The network security forecast is cloudy, and that's not a bad thing if you're to believe what analysts are saying at this week's Gartner IT Security Summit.

Gartner predicts that by 2008, carriers like AT&T, Verizon, MCI and others will operationalize security functions like firewalls and intrusion detection into routers and switches, leaving enterprises to concentrate on identity and access management and other security duties away from the perimeter. By extending security to the Internet cloud, denial-of-service attacks, for example, never reach the gateway.

"We would take what an MSSP does and mesh that with our infrastructure so that the service provider and carrier becomes one," said AT&T CISO Ed Amoroso.

CISOs, meanwhile, will still have network responsibilities like setting policy and aligning policy with an enterprise business model. They'll be alleviated of costly signature updates and license renewals.

"Carriers and ISPs will provides these services for you," Gartner research director John Pescatore said.

While this boils down to essentially outsourcing these services to carriers, enterprises may be skeptical about doing so until auditors are satisfied.

The link for this article located at SearchSecurity is no longer available.