Gartner expects the main customer response will be to forgo some spending for the next quarter or so. The rebound of 2016 will be due to a combination of deferred purchases realised in 2016 and the stabilisation of currency exchange rates from 2016 onward.
Growth in the enterprise content-aware data loss prevention (DLP) market will see constriction of growth of 4 percent to 5 percent through to the end of 2019.
Gartner market share data shows the stable performance of the top vendors in this segment in 2014. Given the rise of channel DLP (C-DLP) and "DLP lite" solutions, Gartner expects that the market will not exhibit such strong growth in its current form in coming years.
Most established vendors in this space are transforming the way they deliver comprehensive DLP capabilities, and this transition period will likely impact growth in coming years.
Through to the end of 2020, fewer than five percent of network security vendors will gain traction in the endpoint protection platform (EPP) market.
EPPs demonstrate the desire by organisations to have as few agents as possible on endpoints. Additional agents incur greater risk of interfering with applications, complicating support resolution with additional alerts, and having to update and deploy products.
In most cases, EPP and network security have unique buying and operations centres with different selling channels.
Historically, there are few exceptions of vendors having success that crosses the endpoint/network operations line (other than VPN agents), but there are many examples of vendors withdrawing from the other market.
Fewer than 5 percent of organisations with more than 500 employees will purchase unified threat management (UTM) solutions for their branch offices by 2019.
Enterprise firewalls and UTM remain distinct products and markets, and despite their lower price point, the demand for UTM appliances will continue to be restricted to the small or midsize business (SMB) market.
Gartner expects enterprises to predominantly continue to use routers and Multiprotocol Label Switching (MPLS) links to connect their smallest branches to regional centres.
By 2018, 85 percent of new deals for network sandboxing functionality will be packaged with network firewall and content security platforms.
For the past three years, lean-forward organisations have been wary of an advanced-threat environment in which bad actors innovate faster than traditional blocking mechanisms, such as firewalls, intrusion prevention systems (IPSs) and secure Web gateways, can react.
In response, the most widely adopted advanced-threat detection technique deployed is network malware sandboxing, which has appealed to well-staffed incident response teams.
Recently, several high-profile breaches have broadened the perceived need for zero-day malware detection in a sandbox, but it can increase costs for the midsize or understaffed security client. Incumbent security platform vendors introduced less costly, often cloud-based, malware detonation sandboxes as platform extensions.