
Basic SB Security
eSecurity 101
Email Security

US e-Security Market

By Steve Tsai, Managing Editor, Internet Journal

The total E-Security market is about $17.2B in 2007 according to IDC. There are 400 private companies and 20 public companies in the E-Security sector in the US It is the most fragmented sector of the IT (Information Technology) industry. In order to provide clarity to this muddy landscape, a sound methodology must be used to provide a clear guide through the E-Security market jungle.

E-Security Market Segments

The e-Security market has many different segments. The following sections are providing a brief description of different segments of the e-Security market. It includes the following six categories:

  • Access Security
  • Authentication and Identity Management
  • Intrusion Detection and Prevention
  • Content Security
  • Security Management
  • Other Security Segments

Access Security

This segment also knows as perimeter security that addresses the security at the edge access points of the private network where it connects to the public Internet, including Firewall, VPN, SSL VPN.

This segment also includes products such as personal/host firewalls for PCs and servers, application firewall, XML firewall, host intrusion detection and prevention, spyware protection and removal products, and other products that combat known and unknown malware. 

In security software side, this segment also includes software based-enterprise firewalls, firewall/VPN/SSL VPN equipment, etc.

Authentication and Identity Management

This segment includes Identity and Access Management (IAM) software, appliances and services are used to create and manage user identities, provide authentication and permit users access to system resources based on defined criteria. The area is often called authentication, authorization and access (AAA), or authentication, authorization and access audit (AAAA). This segment also includes Web-based management products, single sign-on (SSO) and other secure provisioning products and authentication software and hardware.

Directories and virtual directories are not included in this segment but are often associated with this category. 

It also includes password management and self-service reset, user provisioning, user administration, extranet access management, enterprise access management, authentication systems including strong two factor devices and systems, radius, enterprise digital rights management, legacy AAA products, federated identity systems, PKI systems and services.

 Intrusion Detection and Prevention

This category includes intrusion detection software products, stand-alone appliances (platforms) or service-based IDS/IPS. IDS/IPS software monitors network traffic through observation of real-time actions, security logs or audit data to detect anomalies, identify and isolate attempts to make inappropriate or unauthorized access to network and host system resources network equipment, servers, files and individual PCs. IDS is sometimes includes two categories: host-based IDS and network-based IDS.

Content Security

This segment includes antivirus software, appliance and hosted products that scan, detect and correct viruses and malicious mobile code at the desktop, at the server level and, increasingly, when embedded in other devices in the network. This segment also includes malicious code treat protection.

This category include acceptable use control products, such as uniform resource locator (URL) blocking products and e-mail filtering and spam blocking products, as well as Internet messaging protection and control, and also e-mail encryption. Secure e-mail boundary products and services are included here.

Encryption software provides a mechanism to systematically encode and decode data so that an unauthorized party cannot decipher it. The software category includes a wide variety of software toolkits that are sold to hardware, software and services vendors, not primarily to end users. Encryption technology is also the foundation of a large number of applications, such as Digital Signature applications, Web Services security and XML Firewall.

E-mail encryption applications are defined as part of content filtering. It is true that PKI is an application that leverages cryptology, but it also is included under IAM offerings.

Security Management

Security Information Management (SIM) is software, appliances and services that provide a single console or integration point for collecting and displaying event alarms as well as for creating reports of challenge/threat history trends from heterogeneous security devices, such as antivirus devices, IDS devices, VPN devices and other devices subject to threats, as well as from server and client PC logs. Security information management is also known as IT security management.

SIM is also called Security Event Management (SEM). Some end users outsource this information function, especially the management of network security events, to managed security service providers (MSSP), which is another segment in the security space but is not included as part of the security software space.

Vulnerability Management (VM) is also in this security management segment which takes an inventory of security devices, network devices and hosts, recommending changes in the configurations and sometimes automates deployment of changes.

This segment also includes patch management, corporate security policy compliance products and services, and regulatory compliance products and services.

Other Security Segments

This category contains miscellaneous security and business-oriented security software tools and services and any equipment for these purposes. The category also includes miscellaneous security software for forensics, case management, policy authoring, risk assessment tools, business continuity planning tools and services, regulatory compliance tools and other miscellaneous.

Other security software includes manufacture URL filtering, anti-spam filtering, encryption toolkits and diverse encryption applications, disaster planning software, forensics software, software-based intrusion detection/intrusion prevention systems.

About The Author
Steve Tsai is the Managing Editor of the
Internet Journal Internet Journal provides the insights and analysis on Internet marketing, eCommerce, mobile communications, eSecurity, and global e-Business. If you have any comments about Internet Journal, please send email to


[Home] [eMarketing] [eSecurity] [Mobile Comm] [Global e-Business] [News & Insights] [Contact Us]