GigaOm Radar for Enterprise Firewallsv2.0

1. Executive Summary

Firewalls have been a staple of network security for decades, sitting at the perimeter of an organization’s network and using stateful filters to decide which connections to allow in and out of the network. However, modern organizations operate in a profoundly different landscape. The perimeter is no longer easy to define; organizations are more disparate, users are spread out geographically, infrastructure is deployed in multiple locations, connectivity offerings change, bandwidth capability continues to grow—and, of course, the security threat posed to business is more complex than ever before.

All of this makes an enterprise firewall a requirement for all organizations. Selecting an appropriate solution can be difficult. A firewall is a tool that works at the network layer, and this influences how they are evaluated, requiring an additional focus on performance, flexibility, and scalability, as well as on core features.

Moreover, many organizations already have established solutions, and investing in new firewall technology has the potential to be a disruptive and complex task, especially in larger organizations. But change is almost inevitable as business requirements evolve, especially in areas such as connectivity. With a move toward software-defined wide area network (SD-WAN) and zero-trust network access (ZTNA) strategies and migration to the cloud, organizations are seeking vendors that better fit their cloud strategy. The right solution needs to maintain a high level of perimeter security, and it may also help organizations drive more flexibility and productivity and support efforts around modernization and innovation.

Today, enterprise firewalls must be multifunctional to deal with threats. They should be flexible in deployment and support both on-premises and cloud demands. They should apply intelligence, using analytics and threat intelligence, potentially augmented with AI/ML, to help organizations rapidly identify and mitigate threats. They should also support newer types of connectivity such as SD-WAN and additional security models like ZTNA to ensure secure connections. These functions are essential, as an enterprise firewall is usually the first line of defense for any organization, and solutions must be effective in protecting organizational assets.

The market is primarily filled with well-known and established vendors. However, solutions are evolving. SaaS-based services and the amalgamation of firewalls into cloud-based services like secure service edge (SSE) and secure access service edge (SASE) is creating some overlap within these markets. Thus, to avoid our own overlap with existing reports in the SSE/SASE space, this report focuses on vendors that can provide specific enterprise firewall solutions available as standalone offerings. This can include SSE/SASE vendors as long as the firewall element can be purchased and deployed as a standalone solution. Additionally, this report looks at capabilities across a range of firewalls and is not focused on any specific type of firewall.

This is our second year evaluating the enterprise firewall space in the context of our Key Criteria and Radar reports. This report builds on our previous analysis and considers how the market has evolved over the last year.

This GigaOm Radar report examines 11 of the top enterprise firewall solutions and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the market, identify leading enterprise firewall offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.