Security & Enterprise Networks Archives

Understanding CNAPP and Its Role in Cloud Security

This month, Palo Alto Networks rebooted its Cloud-Native Application Protection Platform (CNAPP) solution, introducing Cortex Cloud as the evolution of Prisma Cloud. CNAPP has emerged as the go-to solution for securing cloud environments across the entire application lifecycle. It integrates multiple security technologies—including Cloud Workload Protection Platform (CWPP), Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM), and Data Security Posture Management (DSPM), among others—into a cohesive system designed to protect applications from development to runtime.

The rise of CNAPP is a response to the increasing complexity of cloud security, as traditional tools struggle to keep up with hybrid and multi-cloud environments. Security teams require solutions that bridge development, deployment, and runtime security while fostering collaboration between IT, DevOps, and security operations. The challenge lies in the fact that traditional cloud security tools operate in silos, leaving organizations exposed to visibility gaps, misconfigurations, and runtime threats that are unique in cloud environments.

The CNAPP Marketplace and Palo Alto Networks’ Position

The CNAPP market is experiencing rapid growth. According to my latest Cloud Workload Security report from 2Q24, CNAPP revenue grew 42% year-over-year in 2Q24 to nearly $700 million. While the development subsegment grew at a slower rate (21%), the deployment (62%) and runtime (37%) segments saw robust adoption as organizations prioritized compliance, visibility, and real-time threat protection.

Palo Alto Networks has been the CNAPP revenue share leader every quarter since 1Q19. However, Palo Alto Networks faces increasing competition from Wiz and CrowdStrike, which saw 94% and 78% growth, respectively, in 2Q24—multiples faster than Palo Alto Networks’ growth rate.

While Palo Alto Networks has historically led the market, it struggled with integration challenges from its acquisition-heavy approach to CNAPP. Palo Alto Networks’ Prisma Cloud amalgamated multiple acquired technologies, leading to fragmented user experiences and operational inefficiencies.

To counter these challenges, Palo Alto Networks has not just rebranded Prisma Cloud as Cortex Cloud but also spent over a year retooling the technologies into its Cortex XSIAM security operations platform. This shift is intended to consolidate disparate security tools, enhance real-time detection, and improve automation across cloud workloads. The move is a direct response to the market’s demand for seamless, deeply integrated CNAPP solutions that not only secure applications but also reduce the burden on security operations centers (SOCs).

The Two Vectors of CNAPP Evolution: Depth and Breadth

The evolution of CNAPP is occurring along two key dimensions: depth and breadth.

Depth: Best-of-Breed Security Across the Lifecycle

Depth refers to how well CNAPP solutions address security challenges across development, deployment, and runtime using best-in-class capabilities. A strong CNAPP should:

- - Identify vulnerabilities early in the development phase, securing Infrastructure-as-Code (IaC) and third-party software components.
  - Provide deep visibility into cloud environments, enforcing compliance and identifying misconfigurations.
  - Deliver robust runtime security, detecting and mitigating real-time threats across containers, virtual machines, and serverless workloads.

Palo Alto Networks’ previous CNAPP approach faced integration challenges due to a patchwork of acquisitions. Each acquired company was best-of-breed in its domain, but its lack of seamless integration limited its overall effectiveness. Palo Alto Networks asserts that Cortex Cloud addresses these challenges by embedding CNAPP capabilities natively within the Cortex XSIAM platform. It aims to create a cohesive experience leveraging AI-driven risk prioritization and automated remediation.

Breadth: Expanding CNAPP’s Role in SecOps

Breadth refers to how CNAPP fits into the broader security operations (SecOps ecosystem. Increasingly, enterprises want cloud security integrated into the totality, including endpoint, network, application, and data security, to provide a holistic view of risk.

This is where Palo Alto Networks is making a strategic play. By merging CNAPP into Cortex XSIAM, the company claims to create a centralized security hub where cloud security is not an isolated function but part of a broader SecOps workflow. According to Palo Alto Networks, the cross-pollination of security data across IT domains (e.g., correlating cloud workload vulnerabilities with endpoint threats) is designed to help security teams shorten the time to value and improve incident response.

