Cloud will be used to deliver 10% of enterprise security capabilities by 2016.
Gartner predicts that growth of cloud-based security services will overtake traditional on-premises alternatives within the next three years.
According to Gartner, cost reduction, flexibility of deployment across multiple IT environments, and fast implementation and product updates are major factors driving demand.
Gartner said the growing importance of public clouds, along with increasing cyber threats on private and public infrastructures may result in the US governement declaring them a critical national infrastructure.
"The popularity and increased adoption of cloud-based security services, albeit at different degrees, will influence the shape of future security marketplaces," said Gartner research director Ruggero Contu.
"Deployments of virtualization are expected to impact future network security capabilities, which are expected to be based increasingly on virtual security appliances," Contu said.
"The biggest opportunities currently center on areas such as messaging and Web security, as well as remote vulnerability assessment.
"However, as maturity evolves a wide variety of security offerings will emerge, such as data loss prevention (DLP), encryption and authentication, to be increasingly available in the cloud."
Public cloud infrastructure is expected to be governemnt mandated by the US by 2016.
Gartner also predicts that by 2015, 20% of the VPN and firewall market will be deployed in a virtual switch on a hypervisor, rather than on a physical appliance.
Gartner research director Eric Ahlm said growth in the firewall market could come from virtual players.
"To date, the virtual firewall market has been limited to data-center-class firewalls, which make up the minority of the total firewall market," Ahlm said.
"A push from the virtual providers to bring their technology to the edge could be a key accelerator to the virtual switch market growth."
"Enabling the key benefits of virtualized servers, while not compromising security, is becoming a key requirement for network data-center-class firewalls while transportability of network firewall controls outside of a customer's data center to a third-party provider is essential to customers using these providers for more critical systems."