MarketScope for Managed Security Services in Asia/Pacific

This document was revised on 24 October 2011. The document you are viewing is the corrected version. For more information, see the Corrections page on gartner.com.

Adoption of managed security services (MSSs) in the Asia/Pacific region has continued to grow, producing an average 18% revenue growth to an approximate total revenue of $558 million (31% growth reported for 2009) as reported by managed security service providers (MSSPs) active in the region. A total of 17 vendors met the inclusion criteria for this year's MarketScope for MSSPs in Asia/Pacific. Inclusion requirements for this year's MarketScope remained the same as those used for the 2010 version. Multinational providers continue to dominate markets in many countries, but local, domestic providers are making steady gains in the market. Providers fall into four general groups:

1. Telecommunications/WAN providers (BT Global Services, AT&T, Orange Business Services, Telstra, Tata Communications and Verizon Business)
2. Integrators and consultancies with outsourcing and integration operations (HCL Technologies, IBM Security Services, CSC and Wipro)
3. Pure-play security service providers (Seccom Global, Earthwave, Paladion and e-Cop)
4. General IT vendors with major product lines outside of security (HP Enterprise Services, Symantec and Dell)

Service portfolios continue to expand, and MSSPs throughout the region are diversifying their offerings and their go-to-market strategies for sales and service delivery. Clients in Asia/Pacific should look for providers that can supply a range of higher-value services in addition to the security infrastructure management and monitoring services commonly provided by MSSPs. Clients should anticipate more partnerships between multinational and local MSSPs, effectively providing delivery of a global service via a local agent and security operations center (SOC).

Participating Providers

Our MarketScope in September 2010 included 17 Asia/Pacific MSSPs. The same vendors met Gartner's inclusion for this year's MarketScope. As a result, there are 17 vendors represented in the 2011 MarketScope for MSSPs in Asia/Pacific.

Vendors Participating in the 2011 Asia/Pacific MSSP MarketScope

• AT&T
• BT Global Services
• CSC
• Dell (SecureWorks) (Dell purchased SecureWorks in 2010.)
• Earthwave
• e-Cop
• HCL Technologies
• HP Enterprise Services
• IBM Security Services
• Orange Business Services
• Paladion
• Seccom Global
• Symantec
• Tata Communications
• Telstra (DMZGlobal)
• Verizon Business
• Wipro

VeriSign was removed from the MarketScope in 2010 as a consequence of its purchase by SecureWorks. SecureWorks has, in turn, been acquired by Dell. Accordingly, Dell now appears in the research for 2011.

Bundling of security services into all-inclusive IT management outsourcing contracts continues to appear in relationships with diversified providers, such as CSC, HP, IBM and Wipro. Across the region, IT service providers are adding security monitoring and management to IT service portfolios, by building their own service capabilities or by partnering with an MSSP. Bundled security services are not consistently charged as a separate line item in the contract. A few clients indicate that the security services they consume do not appear in the budget of the security department. These same customers indicated that the security team was not involved in the service definition or contract negotiation.

The bundled service model is most attractive to clients that want to outsource most IT services, including security. However, the practice of bundling security into general IT service contracts presents several issues:

• It limits the flexibility of the client organization and may limit the overall effectiveness and transparency of the security service delivery by the MSSP.
• Monolithic outsourcing of IT and IT security services to a single vendor creates constraints for the client and segregation-of-duty issues for the vendor.

This service model should be approached cautiously and backed up by strong contract clauses that enable third-party oversight and review of vendor practices. The costs of security service provisioning must be demarcated so that the client can evaluate the cost-effectiveness of the vendor's services. Any contract that includes security services must include service-level agreements (SLAs) for security monitoring and management activities that are distinct and separate from general IT management SLAs. Early-adopter organizations are moving away from a monolithic and generic IT delivery model for outsourcing and into more agile multisource models.

Dedicated, "pure play" MSSPs continue to perform well throughout the region. Companies such as Earthwave, e-Cop and Symantec market directly to security decision makers and have built substantial and loyal client portfolios.

Geographic Scope

Gartner defines the Asia/Pacific region as including India, Thailand, Vietnam, Singapore, Malaysia, Indonesia, the Philippines, Australia, New Zealand, Hong Kong, the People's Republic of China, Taiwan and South Korea. Domestic MSSPs that focus all of their services on clients in Japan are not included in this research. The multinational providers (i.e., Verizon Business, Wipro, Symantec, Seccom Global, Orange, IBM, HP, BT and AT&T) offer services in all countries within the region, with varying levels of local sales and technical support. Regional providers (such as HCL, e-Cop, Earthwave, Paladion, Seccom Global, Tata Communications and Telstra) support services in multiple countries, but are most active in their country of origin. Within each of the countries included in this research are multiple domestic MSSPs with diverse portfolios; unfortunately, these smaller providers are not yet large enough to be included in our analysis.

