"If you look at what Visa and these other card companies have said, caching secure content is a key component of meeting the requirements," said Taylor. "In the quest for performance sometimes people let security take a back seat, but clearly it can come back to bite you, so we're trying to deliver both pieces of the equation and make it as simple as possible for our customers to do business."
Symphoniq sees an opportunity
At Symphoniq, company officials are now marketing the firm's Real User Monitoring Web applications performance measurement service as an ideal way to head off potential attacks carried out against online transactional systems, including e-commerce sites.
Architected to help companies understand what the in-the-browser experience is like for users of their online systems, Symphoniq is now pitching the product's ability to sniff out attempts to break into online applications to steal data, carry out fraudulent transactions, or launch attacks such as cross-site scripting threats.
"The customers are trying to solve these problems by adding a lot of security devices and applications into the pipeline, which is having a huge effect in some cases on the performance and reliability of the applications themselves, so we are being asked to do more around security," said Hon Wong, chief executive of Symphoniq.
"Without ever touching the code of the applications themselves, we can provide end-user monitoring that catches any bad transactions, and then trace that down to a specific user session, which is a lot less intrusive," he said. "Many companies are struggling to balance security and performance issues for their applications, so it's a clear opportunity for those of us on the delivery side to get involved."
In addition to selling its tools directly to end-users, Symphoniq is also marketing its technologies through partnerships with others in the space, including F5 Networks, a maker of applications delivery network appliances.
"This is a natural progression for this industry," said Ed Colonna, vice president of marketing at Symphoniq. "These companies can't spend all of their time trying to decompose the haystack to find the needle that is getting in the way of performance, and I think a lot of companies don't fully understand the effect that today's layered security environment has had on the way their applications behave."
Industry watchers said that the push by applications delivery providers into the security space is unsurprising as the vendors have a unique vantage point into the infrastructure that attackers are increasingly attempting to target with their malware.
The movement is similar to the ongoing drive by large telecommunications carriers and Internet service providers to offer more network-based security services that tap into their widespread network intelligence capabilities and attempt to head off threats further upstream, said Andrew Jaquith, an analyst with Yankee Group.
"The applications delivery specialists see this as an extension to their business, the question will be whether they can create something enterprises want to buy," Jaquith said. "Companies like Akamai know a gravy train when they see one, and this could be an opportunity for them to peel off a little extra revenue."
Much like carriers, however, the analyst said, applications delivery companies eager to get into the security market need to understand that they may be forced to sell into different constituencies within their customers than those that they currently do business with.
Another challenge for the vendors is that security and compliance interactions often mandate on-site work, something that the companies may be less interested in based on the related overhead expenses, he said.
"These companies could have the same problems that carriers are experiencing in terms of targeting the right people to sell their technologies to inside the enterprise. Compliance isn't really a network operations issue, for instance, it's more of a security and legal issue," said Jaquith.
"And with anything related to security and compliance you often need to get your hands dirty on-premises," he said. "It will be interesting to see if that's something that these companies want to pursue."