If these claims hold, security teams could see faster detection, reduced manual workload, and better alignment between cloud security and enterprise-wide threat management.

Final Thoughts: The Future of CNAPP and Cortex Cloud

The rebranding of Prisma Cloud to Cortex Cloud is a necessary and strategic move for Palo Alto Networks. The company has taken its fair share of criticism in the CNAPP space for a disjointed approach that slowed adoption despite its market leadership. With Cortex Cloud, Palo Alto Networks is betting on tighter integration, automation, and real-time security to regain its competitive edge.

As the CNAPP market continues to evolve, it will be exciting to see how vendors, large and small, continue to innovate. The shift toward platform-centric, deeply integrated security is gaining momentum, and we eagerly await the market’s response to Palo Alto Networks’ new CNAPP offering.

2024 is shaping to be a year of correction across most enterprise network markets, as indicated by a notable decline in spending among key segments. This correction follows extraordinary growth from 2021 to 2023, driven by the surge in demand caused by the pandemic. Now, as enterprises work through the backlog of pandemic-driven investments and face excess inventory, coupled with cautious spending due to ongoing economic uncertainty, the five key enterprise network markets – Network Security, Branch Routing, Campus Switching, WLAN, and Enterprise Data Center Switching – are poised for varying degrees of growth deceleration and all but one an outright contraction.

Common Trends Across Enterprise Networking Markets

Across all five segments, a significant driver of the 2024 correction is a period of “enterprise digestion,” where organizations deploy the substantial purchases made during the pandemic and subsequent supply chain recovery periods. This digestion phase is compounded by excess inventory in the channel, leading to a slowdown in new equipment deliveries.

Moreover, macroeconomic factors such as inflation and tightening IT budgets are dampening network infrastructure investments. The broader technology market faces some pullbacks as companies reevaluate spending in light of potential economic uncertainties. For many vendors, the tailwinds provided by large backlogs of orders during the pandemic have dissipated, and there is now a recalibration as the market waits for demand to return to a more normalized, pre-pandemic level.

Network Security: Adjusting After High Growth

The Network Security market, with firewalls as its largest segment, has faced significant headwinds in 2024 as enterprises work through existing hardware investments. The slowdown reflects a broader trend in the industry, where organizations, having invested heavily in physical firewall solutions during the pandemic, are now focused on optimizing those assets rather than purchasing new hardware. At the same time, growth in non-hardware solutions like Security Service Edge (SSE) and virtual firewalls has helped cushion the decline, but even SSE is seeing a deceleration. After years of explosive growth, SSE investments are beginning to normalize as enterprises slow their spending to integrate existing deployments fully. This shift signals a cooling from the rapid pace of adoption seen in prior years, though the demand for flexible, cloud-based security solutions remains vital for the long term.

Branch Routing (SD-WAN and Access Routers): Temporary Slowdown Amid Strategic Shifts

The Branch Routing market, which encompasses SD-WAN and traditional access routers, is experiencing a slowdown in 2024 as enterprises take a strategic pause following the rapid expansion of these technologies during the pandemic. SD-WAN saw significant growth as organizations took the opportunity to invest in branch transformation to provide a better network experience at lower TCO at the branch. Still, this surge has now led to inventory overhangs. Additionally, the ongoing integration of SD-WAN functionality into broader Secure Access Service Edge (SASE) frameworks has shifted purchasing behavior. Enterprises are focusing on consolidating and optimizing their existing deployments rather than making new investments, contributing to the temporary softness in the market.

Campus LAN (WLAN and Campus Switching): Post-Pandemic Normalization

The Campus Switching and WLAN markets are enduring a similar correction as the post-pandemic glut of equipment deliveries is digested. After enjoying strong growth from 2021 to 2023, WLAN sales have contracted in 2024 as enterprises and distributors have worked through high stock levels accumulated during the supply chain recovery.