In general, the larger providers focus on clients clustered in major metropolitan centers, such as Sydney, Hong Kong, Singapore, Delhi and Mumbai. Smaller MSSPs, particularly those headquartered in the region, are taking advantage of this situation and now dominate the small or midsize business (SMB) market for MSS throughout the region. Although SMB service contracts tend to generate less revenue, providers indicate that these accounts also cost less to service. Unified threat management (UTM) deployments are particularly cost-effective in this market sector.

Methodology

Gartner contacted 87 vendors of MSSs around the world for this research. Out of this international group, 17 qualified for participation in the Asia/Pacific MarketScope. Those 17 providers then answered a more-detailed questionnaire and provided customer references for an online survey and teleconference interviews.

In support of the research focused on the Asia/Pacific region, we contacted 76 reference clients for interviews, and 20 clients responded to the online survey. In addition to data about their MSSPs, reference clients discussed general market conditions in their location and the other MSSPs that featured in their procurement process.

The collection of vendor data and customer reference information took place during April, May, June and July of 2011 and reflects the status of vendor operations as of April 2011. Although vendor statements concerning plans for future services and market initiatives were collected, this information was not used as part of the assessment of the vendor's current position in the Asia/Pacific market.

Managed Security Services in the Asia/Pacific Region

Growth in MSSPs' revenue has diminished in the Asia/Pacific region when compared to previous years. The MSSPs responding to Gartner's survey reported an aggregate increase in devices managed or monitored of only 25% versus an increase between 2009 and 2010 of 48%. The diversity of vendor descriptions of device types under management makes it impossible to describe relative growth in device counts. Vendors report that 94% of devices receiving MSS are customer premises equipment (CPE), with only 6% in the cloud (ITC — see Note 1). Sixty percent of CPE devices are managed, while 40% are monitored. For non-CPE devices (such as hosted firewalls and clean pipe services), 56% are managed, and 44% are monitored. This represents a slight growth in full management services (as opposed to monitoring only), and a shift in balance toward CPE instead of ITC or cloud-deployed security devices/services. This shift in service ratios toward CPE is a consequence of continued growth in CPE and only moderate growth in the uptake of cloud-deployed services. Most vendors report increasing client interest in ITC services, and Gartner anticipates that the growth rate in ITC MSS will accelerate over the next three years. Service revenue totaled slightly more than $185 million; however, several vendors did not provide revenue data. Accordingly, this revenue data is not a complete quantification of the market.

More than 5,400 clients were reported in the region, representing a growth rate of approximately 17% (it should be noted that two major vendors did not provide detailed data concerning changes in the size of their client bases). The largest growth in client base was reported by the MSSPs that are based in the region (as opposed to multinationals based in other geographies). Regional MSSPs accounted for 43% of the customers reported. The average growth in client base at 17%, combined with an average revenue increase of 18%, indicates revenue per client has increased slightly. This expansion in per-client revenue has been produced, in part, by an expansion of value-added services offered by most MSSPs, rather than through an expansion in base prices for core MSS.

UTM service providers continue to see solid growth in the region. Although UTMs are often thought of as SMB solutions, multiple enterprise clients are leveraging the lower cost of UTMs to support distributed regional offices in a more cost-effective approach to traditional security infrastructure approaches. Traditional MSSPs continue to expand their service portfolios to include UTM services. Gartner continues to encounter MSSPs that outsource or resell UTM MSS from competitors. Although this approach (subcontracted MSS for UTMs) may assist with client account control in the short term, this approach creates or reveals gaps in the primary MSSP's portfolio and enables a second MSSP to gain entry to the account. Multinational MSSPs that employ this strategy should expect to see an erosion in their performance in local markets where they depend on other MSSPs for service delivery. Service providers that focus exclusively on a single type of UTM are not included in this research; however, this market sector is growing and will be the focus of future research efforts.

Network Box is a good example of a UTM MSSP that is able to provide a "turnkey" service for clients. The Network Box combination of product and service (the UTM is developed and manufactured by Network Box) creates the groundwork for delivery of security as a service (SecaaS) via a minimal CPE footprint device that is completely owned and serviced by the vendor.

Providers based in the region (Earthwave, e-Cop, HCL, Paladion, Seccom Global, Tata Communications and Wipro) collect 58% of the reported revenue, but only from 43% of the clients. The average revenue per client for regional providers is approximately $56,000. Multinational providers (AT&T, BT, CSC, HP, IBM, Orange, Dell, Symantec and Verizon Business) collect an average of $31,000 per client. This amount is markedly less than that reported last year, but the difference is the result of refinement of the reporting mechanism, rather than a substantial change in actual client contract value. All providers support the management and monitoring of:

• Firewalls
• Intrusion detection systems (IDSs) and intrusion prevention systems (IPS) (network and server)

Most MSSPs in the survey support both CPE and ITC deployments. CPE deployments comprise slightly more than 80% of the services currently provided (approximately 46,000 devices).

