Post-Pandemic Work from Anywhere and Digitization Initiatives to Fuel Strong Demand

We just published the latest edition of our 5-year forecast for the Network and Security and Data Center Appliance (NSDCA) Market that spans Firewalls, Secure Web Gateways, Email Security, IDS/IPS, Application Delivery Controllers, and Web Application Firewalls. A year ago, we debated the effects of the US and China relationship and Brexit on the market, but this year all attention is on the COVID-19 pandemic. The pandemic is reverberating through the market with both near-term and long-term consequences.

Near-term, we see overall NSDCA market growth muted that will only attenuate as societies turn the corner on the pandemic. We forecast the market will post meager growth of just 2% year-over-year (Y/Y) in 2020. Historically, the total market has been averaging 7% to 9% Y/Y growth. Fortunately, we believe the market will begin reverting to more robust growth in the latter half of 2021 as vaccination against COVID-19 ramps up.

We project post-pandemic growth to be stronger than what we predicted pre-pandemic in January 2020 and rise from $17.6B in 2020 to $28.8 B in 2025, representing a 10% five-year compound annual growth rate. The key difference from a year ago is the pandemic’s expected long-term effects on how businesses operate:

• The Work Anywhere Workforce – The pandemic substantially increased the ranks of teleworkers as many people worked from home in compliance with state and local government health mandates. While some workers are beginning to return to corporate offices, we believe that many will continue to telework post-pandemic, whether full- or part-time. According to our analysis relying on US Bureau of Labor Statistics data, 10% of the US workforce worked remotely pre-pandemic. We anticipate that post-pandemic, 20% of the total US workforce will work remotely. On a global scale, we foresee similar dynamics.
• The Fully Digital, Multi-cloud, Mobile user-friendly Enterprise – The pandemic forced businesses from paperwork and handshakes to digital documents and online transactions. While the multi-year journey of enterprises to be fully digital was well underway before the pandemic’s arrival, it accelerated upon its onset. We see this momentum continuing post-pandemic.

Though a rising tide lifts all boats, in our report, we dig into the details on how cloud-friendly technologies will rise faster than on-premise technologies post-pandemic.  For example, the Firewall segment, representing over 50% of the overall market, is not expected to match our pre-pandemic forecast. We do expect the Firewall segment to rebound, but not as strong as other segments. The Firewall segment has traditionally been biased towards physical appliances and on-premise corporate deployments.  We see physical appliances playing a shrinking role in the market as enterprises move to virtual and software-as-a-service embodiments.

About the Report The Dell’Oro Group Network Security & Data Center Appliance market 5-Year Forecast Report offers a complete overview of the industry with tables covering manufacturers’ revenue for Firewall, Secure Web Gateway, Email Security, IDS/IPS, Application Delivery Controller, and Web Application Firewall product segments. Each of these segments is further split by Physical, Virtual, and SaaS (Software-as-a-Service) form factors. Manufacturers’ units shipped and average selling price is provided for the Firewall and Application Delivery Controller segments. To purchase this report, please contact us by email at dgsales@delloro.com.

 

As we arrive at the end of 2020, it’s a good time to look at the forthcoming year. We assume that 2021 won’t surprise like this year, and we’ll be able to start returning to pre-pandemic routines. On a global scale, most things will return to the way they were, but some may not. The same is true for the network security market, where we predict two new trends and a return of a historical one:

1 – From Work at Home to Work Anywhere Securely (New)

Before the pandemic, few business leaders imagined running their entire business with a remote workforce, let alone plan or invest in one. Fortunately, the bottom didn’t fall out when their employees had to stay home to help stem the spread of COVID-19. Many businesses found that productivity didn’t suffer, and in some cases, improved. While some employees may never adjust to a life where the line between personal and work life is fuzzy, for many it has been empowering change, and they have no desire to go back into an office.

Enterprises are taking notice. Progressive ones, like Nationwide Insurance and Twitter, have already announced that most, if not all, employees never need to come back. Most businesses now see that remote work isn’t a liability but an asset.

In 2020, many enterprises were forced to cobble together a work from home solution. These solutions weren’t meant to be permanent. In 2021, we see enterprises making “work anywhere” a formal business goal and begin making long-term changes and investments.

Security vendors have already been responding with new cloud-based solutions that bring together networking and security in what is being billed as SASE (Secure Access Service Edge) solutions. Early adoption of SASE has started, and 2021 may be the first year it becomes mainstream.

2 – Cloud-Centric Security Will Continue to Grow Faster than Overall Market (New)

During our 2020 interviews with state VARs, we heard how digital, multi-cloud, and mobile user-friendly enterprises weathered the pandemic better than those that were not. Because of the pandemic, enterprises that were already investing in IT transformation accelerated, while those that had not started finally began their journey. The numbers we track bear this out.