For Campus Switching, the slowdown has also been dramatic, especially in North America, where revenues have been dropping sharply following a peak in 2023. Excessive backlogs cleared in 2023 have led to a steep decline in new orders. Still, the rise of Power over Ethernet (PoE) technology and higher-speed ports, such as 2.5 Gbps and 5 Gbps, could offer growth opportunities as organizations prepare their networks for Wi-Fi 7, whose adoption began to accelerate in 2Q24.

Enterprise Data Center Switching: The Weakest Segment

The Enterprise Data Center Switching market has been hit the hardest in 2024 thus far. Despite some growth in the broader data center market due to AI-related investments, the enterprise segment has struggled as traditional front-end deployments face intense inventory challenges. The contraction is driven by prolonged backlog normalization and fewer large-scale deployments in non-cloud enterprise environments. The long upgrade cycles for enterprise data centers and a strategic pivot towards cloud and AI back-end networks have made this sector particularly vulnerable.

Outlook for 2025: A Return to Growth

Despite the contraction in 2024, the outlook for 2025 is brighter. The fundamental demand for digital transformation, cloud migration, and hybrid work solutions remains intact. As enterprises complete the digestion of their current investments and inventories normalize, spending is expected to rebound. The rise in adoption of AI-driven workloads, 5G, Wi-Fi 7, and advanced security frameworks like SASE will drive growth across the network infrastructure landscape. Furthermore, as inflation and interest rates decrease, enterprises will benefit from improved capital availability, providing further tailwinds for market growth.

However, the Enterprise Data Center Switch market is an exception, as it is not expected to return to growth in 2025. This segment is expected to face challenges. As enterprises continue to embrace the cloud or AI, they will increasingly be on public clouds, reducing the need to expand or refresh their on-premises data center footprint. As a result, further contraction is anticipated for enterprise data center switching, even as other markets recover and expand.

In conclusion, while 2024 is a year of necessary correction following unprecedented growth, the long-term prospects for enterprise network markets remain buoyant. Much of the industry is poised for recovery and growth in 2025, fueled by security, connectivity, and digital infrastructure innovations.

Reflecting on my recent attendance at the 2024 Tencent Global Industry Analyst Conference held on September 5^th in Shenzhen, China, I’m struck by Tencent Cloud’s ambitious plans to expand beyond its home market. The conference provided a comprehensive look at Tencent’s technological advancements, its strategy for global expansion, and the challenges it faces in an increasingly complex geopolitical landscape. Using the “glass half full or half empty” metaphor, we’ll explore the promising aspects and the obstacles of Tencent Cloud’s global expansion efforts.

The Glass Half Full: Tencent Cloud’s Strengths and Opportunities

Tencent Cloud’s executives, led by SVP and CTO Wang Huixing, emphasized their focus on business continuity and next-generation infrastructure. This push for technological advancement extends to Tencent’s AI offerings, with the company claiming to have one of the best Chinese-language Large Language Models (LLMs).

However, what sets Tencent Cloud apart is not just its technology but its experience. As Poshu Yeung, SVP of Tencent Cloud International, emphasized, “We don’t just sell the products. We sell our experience.”

Tencent’s background in running successful apps like WeChat, which boasts over 1.3 billion monthly active users, gives it unique insights to share with clients. WeChat combines messaging, social media, mobile payments, e-commerce, and a vast mini-program ecosystem, making it a “super app” with few equals in the global digital landscape.

Tencent Cloud’s globalization efforts were a key theme throughout the conference. While the company has data centers on almost every continent, its natural expansion focuses on the Asia Pacific region, particularly countries like Indonesia, Malaysia, Thailand, and the Philippines. The Middle East and Africa, specifically Saudi Arabia, UAE, and South Africa were also mentioned as areas of interest.

A significant development in Tencent Cloud’s strategy is its focus on building a robust partner ecosystem. After having just a handful of partners three years ago, Yeung revealed that Tencent Cloud now boasts close to 1,000 active partners worldwide. These include Managed Service Providers (MSPs), Application Service Providers (ASPs), and Cloud Service Providers (CSPs). The contribution of these partners to Tencent Cloud’s revenue has grown from less than 10% to an expected 35% by the end of the year, with aims to cross 50% soon.