Typically, MSSPs in the region provide a large number of other security services, including:

• UTM monitoring and management
• Log collation and analysis
• Incident monitoring, alerting and escalation
• Vulnerability scanning and assessment
• Penetration testing
• Denial of service (DoS) and distributed denial of service (DDoS) mitigation (often limited to clients using vendor-provided network services)
• Identity management services
• Remote connectivity encryption services (such as a virtual private network)
• Managed data loss prevention
• Security governance (for example, policy construction and maintenance)

Very few clients reported actually using any of these ancillary security services. Uptake of these services was highest with the clients of regional providers that have established professional services and system integration offerings. Many of the clients of the larger, multinational providers indicated that they preferred to use other providers for these services in order to verify the effectiveness of the MSSP services being provided.

An increasing number of MSSPs are supporting a wide variety of languages via their customer service portals and telephone contact personnel. This is particularly true of MSSPs based in the region. Multinational MSSPs based outside of Asia/Pacific are lagging behind local competitors in their support for local languages and dialects. All of the MSSPs indicate that English is the default language for most services. Very few offer support for Mandarin or Cantonese, but English, French, Spanish, Portuguese, German, Hindi, Tamil, Arabic, Bahasa (Indonesia), Malay and simplified Chinese (portal only) are increasingly common. Lack of support for local languages (portal and telephone) will limit the ability of any MSSP to penetrate SMB markets, particularly in those countries that do not promote English as a second language in early schooling.

Client Drivers

Multiple clients in the region expressed a strong preference for providers with an SOC located in the region. This preference has aided the growth of local providers, but most multinational providers have invested in regional SOCs, effectively diluting geography as a competitive differentiator. In 2011, local MSSPs accounted for 27 out of the 40 SOCs (68%) owned by MSSPs doing business in the region.

The dominant selection criteria cited by clients in 2010 and 2011 were:

• Security expertise provided by the MSSP
• Quality of service delivered by the MSSP

Many clients discussed a need for greater flexibility, responsiveness and aggression in service provision by MSSPs. These factors align with the first factor cited above (security expertise of the MSSP). Clients hire the MSSP for its expertise and expect the MSSP to anticipate and proactively alter services to prevent security or performance issues, rather than wait for the client to initiate an action or alteration to a service.

Clients did not indicate that regulatory compliance is a major driver for MSSP selection or engagement. In addition, clients did not cite MSSP certifications (for example, International Organization for Standardization [ISO] 27001 certification) as a criterion in their service procurement process. Customers continue to complain about fragmented customer service relationships when dealing with the larger, multinational MSSPs, particularly those vendors with multiple product/service lines outside of MSS. In contrast, customers of the smaller, regional MSSPs (Earthwave, Paladion and Seccom Global) were praised by customers for the quality of their customer service and the ability of telephone contact personnel to resolve issues without additional escalation.

Clients' ratings of MSSPs were widely distributed, from poor to excellent. These evaluations enabled most providers to attain a Positive ranking, with three achieving Strong Positive on the basis of their continued investment in innovation, brand marketing, customer service delivery and facilities in multiple countries. Six vendors were ranked as Promising (AT&T, BT, CSC, Dell, HP and Telstra), based on either instability in their service portfolio or a lack of an effective marketing and service provision strategy for the region. As indicated in the evaluation criteria discussed below, this MarketScope places an emphasis on geographic strategy and customer experience.

Market Outlook

MSS has a strong and growing client base in the region, and the outlook for vendor growth and improved services for clients remains excellent. Overall growth in revenue and client base has decelerated across the region in comparison to previous years (a decrease from 31% in 2009 to 18% in 2010). The continuing global economic turmoil has discouraged enterprises from capital investment in security infrastructure and additional personnel costs for new security staff. Gartner does not anticipate strong growth in overall IT spending in client organizations in the next 18 months (see "Forecast Alert: IT Spending, Worldwide, 3Q10 Update"). This fiscal conservation has motivated a number of enterprises to leverage MSS to support security improvements, continuing regulatory compliance and service expansion for business operations. Gartner expects that continuing uncertainties in the global economy will reinforce this trend, with the direct result of stronger growth in MSS client numbers and revenue.

Many MSSPs have responded to the financial turmoil by restructuring service pricing to reduce, or wholly eliminate, upfront capital investments by clients. In addition, Gartner anticipates that pricing for core MSSs (such as firewall IDS/IPS monitoring) will decrease during the period of 2011 through 2012. This reduces the barrier to entry for MSS for enterprises and has already attracted greater interest in the SMB markets. Managed UTM providers pioneered this pricing concept during 2009 with strong results. Larger MSSPs with more diverse portfolios have followed suit. Gartner expects these pricing innovations to continue throughout 2011 and 2012, that a steady flow of new clients will be attracted to MSS, and that existing clients will expand the number of devices under management. It remains to be seen whether MSSPs will generate the same profit margin per client or per device with these new service prices, but most MSSPs have indicated satisfaction with profitability under the new price structures to date.

