Even as the economy experienced further wobbles to start off the year, the activity among cybersecurity companies showed few signs of a slowdown — particularly for those who are considered top vendors in the SASE market, such as Check Point, Cisco, Palo Alto Networks and Zscaler. SASE, or secure access service edge, has continued its surge amid the critical need for many businesses to provide their distributed workforce with secure access to corporate applications and resources.
[Related: Palo Alto Networks CEO Nikesh Arora On SASE, AI And Why Partners Are ‘More Important’ Than Ever]
Total revenue in the SASE market jumped 34 percent in 2022 to reach $6 billion, according to figures from Dell’Oro Group. It marked the third year in a row when year-over-year growth in SASE revenue surpassed 30 percent, the firm reported. With the arrival of hybrid workforces and an increasing reliance on cloud-based SaaS applications, SASE aims to be a more-secure and more-manageable access solution for today’s businesses. In part, this can enable replacement of VPNs with remote access systems that are based on zero trust principles, which are harder for attackers to exploit.
Gartner — whose analysts coined the term SASE in 2019 — points to five key capabilities that should be a part of any SASE deployment: SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), next-gen firewall (NGFW) and zero trust network access (ZTNA). Together, those capabilities enable “zero trust access based on the identity of the device or entity, combined with real-time context and security and compliance policies,” and can provide this secure access whether workers are in the office or working remotely, according to Gartner.
While not all SASE vendors have been left unscathed by the economic environment — Zscaler disclosed a 3-percent layoff round early this month, for instance — other SASE providers including Cloudflare and Palo Alto Networks have noted that they haven’t seen a need to shed staff so far. Anecdotally, SASE providers would seem to be among the best examples in the tech industry of companies that are proving resilient through this downturn, thanks to a product set that is still getting customers to open their wallets.
In terms of major moves by SASE companies during the first quarter of 2023, a number of vendors introduced new product capabilities for their SASE platforms, while one vendor announced a big acquisition to expand its offering in the space. And notably, two vendors poached channel executives from rival SASE providers, to serve as their new channel chiefs, during the initial months of the year.
What follows are details on some of the big moves by 10 top SASE companies in Q1 of 2023.
Originally known as an SD-WAN specialist, Aryaka has expanded in recent years to become a provider of a full SASE platform, including through its 2021 acquisition of Secucloud. Aryaka says it was the first vendor to offer a true zero trust wide-area network leveraging a “unified SASE architecture.”
On Wednesday, Aryaka made its next big move by unveiling a SASE offering targeted at small and medium-sized enterprises. The managed offering aims to provide SASE and SD-WAN that ensures both security and performance while also being affordable for smaller enterprises, the company said.
The SASE and SD-WAN offerings for small and medium-sized enterprises also represent a strong revenue opportunity for channel partners, particularly those that are looking to expand into new industry verticals or markets, Aryaka said in a news release.
The Cato SASE Cloud brings together Cato SD-WAN with Cato SSE 360, the company’s cloud-native security service edge offering. In 2022, Cato Networks’ annual recurring revenue surpassed $100 million, the company disclosed.
In January, the company announced that channel veteran Frank Rauch (pictured) — formerly of the channel chief at companies including Check Point and VMware — has joined Cato as its global channel chief. Cato Networks does 100 percent of its business through the channel and is well-known to partners, especially those that are making the connection between security and SD-WAN, Rauch told CRN.
Check Point Software Technologies added a key piece to its SASE platform with the debutof its in-house SD-WAN offering in February. The SD-WAN “software blade” in the Check Point Quantum Gateways platform will enable both strong security as well as optimal performance for internet and network connections, according to the company.
Taking the time to develop its own SD-WAN in-house will ultimately pay off, thanks to the tight integration that Check Point is able to offer with the network gateway, Check Point co-founder and CEO Gil Shwed told CRN. “We worked on that for a long time,” Shwed said. “We really needed to make sure that the security and the [SD-WAN] actually work together very, very closely. We use the same engine to classify the traffic. We use all the same management to build that together. This is a really, really tight integration within the same gateway.”
Meanwhile, Check Point also announced in Q1 that it has brought aboard a new executive to lead its product strategy going forward. The company announced Feb. 28 that it has hired Nataly Kremer (pictured), a longtime R&D leader at AT&T, as its new chief product officer and head of R&D. Kremer had spent the prior 12 years with AT&T, where she headed the company’s software and delivery group and served as general manager of its Israel R&D center. Longtime Check Point Chief Product Officer Dorit Dor has moved into the role of chief technology officer.
During Q1, Cisco announced an extension of support on its SASE platform to additional parts of its portfolio. Cisco’s single-vendor SASE platform, Cisco Plus Secure Connect, had already been available with support for Meraki SD-WAN — but in February the company announced it’s now available with support for the Cisco SD-WAN (Viptela) solution.
“I think our partners will really appreciate understand [that] we’ve integrated web security controls into our Cisco Meraki solution,” said Tom Gillis (pictured), senior vice president and general manager of the Cisco Security Business Group. “That’s something our partners have enjoyed huge success with — taking that very deeply in our market. And so it’s super easy to add URL filtering, anti-malware capability, all from that Meraki dashboard, where it’s just easy to deploy this stuff, easy to consume … If you’re a Meraki customer, it’s just in your Meraki dashboard. If you’re a Viptela customer, you’ll get the same capability that’s cross-launched into your Viptela dashboard.”
In January, Cloudflare added another key piece to its its SASE platform, Cloudflare One, with the introduction of its Magic WAN Connector. The software-defined solution can be utilized for securely connecting businesses to the web, the company said. With the addition of Magic WAN Connector, “Cloudflare One is now a true integrated SASE security and networking solution,” the company said in a news release.
The rollout follows the company’s announcement, last June, of the Cloudflare One Partner Program, which aims to enable channel partners such as resellers and system integrators to more effectively deliver Cloudflare’s SASE platform to customers. During Cloudflare’s recent quarterly earnings call, co-founder and CEO Matthew Prince noted that “channel remains a big opportunity for us.”
“I think that we’re seeing both the traditional resellers as well as some of the [global system integrators] that are increasingly adopting Cloudflare,” Prince said, pointing to the company’s zero trust-focused portfolio as “the big opportunity here.”
“Those are very much products that oftentimes we are winning [customers] in cooperation with the channel partner. And those initial wins help unlock future wins going forward,” he said.