Tencent Cloud is positioning itself as more than just a technology provider. Yeung emphasized their approach of being a strategic partner to clients, helping them grow by leveraging Tencent’s experience in building and running successful digital products. This consultative approach, combined with their technical expertise, is how Tencent aims to differentiate itself in the market. In an interesting analogy, Yeung compared Tencent Cloud’s approach to the famous “Pepsi Challenge” from the Cola Wars, encouraging potential clients to try Tencent Cloud alongside other providers and judge for themselves.

The Glass Half Empty: Challenges and Hurdles

While the one-day Global Industry Analyst Summit didn’t focus on cybersecurity, I previously had been briefed late last year on Tencent Cloud’s security portfolio, which includes cloud and application security tooling. At first, I was disappointed that security wasn’t discussed during the industry summit, given its critical importance in cloud services. However, I later learned that security was given a dedicated session during the subsequent Tencent Digital Ecosystem Summit, a customer-focused event held the following day. Unfortunately, due to scheduling conflicts, I wasn’t able to attend the second day’s summit and hear about progress firsthand.

As Tencent Cloud continues its global expansion, security remains an important consideration for potential clients. Like all cloud providers, Tencent Cloud’s ability to meet various security needs and regulatory requirements will be a factor as companies evaluate their cloud options. The company’s experience in managing large-scale applications like WeChat could potentially offer unique insights in this area. However, as with any global technology provider, Tencent Cloud’s expansion efforts will need to navigate the complex landscape of international markets and varying regional requirements.

Indeed, the geopolitical landscape remains a significant factor in Tencent Cloud’s global ambitions. For many enterprises, particularly those in Western countries, Chinese cloud providers may be viewed cautiously due to data security concerns and regulatory pressures. This hesitancy extends beyond security features to encompass broader data governance and sovereignty issues. On the other hand, there are markets where Chinese technology might be actively preferred or seen as a viable alternative to US-dominated options, presenting both challenges and opportunities for Tencent’s expansion strategy.

Tencent’s current global cloud market position also presents challenges. According to the Dell’Oro 1Q24 Data Center IT Capex Quarterly Report, Tencent’s share of worldwide cloud revenue stands at about 2% as of Q1 2024, significantly behind the top U.S. cloud providers who collectively hold over 80% of the market. These figures underscore the uphill competition Tencent faces in challenging the Western giants but also highlight the substantial room for growth in the global market.

Conclusion: A Promising Future with Challenges to Overcome

As the cloud computing landscape continues to evolve, it’s clear that Tencent is determined to be more than just a regional player. Whether you see Tencent Cloud’s glass as half full or half empty, one thing is certain — the competition in the cloud market is heating up, which could be good news for enterprises worldwide.

Tencent Cloud’s rise promises increased choice and potentially more tailored solutions, particularly for businesses in Asia and emerging markets. However, the path to global cloud dominance is far from straightforward. To succeed in this highly competitive landscape, Tencent will need to navigate complex international relationships, address security concerns head-on, and continue to innovate at a rapid pace.

Despite the challenges, Tencent Cloud’s unique experience, growing partner ecosystem, and focus on underserved regions provide a strong foundation for growth. By leveraging its strengths and addressing its weaknesses, Tencent Cloud has the potential to reshape the global cloud landscape and offer compelling alternatives to established players.

Ultimately, Tencent’s global expansion might be the “Pepsi Challenge” the cloud industry needs. Just as that famous marketing campaign encouraged consumers to look beyond brand names and judge based on taste, Tencent invites global enterprises to look past preconceptions and judge cloud providers on their merits. Whether Tencent can convince the world to take a sip of its cloud offerings remains to be seen, but one thing is clear: the cloud competition is far from over, and Tencent’s bid to shake up the market is a development worth watching closely in the coming years.

As Tencent Cloud steps onto the global stage, the team here at Dell’Oro will meticulously track every percentage point of market share gained or lost. So, will you take the Tencent Cloud challenge? Dell’Oro and the rest of us will eagerly watch to see who does.