Incumbent MSSPs continue to seek increases in the quantity of devices under management and the discrete services being provided to clients, both to improve account profitability and to create barriers for the entry of competitors into the client account. New MSSPs continue to appear in the local market, but the frequency of their appearance and their rate of growth has diminished in comparison to previous years. Although the Asia/Pacific market has not been saturated with MSSPs, it is clear that the market has become more competitive, because regional and multinational MSSPs have expanded their reach throughout the region. As a consequence, clients are being cautious about acquiring services from new MSSPs when well-established MSSPs are available in the local market, and Gartner expects no change in this attitude within the next 12 to 18 months.

Merger and acquisition activity among MSSPs has been very quiet for the past 36 months. The only notable change in ownership is the Dell acquisition of SecureWorks. We do not expect an increase in mergers and acquisitions over the next 18 to 24 months. This negative forecast for merger and acquisition activity is based on the continuing financial instability in the global markets and the limited profit growth potential possible through acquisition of a regional MSSP. It is highly unlikely that we will see a merger of any of the multinational MSSPs. A few MSSPs have not grown appreciably in 2010, and a small number have lost customers and revenue. This is likely to result in some market consolidation in the Asia/Pacific region as clients transfer to MSSPs that continue to invest in innovative services and effective service delivery channels.

Gartner anticipates that the Asia/Pacific market for MSS will continue to grow at 20% to 28% through 2012. Domestic markets in India, Malaysia, Singapore, Hong Kong and Australia will continue to expand, and emerging markets in the Peoples' Republic of China, Korea and Taiwan will attract greater participation by foreign and new domestic MSSPs. The highest growth in customer counts will continue to be in the SMB sector, but larger enterprises will continue to expand the services they acquire from MSSPs, particularly services related to LAN-based equipment (for example, desktop management and server log collation/analysis).

Market/Market Segment Description

MSS includes remote, subscription-based monitoring and/or management of firewalls, intrusion detection, and intrusion prevention functions via customer-premises-based or in-the-cloud devices.

Inclusion and Exclusion Criteria

To be included in this MarketScope, an MSSP must have the following qualifications:

• Demonstrate the ability to remotely monitor and/or manage firewalls and intrusion detection/prevention (IDP) devices from multiple vendors via discrete service offerings.
• Have more than 150 customer firewalls, network or host-based intrusion detection/prevention systems, and Web/email gateways that are physically located in Asia/Pacific under management (installation, configuration, patching and monitoring), or have at least 50 Asia/Pacific customers that consume firewall, intrusion detection/prevention or secure Web/email services in the cloud.
• Have at least 30 customers based in the Asia/Pacific region.

Vendors that have MSS offerings, such as DDoS protection, log management or vulnerability scanning, but not device monitoring and management, are not included in this MarketScope. Also, providers of primarily Web or email hygiene and trust services (for example, certificate authorities) are not included in this MarketScope. Others offer MSS primarily to hosting customers, with limited offerings to others. As these providers expand the scope of their MSS offerings, they may be included in a future MarketScope.

Added

• Dell added as the new owner of SecureWorks

Dropped

• SecureWorks — Dell purchased SecureWorks' MSSP operation in 2010. The SecureWorks name has been removed and replaced with Dell (SecureWorks) in this MarketScope.

Rating for Overall Market/Market Segment

Overall Market Rating: Positive

Continued growth in both revenue and customer base indicates that the Asia/Pacific market for MSSs is well-established and should continue to grow for the near future. Customers' selection criteria have matured, and local and multinational vendors are moving aggressively to maintain price competitiveness and to expand their service portfolios to maintain profitability. Nearly all vendors indicated plans to maintain or expand investments in facilities and personnel throughout the region. All clients indicated that they intend to either maintain or expand the services they obtain from their MSSPs.

The market for MSSs in the Asia/Pacific region is still fragmented by geography, but many vendors are becoming more effective at working across national borders and cultural disparities. Development of domestic markets for MSSs in various countries is constrained by insufficient connectivity and related national infrastructure. Organizations in countries such as Malaysia are reaping the benefits of a national emphasis on infrastructure modernization that enables those organizations to access services that have been validated in other, more developed locations. Continued economic competition between countries in the region will expand opportunities for SecaaS for customers and vendors.

Evaluation Criteria

Source: Gartner (September 2011)

Source: Gartner (September 2011)

Vendor Product/Service Analysis

AT&T

AT&T is a multinational telecommunications provider with a limited presence in Asia/Pacific. Although AT&T markets directly to prospects based in the region, the preponderance of its customers are composed of multinational corporations (MNCs) based outside of the region (but with significant facilities in the region) seeking consistent MSS delivery and a single-vendor relationship. Customers rate AT&T's services as "good," but complain about lethargy in the provision of new capabilities and inappropriate amounts of bureaucracy in defining contracts. Although AT&T's extensive network service capability enables existing customers to obtain MSSs in almost any location, this capability has not resulted in significant growth in the number of customers based in the Asia/Pacific region. Customers considering the use of AT&T in the Asia/Pacific region should seek local customer references and ensure that AT&T can provide field services (either directly or through partners) in the specific geography being considered. Reference accounts in the region report that they are generally positive about the quality of AT&T security services.

