GigaOm Radar for Enterprise Firewallsv3.0

1. Executive Summary

Firewalls have been a staple of network security for decades, sitting at the perimeter of an organization’s network and using stateful filters to decide which connections to allow in and out of the network. However, modern organizations operate in a profoundly different landscape. The perimeter is no longer easy to define; organizations are more diverse, users are spread out geographically, infrastructure is deployed in multiple locations, connectivity offerings change, bandwidth capability continues to grow—and, of course, the security threat posed to business is more complex than ever.

All of this makes an enterprise firewall a requirement for just about all organizations. However, selecting an appropriate solution can be difficult. Firewalls work at the network layer, and this influences how they are evaluated, requiring an additional focus on performance, flexibility, and scalability, as well as on core features.

Many organizations already have established solutions, and investing in new firewall technology has the potential to be disruptive and complex, especially in larger organizations. But change is almost inevitable as business requirements evolve, especially with regard to connectivity. Organizations are moving toward software-defined wide area networks (SD-WANs) and zero-trust network access (ZTNA), and are increasingly adopting cloud services. Organizations thus need to continually evaluate their security strategy, to ensure their solutions meet evolving infrastructure demands. Solutions must not only maintain a high level of perimeter security, they should also enable more flexibility and productivity, as well as support efforts to drive modernization and innovation.

Today, enterprise firewalls must be multifunctional to deal with the range of potential threats. They should be flexible and support both on-premises and cloud deployments. They should apply intelligence, using analytics and threat information, potentially augmented with AI/ML, to enable the rapid identification and mitigation of threats. They should support newer types of connectivity, such as SD-WAN, and additional security models, like ZTNA, to ensure secure connections. Moreover, firewalls are increasingly seen as part of a larger cloud-based security drive around the secure service edge with technologies such as secure service edge (SSE) and secure access service edge (SASE).

The increasing adoption of cloud services is reflected in the solutions from the leading vendors in this space. On the one hand, there are several SaaS-based vendors that are amalgamating firewalls into cloud-based services like SSE and SASE and, on the other, many well-known and established vendors are building SSE and SASE into their offerings as an extension of their firewall solutions. In fact, there is increasing overlap between these approaches. Thus, to avoid our own overlap with existing reports in the SSE/SASE space, this report focuses on vendors that can provide specific enterprise firewall solutions as standalone offerings. This can include SSE/SASE vendors as long as the firewall element can be purchased and deployed as a standalone solution.

This is our third year evaluating the enterprise firewall space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.

This GigaOm Radar report examines 14 of the top enterprise firewall solutions and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the market, identify leading enterprise firewall offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.