Like many in the security world, I, too, made the pilgrimage to Moscone Center last week to attend the RSA Conference 2024. The conference was a melting pot of ideas, innovations, and insights, with cybersecurity professionals from around the globe converging to discuss the industry’s future. Among the myriad announcements and presentations, three key themes emerged: AI-Powered security, Unified Security Architectures, and Zero Trust Adoption.

AI-Powered Security: The New Frontier

Artificial Intelligence (AI) has been a buzzword in the tech industry for years, but its application in cybersecurity has now moved from hype to reality. AI is being used to automate threat detection and response, reducing the time it takes to identify and mitigate potential attacks. It’s also being used to automatically analyze anomalies and correlations to prevent threats. This shift towards AI-powered security signifies a new era in cybersecurity, where intelligent, automated systems are replacing manual processes. However, as AI evolves rapidly, so does the sophistication of AI-powered threats, necessitating continuous innovation and adaptation in our defensive strategies.

Unified Security Platforms: Simplifying Complexity

The second theme that stood out was the move towards unified security platforms. Managing multiple, disparate security solutions can be daunting with the increasing complexity of today’s digital environments. There’s a trend toward offering comprehensive, integrated security platforms to address this issue. These unified platforms aim to provide end-to-end security, covering everything from cloud security to endpoint protection and everything in between. By consolidating various security functions into a single platform, these solutions aim to simplify security management and enhance visibility and control across the entire digital landscape. Industry momentum has gone as far as turning the word “platform” into a verb (“platformization”)!

While it would be ideal to have a single platform to rule them all, it’s unlikely an enterprise would or could put all its security eggs into a single vendor’s basket, whether due to political (“I don’t want to be beholden to a single vendor”), economic (“How can I get the best price if standardized on single vendor?”), or technological (“I need best-of-breed and no single vendor is best-of-breed across all security fronts”) reasons. Fortunately, vendors may be talking platforms, but they are also creating connective tissue between disparate systems and other vendors’ products, which ultimately benefits everyone.

Zero-Trust Adoption: A Paradigm Shift in Security

The third theme that emerged was the widespread adoption of Zero-Trust security models. In a Zero-Trust model, every user, device, application, and piece of data is treated as potentially compromised and verified before being granted access. This shift from the traditional ‘trust but verify’ approach to a ‘never trust, always verify’ model signifies a paradigm shift in security that has been around for numerous years but is finally catching fire.

However, it’s important to note that Zero-Trust isn’t one product or solution. It’s a comprehensive approach to security that can be applied across users, devices, applications, data, and network traffic. While in an ideal world, a single solution from a single vendor would span the entire spectrum, the reality is far more complex. There will always be multiple solutions and vendors, each with strengths and weaknesses. The challenge lies in integrating these diverse solutions into a cohesive security strategy that aligns with the principles of Zero Trust. Despite these challenges, the widespread adoption of Zero Trust is a positive step forward, helping organizations stay one step ahead of attackers and ensuring they are prepared for future challenges.

Conclusion

The RSA Conference 2024 provided a glimpse into the future of cybersecurity, highlighting the industry’s shift towards AI-powered security, unified architectures, and Zero-Trust models.

Lastly, I want to thank all the companies I had the pleasure of meeting at the conference. The companies, listed in alphabetical order, included Akamai, Aryaka, Aviatrix, Broadcom/Symantec, Cato Networks, Cisco, Cloudbrink, Cloudflare, Corelight, Ericsson/Cradlepoint, F5, Fastly, Fortinet, Hillstone Networks, HPE Aruba, Juniper Networks, Lookout, Netskope, OpenText, Orca Security, Palo Alto Networks, Skyhigh Security, Sophos, Trellix, Wiz, and Zscaler. If you’re reading this and from one of these companies, thank you for your insights and contributions to the cybersecurity industry.

If you have additional questions about my conversations at the conference, please reach out (mauricio@delloro.com).

Turbulent is the best word to describe the worldwide Enterprise Network equipment market over the past few years. Enterprise Network manufacturer revenues hit a high of $72 B in 2023. However, by the end of 2023, signs of an impending market shift appeared.