Strengths

• Global network services that enable client support in most locations via AT&T's own connectivity
• Global recognition of the AT&T brand
• Extensive MSS capabilities

Challenges

• AT&T's regional strategy for Asia/Pacific, which lacks relevance to the drivers expressed by customers in the region
• AT&T's continuing reputation as a U.S.-centric vendor with minimal presence in the region
• Accelerating the growth of its client base, including non-MNC organizations based in Asia/Pacific

Optimal Use Case

• MNCs seeking consistent MSSs across the globe without any requirements for localized data storage requirements

Rating: Promising

BT Global Services

Despite BT's investment in an SOC in India, market uptake of BT's MSSs has not increased appreciably. It should be noted; however, that BT has experienced strong growth in IT and network services, which usually include security services as a component. BT relies on internal and partner-provided MSS to support service delivery to clients in the region. BT is rarely mentioned by customers or competitors in conversations with Gartner, and does not appear in proposal shortlists with any frequency. BT's acquisition of Frontline (Singapore) continues to support local service delivery, but BT struggles to gain traction with clients in the region outside of its established network service customer base. BT's customers are basically pleased with the services provided (rating = good) and have contracted for multiple services beyond regular security infrastructure management.

Strengths

• BT's regional SOC in India, combined with significant staff presence in Singapore and distributed sales presence, which enables client support throughout the region
• Globally recognized brand

Challenges

• Inconsistencies in BT's go-to-market strategy, which reveal a fragmented strategy
• Market perceptions of regional variations in service delivery practices and technology

Optimal Use Case

• Organizations based in Europe that require a common approach to security that is implemented globally

Rating: Promising

CSC

CSC is a global vendor that provides a broad range of IT-related services, including MSSs and security consulting. Its client base is primarily in Australia, Singapore, Malaysia and Hong Kong, with the majority based in Australia. MSS is generally provided as part of a package of services, including outsourced management of server and desktop infrastructure and security consulting. CSC has considerable security- and risk-consulting capabilities, and is able to offer clients a holistic service. Clients rate CSC's services as fair to poor. Clients continue to compliment CSC's ability to deliver contracted services, but complain about CSC's passivity in identifying and promoting security activities that would benefit the client. CSC Australia has recently invested in a dedicated security business team to engage directly with client security stakeholders and management; however, this positive move has not been replicated as yet in other CSC groups in the region. In addition to its own in-house MSS capabilities, CSC also resells MSSs from McAfee and Symantec in Southeast Asia. CSC operates SOCs in Malaysia and Australia.

Strengths

• Able to deliver a broad range of security and risk management services
• Focus on risk management rather than technical service provision
• Knowledge of local regulatory requirements

Challenges

• Dependence on consulting and IT outsourcing service as a vehicle for marketing MSSs, which restricts market growth in MSSs to existing clients of its other services
• Wide variation in knowledge and skills of staff interacting with and presenting to clients

Optimal Use Cases

• Enterprises in Australia, Singapore, Malaysia or Hong Kong seeking a single provider that can deliver a broad range of IT outsourcing, system integration, consulting and MSSs
• MNCs that require a single provider in multiple countries that can provide diverse IT and security services in a single service package

Rating: Promising

Dell (SecureWorks)

Dell purchased SecureWorks in February 2011. This purchase brought both the SecureWorks operations and client base, as well as the SecureWorks SOC platform. SecureWorks' previous presence in Asia/Pacific was based on the vestigial presence maintained by VeriSign (SecureWorks acquired the managed services division of VeriSign in 2009). Dell has not greatly expanded the client base in the region and has yet to articulate a regional strategy for expanding the client base and revenue. Dell has expressed a strong commitment to the Asia/Pacific region and currently has an established sales and service network for computer products throughout the region, in addition to an SOC already in place in India (Noida). Dell intends to leverage these networks to rejuvenate its MSS assets and client relationships in Asia/Pacific.

Strengths

• A well-developed service offering with extensive MSS capabilities
• The SecureWorks platform, which offers strong service management and reporting capabilities

Challenges

• No established security services brand in the Asia/Pacific region
• Direct representation present in the region, but not experienced in MSS sales and service delivery

Optimal Use Case

• U.S.-based organizations with facilities in the Asia/Pacific region
• Clients with a strong investment in other Dell products and services

Rating: Promising

Earthwave

Earthwave continues to operate as a pure-play MSSP. Its business model incorporates strong local partnerships to drive sales and service delivery. Customer references consistently rate Earthwave as an excellent provider. Earthwave's ability to retain quality personnel with deep experience in security technology, MSS and customer environments was identified as a competitive differentiator by multiple clients. The company's India-based R&D group continues to support improvements in its service portfolio. Although the vast bulk of its clients are based in Australia, Earthwave has a growing customer base outside of Australia. Its "clean pipes" and SecaaS technical and pricing models continue to gain converts in multiple countries. The company's SLAs are clearly stated and quite aggressive.

