Last month, Carlos Rivera and I published The Forrester Wave™: Enterprise Firewalls, Q4 2022, featuring our analysis of 10 firewall vendors. These include, in alphabetical order:

  • Barracuda Networks
  • Check Point Software Technologies
  • Cisco
  • Forcepoint
  • Fortinet
  • Juniper Networks
  • Palo Alto Networks
  • SonicWall
  • Sophos
  • WatchGuard

Conducting a Wave evaluation is an intense process for both the analysts and the participating vendors. Now that it’s published, I feel compelled to wax poetic and cough up some reactions.

The Foundational Network Security Technology

The firewall is the original granddaddy of all network security controls. And like an old Timex watch, they’ve taken a licking and keep on ticking. As much as we, and everyone else, talk about Zero Trust and perimeter-less, identity-based architectures, the enterprise firewall market keeps on expanding. Anyone trumpeting the obsolescence of this tech is going to have wait a lot longer before they call its time of death.

Interestingly, I thought that the COVID-19 pandemic that began during the previous iteration of this Wave would have shrunk the market as security pros pivoted to securing a remote workforce. But the enterprise firewall vendors all reported significant growth in the past year, even though the employees who left the perimeter en masse two years ago have yet to return. In our pre-Wave report, Now Tech: Enterprise Firewalls, Q2 2022, the average jump in firewall-associated revenue was 26% year over year.

The “big” firewall vendors have gotten much bigger than the smaller vendors. Honestly, some of the reported (confidential) revenue numbers here are eye-popping, but the smaller vendors did alright as well, with many reporting double-digit growth (even before inflation sharply increased).

Enterprise Firewalls Take On The Security Skills Gap

The primary theme we detected during our evaluation is that the vendors in the firewall market recognize that their customers (ahem, that’s you) are struggling to find and retain skilled network security techs to even configure and maintain this equipment, much less perform sophisticated event analyses and disciplined incident response. To fill this gap, vendors are taking three different approaches:

  1. Throwing their own people at the problem. Many of the vendors offer a mix of complementary after-market services such as incident response and managed detection and response. We analyzed these capabilities in our Wave’s incident response and supporting products and service criteria.
  2. Throwing other people’s bodies at the problem. A managed services provider (MSP) or managed security service provider (MSSP) can manage the security policy for the vendor’s customer (that’s you), and the vendors are increasingly building their solutions with the MSP/MSSP in mind. The majority of vendors have MSP-friendly centralized management portals, where the partner can log in once and then manage the policies of any of their clients. The vendors are also increasing their business focus on working with the MSP community. We evaluated each vendor’s approach in our Wave’s partner ecosystem and supporting products and service criteria.
  3. Investing in artificial intelligence. In previous years, the vendor community touted artificial intelligence as a security skills gap solution. But aside from mouthing the phrase “machine-learning models,” they were unconvincing in their pitch. This year was different: Several of the Wave entrants fielded data scientists or data science teams and credibly discussed their training, models, and the avoidance of false positives. We evaluated the vendor’s AI claims in our Wave’s efficacy criterion.

You can read more about each of these criteria and view each vendor’s strengths and weaknesses in our Wave report. Forrester clients, please reach out to schedule guidance sessions or inquiries with Carlos or me to discuss our findings.