We track the network security market not just by product segments but also by form factor. We follow three form factors, Physical Appliances, Virtual Appliances, and Software-as-a-Service (SaaS). We consider Virtual Appliances and SaaS to be the two form factors to be most cloud-friendly and at the heart of cloud-centric security deployments.

While we expect the overall network security market to return to high single-digit growth in 2021, we expect both Virtual Appliance- and SaaS-based network security to grow north of 20 % in 2021, or more than twice as fast as the overall market.

3 – Firewall Revenue Will Rebound (Historical)

Historically, Firewall revenue has been growing on average nine to ten % every year. In 2020, Firewalls are on a path to squeeze out just 2 to 3 % growth. Considering the Firewall segment is a $9 B market and nearly four times bigger than any other security segment we track, any sluggishness quickly impacts overall market numbers.

Most firewall sales – in particular, physical firewalls, which account for 95% of the Firewall segment by revenue – are part of a broader network infrastructure purchase together with network switches and routers. Early on in the course of the pandemic, many enterprises halted network expansion projects, which naturally led to the deceleration in Firewalls we saw in 2020.

In 2021, we expect the Firewall segment to rebound and return closer to historical growth rates for the following two reasons:

• Need for greater capacity – 5G networks and increasing popularity of 100G/400GbE over 10G/40GbE or 25G/100GbE with cloud and telco service providers drive the need for faster, more scalable Firewalls. High-End Firewalls will stand to benefit.
• New features and use cases – Over time, Firewall vendors have proven adept in maintaining customer relevancy with support for new features and use cases. We see this continuing in 2021 with an expansion of Low End and Midrange Firewalls into SASE.

Across all three predictions, we hold a generally optimistic view towards 2021. We feel our bias is well warranted considering the high priority security investments have held in enterprise budgets due to the threat landscape remaining as thorny as ever.

 

Over the last year and a half, VMware has been aggressively bolstering its network security capabilities, whether with the acquisition of Velocloud (Nov. 2017), Avi Networks (June 2019), Carbon Black (Oct. 2019), Octarine (May 2020), or Lastline (June 2020).

Today, VMware took another significant step with its new Secure Web Gateway(SWG)/Secure Access Service Edge (SASE) solution in collaboration with Menlo Security and expanded partnership with Zscaler.

In the last couple of months, I had the opportunity to sit down with senior VMware and Menlo Security executives to understand direction and aspirations. As I look back at today’s announcement against those conversations, three key takeaways come to mind:

1. VMware has strong fundamentals to deliver cloud-based security with Velocloud

We expect the physical appliance market for network security to decline 5% this year according to our data. Meanwhile, the virtual appliance and SaaS (i.e., cloud-based) markets for network security will grow 6% and 27%, respectively. 2020 is trending to be the first time the physical appliance market does not grow while virtual and SaaS markets do. The ongoing pandemic has hit the physical appliance market in two ways, by decelerating physical infrastructure projects and accelerating preference for cloud-delivered security.

VMware is banking on its Velocloud business unit to provide the platform and know-how to excel in the cloud-based network security space. Since its founding in 2012, Velocloud has been perfecting how to deliver cloud-based SD-WAN solutions over an ever-increasing global footprint, now with over 2700 cloud gateways across 130 points of presence (POPs). I believe the experience and knowledge gained from their SD-WAN solution will translate well to running a network security application, like SWGs. While Velocloud’s global network size may not be on par with Akamai or Cloudflare, two content-delivery/edge-compute vendors who are also entering the SWG space, they are on par with direct competition, such as Cisco Umbrella or Zscaler. With time we can expect that Velocloud’s scale will continue to increase, but even today is already a suitable foundation for delivering cloud-based security.

2. VMware needs to own the SWG, but until then, a partnership with Menlo Security is a good bridge on the journey to SASE

According to our data, the Secure Web Gateway market has been on a tear recently, growing 17% Y/Y in 1Q20 and 14% Y/Y in 2Q20. We expect it to close out the year with 15% Y/Y growth. This growth is remarkable, considering the challenging market environment created by the pandemic. For example, we expect the firewall market to post low single-digit Y/Y growth for the full year 2020, which has not happened since the great recession of 2008. With SWGs hot and firewalls not, VMware is the latest vendor to enter the SWG market in partnership with Menlo Security.