Strengths

• Excellent focus on service quality
• Continuing investment in MSS innovations
• Executive leadership with a mature understanding of security drivers within its client base

Challenges

• Continued expansion outside of Australia, which may require Earthwave to invest in a second regional SOC outside the country
• Developing expanded support for non-English-speaking clients

Optimal Use Cases

• Australian and New Zealand-based companies seeking a high-quality MSS with a clearly structured service model
• Asia/Pacific organizations that require a well-defined CPE or ITC MSS and can use a service based in Australia

Rating: Strong Positive

e-Cop

e-Cop is a regional MSS with offices in Singapore, Malaysia, Hong Kong, Thailand and India. In addition to MSSs, e-Cop also markets its proprietary SOC management software and has met with considerable success throughout Southeast Asia in providing SOC solutions for in-house and vendor-operated SOCs. Although e-Cop's core market is in Singapore, it has a large number of customers across Southeast Asia, North Asia, India and Oman. e-Cop operates seven SOCs distributed throughout the region to provide fine-tuned and localized services. e-Cop's ability to support SOCs in multiple countries has made it an attractive alternative for clients, such as local governments, that insist on in-country support facilities. Its clients are fiercely loyal and consistently rate e-Cop's services as very good to excellent. The founders of the company are still active in product innovation and day-to-day operations, and staff turnover is low. e-Cop maintains a partnership with Solutionary (U.S.-based MSSP), but it is not clear whether this partnership has produced substantial growth in revenue or customers. Although its proprietary platform has enabled e-Cop to fine-tune its service delivery to the specific needs of its clients, increasing growth in its customer base may strain its development capabilities as customers seek innovations in services and service delivery models.

Strengths

• Proactive approach to incident response and containment
• Low staff turnover
• Competitive pricing

Challenges

• Maintaining a competitive and innovative service portfolio
• Customer engagement
• Leveraging Solutionary alliance

Optimal Use Case

• Enterprises based in Southeast Asia that seek a strong and highly responsive MSS delivered regionally by support engineers that speak local languages and dialects

Rating: Positive

HCL Technologies

HCL is an MSSP based in India with SOCs in India (three), Poland (one) and New Jersey in the U.S. (one). In addition to MSSs, it provides a broad range of IT consulting, system integration and outsourcing services. HCL has successfully targeted Europe for the expansion of its MSS customer base, but has not been as successful with expansion in Southeast Asia and Australia/New Zealand. The company has a significant investment in sales personnel throughout Asia/Pacific, with the majority based in India. Client reviews are mixed. HCL's service portfolio is robust, and it is making steady progress on multiple innovations to its service capabilities. HCL has become increasingly innovative, with a range of service offerings that effectively leverage its consulting and risk management capabilities across a range of technology platforms and security processes. HCL regularly appears in customer shortlists for MSS in India and is regularly mentioned by competitors active in India.

Strengths

• Skilled and knowledgeable staff in its SOCs
• Competitive pricing and packaging
• Innovative ancillary services (consulting and system integration)

Challenges

• Establishing the HCL brand throughout Southeast Asia as a credible competitor to extant dominant MSSPs
• Developing support for additional languages in Southeast Asia

Optimal Use Cases

• Enterprises based in India seeking a provider with an extensive service portfolio that includes MSS
• Enterprises in Southeast Asia and Australia that already have a relationship with HCL and can use an India-based SOC for MSSs

Rating: Positive

HP Enterprise Services

HP Enterprise Services operates a single regional SOC based in Singapore, with sales staff distributed across the region. Sales staff in Asia/Pacific are not dedicated to MSS. Customer reviews are generally positive, with some variation in levels of satisfaction with service delivery. HP's customer portal and interaction mechanisms have not reached the levels achieved by multiple competitors in the region, and HP rarely is featured on shortlists for MSS. HP has successfully packaged MSS with other infrastructure management services, and clients are generally pleased with service delivery in this context. HP is rarely mentioned by enterprises seeking MSS, unless the customer has an existing service relationship with HP. HP's announcement concerning possible changes to its corporate strategy for the Personal Systems Group (desktop and laptop product lines) should have no deleterious impact on its MSS capabilities in Asia/Pacific. HP has recently added multiple cloud-deployed services to its portfolio, including vulnerability scanning, vulnerability intelligence and endpoint threat management. Pure-play MSSP competitors do not indicate that they encounter HP with any regularity in the Asia/Pacific market.

