This post was originally published here by Rich Campagna.
Firewalls have been a stalwart of enterprise network security since the late 1980’s. The technology has evolved considerably in the ensuing decades, though the basic premise has remained the same – create a barrier or safeguard between internal networks and external networks. The term “network” is the operative term here – a firewall is only useful when traffic actually flows through it. That’s true whether the firewall takes the form of a physical appliance or a virtual appliance.
So what happens when a user on their personal mobile device connects from a home network to Office 365 or Salesforce? That increasingly common cloud-to-mobile traffic goes direct, bypassing the firewall, and any of the myriad of other security solutions layered behind the firewall.
This massive, unstoppable shift leads one to wonder – how long is it until we reach a time when the firewall market begins to decline? What is the time to firewall zero? Market size and share data is a big business, and the overall consensus amongst analysts is that the multi-billion $USD network firewall market will continue to grow at anywhere from 6%-10% CAGR over the next couple of years. The problem is that this forecast doesn’t appear to take into account the incredible rate of data moving to the cloud.
According to Cisco, the largest firewall vendor, by 2020, 92 percent of workloads will be processed in the cloud. While not all of that data will completely bypass the firewall, a substantial portion of it will. To firewall vendors, that means less need to increase capacity, less need to refresh equipment, and fewer add-ons of high margin subscription and maintenance services.
Since we’re now in our second decade of purchasing “next-generation firewalls,” it leaves one to wonder, when does the next-generation firewall get supplanted by the next-next-generation firewall? The answer is that it’s already started to happen, but the next-next-generation firewall goes by a different name – Cloud Access Security Broker (CASB). Since the rise of the CASB comes at the expense of the firewall – I’d put Firewall Zero sometime in the next 3-5 years.
