Table of Contents
- Executive Summary
- Cloud Network Security Sector Brief
- Decision Criteria Analysis
- Analyst’s Outlook
- Methodology
- About Andrew Green
- About GigaOm
- Copyright
1. Executive Summary
Cloud network security solutions provide a suite of security services for single and multicloud environments to prevent unauthorized traffic, access, modification, misuse, or exposure. These security services are managed through a central platform that can define and enforce security policies at a global level.
Cloud environments use virtual networking constructs to route traffic through an organization’s infrastructure-as-a-service environment. Cloud network security solutions integrate with cloud platforms and virtualization solutions to deploy and orchestrate virtual security appliances that provide visibility, control, and security monitoring.
The elasticity of compute and storage services in cloud environments translates to networking, as well. New virtual networking constructs such as virtual private clouds (VPCs) and virtual networks (VNets) can be spun up and down on demand, making it tricky to continuously manage the security policies of these new environments. This is particularly the case when environments are distributed across multicloud or hybrid cloud environments, and even more so when third-party cloud networking solutions can define and configure connections across multiple environments via graphical user interfaces (GUIs) or infrastructure as code (IaC).
Cloud network security solutions improve the security posture. They are not meant to respond to incidents or help with threat hunting. Their purpose is to provide visibility over networking constructs and enforce policies at a global, service, and user level.
A cloud network security solution is not a security appliance. Rather, it is a central orchestration platform that can support visibility and control. These solutions are cloud-aware and vendor-agnostic, meaning they can be used across multiple providers and managed from the same pane of glass. They can insert services such as firewalls and gateways at appropriate places in the network. To do so, they must be able to orchestrate functions, whether native constructs such as an AWS transit gateway, the vendor’s proprietary security functions, or third-party appliances that a customer may purchase. Lastly, these solutions can aggregate and forward relevant logs to the customer’s solution of choice, such as a security information and events management (SIEM) tool or security data lake.
Business Imperative
Organizations with a cloud estate can deploy cloud network security solutions to gain end-to-end control and visibility over their network security posture. This is particularly important for multicloud environments and in instances where both third-party security appliances and cloud-native security services are used concurrently.
Sector Adoption Score
To help executives and decision-makers assess the potential impact and value of deploying a Cloud Network Security solution, this GigaOm Key Criteria report provides a structured assessment of the sector across five factors: benefit, maturity, urgency, impact, and effort. By scoring each factor based on how strongly it compels or deters adoption of a Cloud Network Security solution, we provide an overall Sector Adoption Score (Figure 1) of 4 out of 5, with 5 indicating the strongest possible recommendation to adopt. This indicates that a Cloud Network Security solution is a credible candidate for deployment and worthy of thoughtful consideration.
The factors contributing to the Sector Adoption Score for Cloud Network Security are explained in more detail in the Sector Brief section that follows.
Key Criteria for Evaluating Cloud Network Security Solutions
Sector Adoption Score
Figure 1. Sector Adoption Score for Cloud Network Security
This is the fourth year that GigaOm has reported on the Cloud Network Security space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.
This GigaOm Key Criteria report highlights the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) for selecting an effective Cloud Network Security solution. The companion GigaOm Radar report identifies vendors and products that excel in those decision criteria. Together, these reports provide an overview of the market, identify leading Cloud Network Security offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.
GIGAOM KEY CRITERIA AND RADAR REPORTS
The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and nonfunctional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.