Strengths

• Global reach of sales and service channels
• Strong brand reputation
• Technical skills and knowledge of SOC staff

Challenges

• Establishing HP MSS as an independent service
• Improving customer service portal functionality

Optimal Use Case

• Enterprises seeking MSS as part of a bundle of IT integration and management services

Rating: Promising

IBM Security Services

IBM maintains three SOCs in India, Australia and Japan. IBM continues to enjoy substantial growth in its MSS business throughout the region. It has successfully leveraged strengths in other markets, such as infrastructure outsourcing and system integration, to add MSS to existing client portfolios. IBM leverages multiple partnerships in the region to sell and deliver services (such as Telstra in Australia). Customers continue to comment on the complexity of the IBM contract and billing processes. Customer satisfaction with service delivery has been mixed; however, IBM continues to invest and seek improvement in service management and delivery across its MSS portfolio.

Strengths

• Integration of MSS with other IBM services
• Continuing innovation and performance in Global Technology Services
• Strong brand recognition and reputation throughout the region

Challenges

• Simplification and streamlining of customer engagement and relationship management processes
• Relatively expensive compared with some competitors

Optimal Use Case

• Multinational organizations that require a global provider with strong vulnerability management capabilities

Rating: Positive

Orange Business Services

Orange is a global provider of managed network and security services. Orange supports CPE and ITC deployment models, including the option for clients to share device management responsibilities with Orange. Orange augments its MSSs with professional services. Clients are generally pleased with the quality and responsiveness of Orange's SOC and field personnel. Although Orange's offering targets primarily larger, multinational corporations, it has enjoyed some success with domestic organizations and SMB clients. The majority of clients for Orange's security services also use Orange for WAN or other network services. Orange has not experienced significant growth in its customer base in the region, but its revenue has increased as clients expand their service portfolios with Orange.

Strengths

• Managed WAN capabilities in nearly every country in the world
• Global reach of sales, marketing and technical services staff

Challenges

• Maintaining a price-competitive service as the market becomes increasingly commoditized
• Increasing the number of clients for security services unrelated to Orange network services

Optimal Use Case

• Multinational enterprises that require MSSs delivered in a consistent manner globally

Rating: Positive

Paladion

Paladion is a small but growing MSSP based in India. In addition to traditional MSS, Paladion offers consulting services focused on security risk assessment, vulnerability assessment and security process assurance. Customers continue to express concerns about Paladion's current size and ability to grow while sustaining acceptable service delivery levels; however, customers also rate Paladion's current performance as very good to excellent. Paladion currently operates two SOCs in India and one in Riyadh, Saudi Arabia. Paladion has leveraged partnerships to set up three additional SOCs in Southeast Asia: in Malaysia with HeiTech, in Indonesia with Anabatics and in Vietnam with iGreen. Paladion is frequently included on shortlists for clients based in India, but it has not established a significant presence in Southeast Asia or Australia. Paladion's management demonstrates a strong understanding of market drivers for MSS in the region and has been effective in structuring specific service packages for multiple industry verticals.

Strengths

• Paladion's professional services staff, who are highly skilled and provide excellent customer support
• The Paladion brand, which is well-recognized in India

Challenge

• Building brand recognition in the region
• Maintaining service quality while expanding geographically and growing its customer base

Optimal Use Case

• Organizations based in India or the Middle East that seek a flexible MSSP, but do not require globally distributed services

Rating: Positive

Seccom Global

Seccom Global leverages the Fortinet multifunction firewall platform to provide the bulk of its services to clients. Clients rate Seccom's service provision as excellent, although a few express concerns about potential service dilution as Seccom continues to grow and expand its regional presence. Seccom has deep expertise in the Fortinet UTM platform, and leverages that expertise to capture significant market share in the SMB markets in Australia. Seccom's plans to introduce an SOC in Hong Kong in 2010 did not come to pass. As a result, Seccom's operations are based in a single SOC in Australia.

Strengths

• Deep knowledge of the Fortinet platform
• Strong customer relationships

Challenges

• Limited SOC facilities, which create barrier to further regional/global expansion
• Multiple MSSPs targeting SMB clients with new services based on UTMs

Optimal Use Cases

• Australian organizations seeking extensive MSSs with a small infrastructure footprint
• Organizations based in the region that need an MSSP with strong capabilities in the management of distributed Fortinet devices

Rating: Positive

Symantec

Symantec continues to grow its MSS business throughout the Asia/Pacific region. Symantec operates two SOCs in the region — in India and Australia. In the past, customers have indicated that Symantec's pricing was above the average market price; however, Symantec's restructuring of MSS packaging and pricing in 2010 appears to have alleviated most of those concerns. The majority of reference clients rate Symantec's service delivery as excellent. Symantec consistently appears on customer shortlists throughout the region. Symantec's service packaging, pricing and marketing message target large, multinational enterprises.

