Juniper adds firewall-as-a-service to SASE offerings

Juniper Networks is launching Juniper Secure Edge, a new single-stack Firewall-as-a-Service (FWaaS) offering, which is better equipped than physical firewall appliances to address the security requirements of increasingly distributed and remote workforces.

Juniper Secure Edge, part of the company’s growing Secure Access Service Edge (SASE) portfolio, comes as FWaaS solutions are becoming more popular after many years as point solutions governing small sets of remote users, or a particular application or usage scenario. In this, it joins other cloud-based services that have grown in popularity with the increase in remote working in the two years since the pandemic began. 

Mauricio Sanchez, research director, network security at Dell’Oro Group, wrote in a 2022 network security forecast last month, “In the last couple of years, Firewall-as-a-Service (FWaaS), or Cloud Firewalls, have started to pop up as an upsell feature of SaaS-based security solutions, notably in SaaS-based SWG and SASE solutions.”

Sanchez said the original intention was not to displace the “super-heavy iron of carrier-class physical firewalls” in large enterprises and carrier networks, but he said Dell’Oro is now forecasting that “at least several of the Fortune 100 will ditch their classic carrier-class Firewall hardware and go all-in on cloud-powered Firewalls.”

Kate Adam, senior director of security product marketing at Juniper told Fierce Telecom via email that the move is all about how more companies are gradually migrating to the cloud. "Over the past few years, customers have been shifting to a more cloud-centric architecture," she said. "While many smaller organizations have been leveraging this architecture because of the scale and cost-efficiency, we have only just now seen more mid-size and large organizations begin to make this shift. With the advent of the 'work from anywhere' workforce that certainly became the new normal as a result of the pandemic, but also because organizations are realizing that 'work from anywhere' is here to stay. At the same time, organizations are also just now implementing a Zero Trust framework as they rearchitect – even though the concept of Zero Trust has been around for quite a while." 

RELATED: Juniper jumps in SASE with Security Director Cloud

Juniper is getting into FWaaS a little later than some companies that already have been offering the capability, just as it entered the SASE space a little later than others. It also offers physical firewall hardware and virtual firewall offerings that potentially could be cannibalized by a SaaS offering, but Juniper preaches a unified management approach for its security products that it has said will help customers with what is expected to be a long-term, fluid migration to SASE. Juniper Secure Edge is managed by the company’s Security Director Cloud, and provides other features to support network edge security for distributed users needing fast access to enterprise applications.

Those features include:

• Unified policy management from a single user interface for all security use cases, meaning that policies can be created once and quickly applied anywhere, even on a per-user and per application basis. 

• Secure user access from any location, since policies follow users, their devices and their applications wherever they go, without the need for new rule sets as scenarios change.

• Dynamic Zero Trust segmentation enabling the creation of identity-based and risk-driven security and usage policies that automatically adapt based on new risk and attack vectors. This also supports automated access controls for employees and third-party contractors through granular policy control.

• Investment Protection for companies using a variety of Juniper SRX firewall and gateway solutions–physical, virtual, containerized and now cloud-delivered. Secure Edge allows organizations to leverage existing investments and seamlessly transition to a full SASE architecture at a chosen pace and provides a simpler operational experience, with all solutions managed by Security Director Cloud.

• Integration with an enterprise’s preferred identity provider, as Secure Edge integrates with Azure AD, Okta and others, through SAML 2.0 support, Juniper said.

• Cyberattack protection validated by objective, third-party testing to be highly effective against client-side and server-side exploits, malware and C2 traffic.

Adam was not concerned about customers choosing between physical or cloud-based firewalls because the reality is they don't need to go all-in on one approach or the other.

"While customers have certainly started their journey to SASE and a cloud-delivered security architecture, this transition is going to be done over the next several years," she said. "Even then, many organizations will still have a hybrid security architecture with both on-premises security technology and cloud-delivered security services. The 'right' approach depends entirely on the needs of the business and the resources available to complete this architectural shift."

She added that an understanding of this reality is what drove Juniper to take an “and” approach. "Customers don’t have to choose on-premises or cloud—they can have both," she stated. "Customers of Juniper Secure Edge can leverage their existing on-premises firewall technology AND use cloud-delivered security with Secure Edge and manage both from the same UI and using the same policy framework. Not only does this make it easier for customers to migrate at their own pace, but it also gets them unbroken security visibility across their entire network."

Q4 results

Juniper’s move to support more distributed enterprise workforces is starting to contribute to the company’s bottom line, company officials said in Juniper’s recent fourth quarter and year-end 2021 earnings report. While fourth quarter security-related revenue of $162 million was relatively flat year-over-year, security product orders during the fourth quarter increased by a double-digit percentage, company officials said. Also, for the full year of 2021, Juniper’s total security revenue was $657 million, representing an increase of 8% year-over-year. Within that total, security product revenue was up 14% year-over-year.

Meanwhile, for the fourth quarter, overall company revenue was $1.3 billion, up 6% year-over-year. For the full year, revenue was up 7% to $4.7 billion, with growth across all verticals despite ongoing supply chain constraints, officials said.

This story was updated on 02/03/22 with comments from Juniper.