In this blog, Sameh Boujelbene, Senior Research Director for Data Center Switch Ethernet, will share two key takeaways from the OCP Global Summit’22 event related to SONIC adoption and high-speed optics.
In this new blog, exclusively contributing to RCR Wireless, Siân Morgan, Research Director for Wireless LAN market, will explore whether these are the reasons that Wi-Fi 6E adoption has lagged, or whether other factors could be preventing access to the 1200 MHz of spectrum that was supposed to bring us better-performing Wi-Fi.
After being canceled in 2021 and postponed numerous months this year, the 2022 edition of the RSA Conference (RSAC) finally went into the books last week. Perhaps throwing a bit of caution to the wind–we are still in a pandemic after all–I met with nearly 40 vendors, 23 of them consisting of at least a 30-minute conversation and sometimes a couple of hours. In this blog, I summarize three takeaways from my week at RSAC 2022.
Buzzwords starting with ‘S’ keep coming: SWG, SD-WAN, SASE, and now SSE
The industry likes buzzwords that start with ‘S’ for whatever reason. The first ‘S’ came some twenty years ago with the arrival of SWG (Secure Web Gateway). Then came the second, SD-WAN, around a dozen years ago. After that, things were quiet until three years ago, when the third, SASE (Secure Access Service Edge), arrived. And the most recent, SSE (Security Service Edge), emerged last year and was in full view at RSAC 2022.
So why SSE? I blame the pandemic.
The pandemic caused an explosion in remote work that exposed severe inadequacies in enterprise IT networks to handle large numbers of remote workers. Fortunately, a crop of vendors–most with a SWG pedigree–were poised to help with their cloud-based security that was ideal for remote work. But SWG was a twenty-year-old marketing term and no longer cool. So instead, vendors wrapped themselves in the SASE mantel.
Confusion ensued since there were competing narratives by networking vendors, who ironically were primarily SD-WAN vendors and tended to remain more faithful to the original SASE premise of network and security convergence. So instead of picking sides, the industry created a new term, SSE, to let security vendors distinguish themselves. So yes, today’s emerging SSE vendors are, in many instances, yesterday’s SWG vendors. What’s different about SSE than prior SaaS-based SWGs is that now multiple security functions run in the cloud, such as CASB (Cloud Access Security Broker), ZTNA (Zero Trust Network Architecture), and FWaaS (Firewall-as-a-Service).
At RSAC, there wasn’t much talk about SD-WAN, but there was about SASE and SSE. It was humorous to hear certain security vendors sometimes use SASE and SSE in the same sentence as if they were freely interchangeable. On the one hand, they were trying hard to check off all the buzzwords, but on the other, a clear symptom of immature markets.
- Traditional Network Vendors Double Down and Get More SASE
Two stalwarts of the enterprise networking landscape, Cisco and Juniper, introduced updates to their SASE portfolio.
Cisco has had all the pieces to deploy SASE for some time, but there was no substantive integration. At RSAC, they introduced a new strategy to build a tighter integration between the Cisco SD-WAN and SSE (Umbrella) houses through a new unified manager based on the Meraki cloud management platform. Moreover, Cisco intends to sell everything, whether the cloud service or the hardware, as a subscription.
Meanwhile, Juniper has improved its recently introduced cloud-based security platform, Secure Edge. At RSAC, they announced the addition of CASB and DLP (Data Loss Prevention) services to Secure Edge. Like Cisco’s management approach, they also have a unified manager, Security Director, spanning SRX firewall elements and the cloud-based Secure Edge.
Both Cisco and Juniper are taking an interesting approach to SASE. It’s not all in the cloud since the networking/SD-WAN piece is still effectively on-prem, but nor is it disaggregated bag of parts. They’ve provided me with a lot of food for thought that I plan to infuse into my upcoming SASE research.
- Cloud Workload Security Remains a Smorgasbord
Over the last half-year, I’ve been meeting with vendors large and small to understand what cloud workload security, i.e., securing apps/workloads moving to a cloud architecture, means to them. From the onset, things have been cloudy (no pun intended).
On the one hand, we can all agree that the enterprise shift to the cloud is a significant change in IT architecture. The challenges, nuances, and caveats that must be dealt with during the journey from a traditional on-prem legacy app enterprise to a cloud-based, cloud-native app enterprise are significant. It’s a problem-rich environment that has given rise to dozens, if not hundreds, of security vendors.