Strengths

• Recognized as a major force in the IT security business globally
• Globally distributed sales force
• Established capabilities embodied in two SOCs in the region

Challenges

• Loss of consulting services
• Lack of transparency to clients regarding service delivery mechanisms

Optimal Use Case

• Multinational enterprises that require MSSs delivered in a consistent manner globally

Rating: Strong Positive

Tata Communications

Tata Communications provides MSSs through two SOCs in India and one in Singapore. The bulk of Tata Communications' customers in the region are located in India. Tata has struggled to gain traction in markets in Southeast Asia and Australia, despite investments in sales and service channels. Tata Communications is rarely included in customer shortlists outside of India, and competitors do not encounter Tata Communications to any frequency outside of India. Although Tata Communications' service portfolio is not characterized by striking innovations, customers rate Tata Communications' services as good.

Strengths

• Structured approach to customer relationship management
• Security expertise of SOC staff
• Competitive pricing

Challenges

• Establish the Tata Communications brand as a security provider outside of India
• Balance low-cost services with innovations to develop a service portfolio with sustainable profitability

Optimal Use Cases

• Multinational companies with significant operations in India
• Asia/Pacific organizations that seek an aggressive price for MSSs

Rating: Positive

Telstra (DMZGlobal)

Telstra offers a variety of MSSs via multiple channels. DMZGlobal (a subsidiary of TelstraClear, Telstra's wholly owned affiliate in New Zealand) provides MSSs for clients in New Zealand. Telstra provides network-based MSSs (for example, DDoS mitigation) to Australian clients of Telstra's network services. Telstra also provides MSSs through IBM/Internet Security Systems (ISS) for customers in Australia. Telstra struggles to develop a coherent strategy and consistent service portfolio and delivery model for MSSs within its geographic scope of operations. Although the services it provides are technically sophisticated, customer satisfaction with service delivery is good to poor, with regular comments about slow responses to service requests. DMZGlobal maintains an SOC in New Zealand that serves customers in Australia and New Zealand, and Telstra maintains a separate SOC in Canberra, Australia, that supports Australian customers of Telstra MSS and IBM/ISS. Telstra's hosting services remain attractive to domestic clients looking to outsource server management that is complemented by security services. Telstra is well-positioned to offer robust ITC MSS to SMB and enterprise clients in Australia.

Strengths

• Telstra's extensive portfolio of network services throughout Australia and New Zealand
• Extensive sales/service presence in Australia and New Zealand
• Strong brand recognition in Australia and New Zealand
• Knowledge of local regulatory requirements

Challenges

• Development and delivery of a coherent, consistent strategy for MSSs that includes all countries targeted by Telstra
• Establishing Telstra MSS as a service independent of Telstra's network services

Optimal Use Cases

• Customers of Telstra's hosting services in Australia that require managed services for application, data and infrastructure security
• Enterprises in New Zealand that require a strong domestic provider of MSSs

Rating: Promising

Verizon Business

Verizon Business is a global communications, IT and security provider with a significant presence in Asia/Pacific. Verizon maintains SOCs in Canberra, Australia, and in Chennai, India. Verizon uses a direct sales model in Asia/Pacific and maintains sales staff in most countries in the region. Verizon offers a broad portfolio of MSSs and consulting services. Verizon has invested heavily in a strong MSS capability with extensive portal features, including versions supporting English, Hindu and Japanese (and other European languages). Despite these investments and improvements in core technical capabilities, customer ratings have slipped to an average of "good." Clients pointed to an increase in service delays and escalation steps as issues inhibiting their enthusiasm for Verizon's services. Verizon offers innovative services, packaging and pricing, and has demonstrated strong abilities to scale their delivery to suit a diverse range of clients.

Strengths

• Security expertise within SOCs and consulting teams
• Strong reputation as a security provider with a flexible approach to service definition and delivery
• Significant security intelligence analysis capability through data provided by Verizon network services
• Competitive pricing

Challenges

• Improving customer satisfaction with service delivery

Optimal Use Case

• Multinational organizations requiring globally and/or regionally deployed security services, and major enterprises requiring managed gateways and support for local SOC development

Rating: Positive

Wipro

Wipro maintains four SOCs in India and one in Malaysia. Wipro has grown into a large, global MSSP with a large customer base distributed across Asia/Pacific, but concentrated in India. Customers consistently rate Wipro's services as very good, but would like to see higher levels of proactivity on the part of Wipro staff in providing or suggesting additional services to the client. Wipro appears regularly on client shortlists throughout the region, and multiple competitors (regional and global) indicate that they encounter Wipro in multiple accounts. Wipro's strengths in system integration and consulting have produced a thorough and effective project management practice that facilitates smooth onboarding processes.

Strengths

• Knowledgeable and skilled staff
• Strong reputation across the region for providing cost-effective IT and IT security services
• Competitive pricing

Challenge

• Balancing growth and expansion into new markets with maintenance of service quality

Optimal Use Case

• Organizations that seek an MSSP with strong ancillary services

Rating: Strong Positive