Menlo Security was founded in 2014 and is a late-stage startup that we started tracking here at Dell’Oro recently. Only this year did they begin introducing feature sets, such as CASB (Cloud Access Security Broker) and DLP (Data Leakage Prevention), for them to qualify for our SWG tracker. Most of their history, they’ve been better known for their work in web and email isolation technology and products.

I believe a vendor should directly own all core technology and expertise for their solutions in a perfect world. However, I see the partnership between VMware and Menlo Security a good bridge since making any acquisition takes time, and time is of the essence for VMware. Moreover, Menlo Security isn’t an unproven, early-stage startup, but also not so large to immediately give rise to competitive or strategic direction challenges. It remains what VMware is planning long term – I have no direct knowledge – but I stand by my assessment that VMware should own all the core technology, in particular, to improve the chance of success for the emerging SASE market. I’m currently working on a SASE Advanced Research Report and, in a future blog will hit on some of the key takeaways.

3. VMware hedging bets by keeping Zscaler close

On the one hand, VMware announced their intent to enter the SWG market today, but on the other, they also announced extending their strategic partnership with Zscaler. According to our data, Zscaler has been growing aggressively in the SWG market, as evidenced in 2Q20 with a 19% market revenue share and overtaking Cisco (Umbrella) for the #2 market spot. If they continue current growth velocity, they may take the #1 position before long.

VMware recognized that Zscaler isn’t going away, and customers will continue to seek best of breed deployments, with Zscaler owning the SWG and VMware owning SD-WAN. Few details were released on how VMware and Zscaler will further integrate, but on the face, I see a détente between both vendors, all aiming to reduce thrash near-term.

In summary, VMware continues to deftly expand its sphere of influence in the network security market, and we will be watching their developments with keen interest.

 

I had the opportunity to attend Juniper’s annual analyst event held on September 15 and 16. During the two-day affair, Rami Rahim, CEO of Juniper, and his staff reviewed Juniper’s business and technology strategy. They were joined by a cadre of customers telling their story to why they chose Juniper. I also had the opportunity to sit down one-on-one with Samantha Madrid, VP of Security Business & Strategy and owner of Juniper’s security business, to dig deeper into their security strategy.

As I look back at the event from a network security purview, I see Juniper making three bets on growing security market share.

1. All Network Infrastructure is Security Infrastructure

Juniper seeks to position its entire product portfolio as part of its security vision and solution. They argue that security doesn’t stop at the network security solution, say a firewall, but extends to the total network footprint. They equally see the data center, WAN, and enterprise campus network infrastructure participating in their “Connected Security” security vision. Participation by the network infrastructure is two-fold. On the one hand, as a source of security telemetry, such as who is connected and where. On the other hand, as an enforcement point, where surgically precise remediation action can occur.

This bear hug of all infrastructure is a wise move by Juniper. According to recent revenue data in Dell’Oro’s routing, switching, and security reports, Juniper’s network security market share is nearly five times smaller than their routing market share and 50% smaller than their switching market share. Juniper is looking to leverage its more substantial non-security areas for the benefit of the security sales conversation.

2. Ease of Use Still Matters

Most, if not all, network administrators will say they feel like an unsung hero in their IT organization. When the network works, rarely does the network administrator get congratulated. But when it does go down, fire and brimstone readily come raining down. This means that network admins are eager for solutions to help keep the network going.

During the customer fireside chats, Juniper had the network director from a US municipality tout how Juniper’s SRX firewall solution had facilitated a significant reduction in the number of rules compared with their previous vendor. This customer further detailed their satisfaction with the day-to-day management environment spanning physical appliances on-prem and virtual appliances in the cloud.

Focusing on ease of use is never a bad bet. All too often, security solutions turn into science experiments that are more pain than gain.

3. Cloud-Based Security is the Future

Our data shows that we are at an inflection point in the network security market regarding form factor preference and market direction. We track three form factors in our network security program: physical appliances, virtual appliances, and SaaS (Software as a Service). Until recently, all three form factors were on a growth trajectory. However, due to the pandemic limiting physical infrastructure projects and a growing customer preference for cloud-delivered security, we expect the market in 2020 for physical appliances to decline 5%. The virtual and SaaS form factors will grow 6% and 27%, respectively.

Juniper sees the same writing on the wall and looks to pivot the cloud to a greater degree. Most of Juniper’s competitors have already entered the SaaS-based network security market (e.g., Secure Web Gateways). While no SaaS-based solutions were announced during the analyst event, the Juniper team made it abundantly clear that their direction was cloud-based and to expect future product announcements.

In summary, Juniper is making common sense bets, and we will be watching their developments with great interest.

To learn more about Dell’Oro Group Network Security and Data Center Appliances market research program, please check out the Network Security page for more information.