In our last blog, we covered how micro-segmentation can save you money by eliminating under-utilized zones and choke points. If you’re not sold yet on the value of micro-segmentation and are looking for more benefits, today we’ll cover how to avoid costly hardware refresh cycles and on-going maintenance.
Challenges of “cloud-washing” security appliances
With the adoption of cloud, legacy vendors don’t want to lose out on the opportunity for revenue in this new market, despite all of their products being built for all-hardware data centers with one way in and one way out. Not surprising, these providers are now “cloud-washing” their legacy products by adding virtual security software layers to their existing appliance boxes – then rebranding it as being “virtual.”
Unfortunately, these cloud-washed solutions are costly and can’t scale to inspect and protect the total volume of traffic inside virtualized data centers and clouds – and therefore relying on a subset of traffic inspection instead. And since you’re still being forced to buy a box for your new “virtual” security solution, you’ll still get all of the hidden and on-going costs of hardware, such as data center operations, vendor maintenance, and support packages that must be added to the list price of the product itself.
Real world example: Firewall refresh cycles
According to Gartner, firewalls are on 5-year average refresh cycle*. With our largest customers, we generally see this closer to 3 years. These refresh cycles will end up costing them 50-100% more on average at the time of refresh than previously – and that’s just for the hardware. This cost does not include additional maintenance and support refresh, which can be as high as 20% of the list price for the hardware. Simply, this adds up to a big check to write every 3-5 years that hasn’t been avoidable, until now.
Solution? Adopt secure micro-segmentation to replace appliances
Adopting software for secure micro-segmentation stops the vicious cycle of being forced to purchase and refresh a never-ending stream of hardware appliances. These software systems can also scale out with increasing volumes of internal data center and cloud traffic, without the need to purchase more and more expensive hardware to meet these demands. They also are independent of the underlying infrastructure, so you can buy additional software capacity as you need it, without purchasing more boxes to go along with it.
Make the switch from hardware appliances to software systems for your internal segmentation projects and you can expect…
- Less Refresh Cycles: Eliminate the number of on-going, costly hardware refresh cycles every few years.
- Lower OpEx: Reduce the amount of operational resources (i.e. data center heating, cooling, space) and people resources needed to run siloed, hardware security systems
- Reduced Recurring Costs: Lower on-going vendor, maintenance and support costs as a result of fewer hardware systems to deploy and manage.
Not sold yet on the cost benefits of secure micro-segmentation? Come back to read next week’s blog on every security operators’ favorite topic: the time and complexity to process rule changes.
But, if you’re ready to learn all 5 right now, download our eBook: 5 Ways Secure Micro-Segmentation Saves You Money.
*Gartner, Magic Quadrant for Enterprise Network Firewalls, April 2015