On the other hand, the marketing most cloud-focused vendors use to describe themselves is on the verge of hyperbole. But it makes some sense why this is. Considering there are so many problems and challenges to solve, there isn’t any one company that solves them all or even close. So in a landscape that still requires many technologies from many vendors to solve most cloud problems, what does an individual vendor need to stand out? That answer is that they lean heavily on marketing and make it seem like they cover more than they do.
At RSAC, I met with a handful of cloud-focused security vendors, which only reinforced my conviction that it is a smorgasbord of products and overly creative marketing and far from being a single product or even a handful of solutions. Some vendors focus on threat detection. Some focus on risk and compliance. Others focus on the identity implications. Others seek to protect container communication. It’s a literal zoo of vendors. However, in this zoo of vendors, there are some emerging delineations.
Give me any cloud-focused vendor, and I’m pretty sure they’ll fit into one of three significant buckets, code security (coding/build security), IaaS/PaaS platform security (ensuring the runtime platform is as secure as possible), and app/container security (runtime security). I’ll be delving deeper into cloud workload security in an upcoming advanced research report. Stay tuned.
While not a numbered takeaway, my parting thought is that after two years of working exclusively via video conference, I’ve concluded that it doesn’t replace face-to-face meetings. There’s a quality and richness that face-to-face brings that current video conference technology fails to replicate. As such, I look forward to upcoming opportunities to engage the security community in person and the next RSAC in April 2023.
I recently had the opportunity to moderate a panel for the Business Innovation Leaders Forum that brought five veteran security executives together to discuss contemporary CISO demands and challenges. On the five-person panel, I had two CISOs at major multi-billion firms, the former Deputy Director of the U.S. National Cybersecurity division, the godfather of Zero Trust, and the Executive Vice President for the cloud and security business at a major telecommunications company.
This blog summarizes five takeaways that stood out from our discussion.
- The COVID pandemic has been both a crisis and an opportunity
The pandemic has been an enterprise crisis. The pandemic compounded the rate of technology and threat change, which was already a source of discomfort for many enterprises. Two key examples are the shift to remote work and the acceleration of enterprise digitalization (the shift and embrace of public cloud for enterprise apps), each of which has thorny security problems to solve.
But the pandemic has also been an opportunity for enterprises. The massive disruption caused by the pandemic has provided the impetus for new ways of looking at security problems and has driven investment that in a non-pandemic environment would not have been possible.
- Enterprise users have and will continue to pose a complex security challenge
If a CISO’s job wasn’t already challenging enough, they need to contend with enterprise users being humans that flourish off three Cs: curiosity, convenience, and comfort. Curiosity will lead to users doing unexpected things that may open security holes. Likewise, users will defeat security measures they find inconvenient. Passwords on a post-it note, anyone? The pandemic-induced need to work remotely has caused many users to appreciate the comfort of working at home and no longer want to commute to the corporate office. Yet, remote work has enormous security implications compared to the traditional office environment.
Rather than fight the users and change behavior, a CISO needs to continually evolve and always look for new security controls that match the current user landscape and behaviors.
- The threat landscape is not only more brutal but innovating faster than enterprises can counter
Not only has the Internet threat landscape gone from being a tough neighborhood to open warfare, but the threat actors are moving at a blinding speed. Threat actors aren’t constrained by processes like enterprise change control, which is valuable in preventing unintended IT instability, but often leads to slow, glacial response during an active attack.
So what’s a CISO to do? While there’s no panacea, the panelists repeatedly remarked on the need to focus on the security fundamentals, like knowing what in the enterprise needs to be protected and developing a solid security plan focused on that needed protection.
- Security vendors are a double-edged sword: New products are distractions, yet relationships are key
The security vendor landscape is highly fragmented, with hundreds of products vying for CISOs’ attention. New products are a dangerous pitfall. Persuasive vendor marketing for new products may lull CISOs into thinking they need the product even though the reality could be the opposite. Unless a CISO is working off the knowledge of what needs to be protected in their enterprise and a robust security plan, a CISO can’t assign security value to any new product.
However, a CISO is not to shirk all vendors. The panel agreed that relationships play an essential role, particularly with those select vendors seen as trusted and willing to listen to the CISO. Bi-directional communication is vital to help vendors develop security controls and technologies that benefit the enterprise.
- Zero-trust is a strategy, not a product: The folly of mixing up strategy and tactics
Among hot industry buzzwords, “zero trust” has been white-hot recently. Vendors of all stripes have applied the buzzword to their products and looking to turn zero trust into a product sale. “Buy my product, and you will have zero trust,” say many security vendors. However, the clear consensus of the panel was that zero trust isn’t a product but a strategy–and a valuable strategy at that.
Putting the value of zero trust aside, this situation highlights how easy it is to mix strategy with tactics. A CISO that buys a “zero trust” product from a vendor may think they are covering all necessary security bases. But, the reality is that this CISO is stuck in the tactics that may or may not align with the strategy that the enterprise needs to follow. A CISO that doesn’t have a coherent strategy – anchored to knowing what needs to be protected and having a good plan – is at best wasting IT budget on products that minimally improve security posture. Still, at worst, creating a false sense of security that eventually will lead to an enterprise being compromised.
There are several more key takeaways from the discussion, and I highly recommend watching the playback. However, if there were a common thread among all, it’s that CISOs face a wide variety of challenges that can only begin to be addressed by a diligent focus on doing the fundamentals right.
Watch the on-demand video:
CYBER SECURITY – MEETING CISO DEMANDS
We’ve just wrapped up the 4Q21 reporting period for Dell’Oro Group’s enterprise network equipment programs, which include campus switches, enterprise data center switches, SD-WAN & enterprise routers, network security, and Wireless LAN. Enterprises include businesses of all sizes as well as government, education, and research entities. The equipment tracked in these programs can be used for wired or wireless data communication in private and secure networks.
Sales Hit Record Level in 2021
Despite a macro-economic environment that continues to be defined by supply constraints, our reports showed a strong rebound in the overall Enterprise Network Equipment market in 2021, following some stagnation in the prior year. Sales jumped 12% year-over-year (Y/Y), propelling the market to a record- level in 2021.
The strong performance was broad-based across all technology segments. Enterprise Routers, Wireless LAN, and Network Security were all up double-digits. In the meantime, Campus and Enterprise Data Center Switches were up mid-to-high single digits. All technology segments hit record-revenue level in 2021.
We have calculated that spending on enterprise network equipment rose by nearly $6.0 B in 2021. Security accounted for 40% of the increase in spending, while campus switches accounted for a quarter of the increase.
We attribute this broad-based recovery to the following:
- Continuing improvement in macro-economic conditions.
- Continuing government spending and stimulus around the world.
- Network upgrades in preparation for workers returning to the office full or part-time.
- Digital transformation initiatives, accelerated by the pandemic, are driving new network requirements and putting pressure on IT managers to upgrade their networks and add different security layers.
- Orders pulled in from future quarters, to mitigate ongoing supply challenges that are adversely affecting product availability, lead times, and prices.
The 2021 robust performance in the Enterprise Network Equipment market was broad-based across all regions, except the Caribbean and Latin America, which was flattish (although showing a significant improvement from the high-single-digit decline registered last year).
Cisco Loses Some Ground — Still Leads the Enterprise Network Equipment Market
The analysis shared in our reports showed no major change in vendors’ ranking. Cisco remains the only vendor with more than 10% share in the market, although the firm lost three points of revenue share in 2021. This share loss was broad-based across all technology segments, except WLAN. In the meantime, HPE Aruba, Palo Alto Networks, Fortinet, H3C, and Arista, gained one point of revenue share, each.
Nevertheless, we would like to note that the vendor landscape continues to be defined by a challenging supply environment and that some of the share shifts witnessed in 2021 may not be necessarily reflective of competitive displacement, but rather the timing of order fulfillment.
Robust Market Outlook for 2022
Despite a challenging supply environment that is expected to persist through most of 2022, Dell’Oro analysts are projecting strong double-digit revenue growth in the Enterprise Network Equipment market in 2022. This optimism is underpinned by healthy outlooks provided by most vendors as a result of increased visibility and robust backlogs. Additionally, ongoing supply challenges will continue to encourage customers to place advance orders, which will have a positive effect on bookings first, then a few months later, on revenues, depending on lead times.
Dell’Oro Group Enterprise Network Equipment research programs consist of the following: Campus switches, Enterprise Data Center Switches, SD-WAN & Enterprise Routers, Network Security, and Wireless LAN.