To predict what will happen next, we look back over the past ten years to identify the overarching trends that are influencing this market, which is made up of manufacturer revenues from hardware and software purchased by enterprises for network connectivity and security purposes, divided into the five sub-markets shown in the figure below.

Over the five-year period from 2014 and 2019, the worldwide Enterprise Network market experienced a Compound Annual Growth Rate (CAGR) of 7%. Manufacturers such as Cisco, Huawei, HPE, Arista, Palo Alto Networks and Fortinet have managed to grow revenues–even as challengers, such as Juniper and Zscaler, gained market share.

Tracking of Secure Service Edge (SSE) and Web Application Firewalls (WAF) markets began in 2019, contributing to the significant growth of the Network Security market. While annual growth of Switch and WLAN slowed in 2019, the fundamentals of the Network Security (firewall, SSE, SWG, WAF, and ADC) and Branch Routing markets (SD-WAN and access routing) remained robust, pushing overall network equipment spending up to $48 B.

The Market Trajectory is Altered

Then, in 2020, the pandemic hit. Workers vacated their offices and network projects ground to a halt. The following year, with IT leaders besieged with demands for networking to support remote work, companies tried to get digital transformation initiatives back on track – just as vendors began to experience supply shortages. Equipment hardware lead times became long – but worst of all, unpredictable. They could be close to normal, or they could be twenty times longer than normal, depending on the type of equipment and the day that the orders were placed. Manufacturers began to accumulate large backlogs of orders. Equipment prices began to rise, keeping industry revenues growing despite the longer wait times for enterprises.

Near the end of 2022 and into early 2023, the tide began to change. As supply began to flow to the equipment vendors, they began to ship more networking equipment. Then, backlogs spiraled downward, and the market was flooded. Manufacturer revenues ballooned.

Since the end of 2022, Dell’Oro Group has been predicting a digestion period, or a pause in spending on some segments of the Enterprise Network market. This slowdown first appeared in Wireless LAN revenues in 3Q23, as the market contracted Y/Y for the first time since 2Q20. This was followed by Y/Y contractions in Branch Routing and Campus Switching in 4Q23. These contractions are expected to continue throughout most of 2024. During the period of supply constraints, many enterprises adjusted their ordering behavior, placing orders in 2022 for equipment they required in 2024. In addition, in times of scarcity, distribution companies ordered more equipment than they needed. Now that the deliveries have been made, working through the excess inventory will take time.

An Uneven Revenue Recovery

Supply constraints and rapid backorder fulfillment have created the roller coaster trajectory of the worldwide Enterprise Networking market. However, if we look more closely, we see that the peaks and troughs of each sub-market are not aligned.

Growth of Enterprise Data Center switching revenue, in particular, did not reach the same heights in 2023 as the other enterprise networking markets. However, revenue growth remained positive throughout the year, driven by large enterprises. The supply constraints for switches were resolved later than those for WLAN, and manufacturer backlogs have remained elevated for longer, leading to a continued stretch of Y/Y growth in revenues. Dell’Oro group is also projecting a digestion period for enterprise switching – although it is expected to be offset from that of WLAN and Branch Routing.

In contrast, the Network Security market stands out as the only market that has grown at least 5% every year for the last ten years. This consistent growth reflects the critical role of network security in enterprise strategies to mitigate cyber threats. Although the Y/Y expansion has been slowed somewhat by the enterprise digestion phenomenon, market expansion is anticipated again in 2024, whereas Dell’Oro Group expects all other segments to contract.

A Shift in IT Priorities

The continued importance of IT security to enterprises will cause a share shift in Enterprise Network revenues over the longer term. In 2023, spending on Network Security more than doubled from just five years ago. By 2028 Dell’Oro Group expects Network Security to account for an even larger portion of equipment sales. On the other hand, the switch market is more mature. Following the increasing penetration of Work From Home and Hybrid Work models, Enterprises’ adoption of Wi-Fi First strategies has grown, dampening the expansion of Campus Switch revenues in favor of WLAN. In addition, enterprises’ shift to cloud computing has slowed the growth of Enterprise Data Center Switch spending.

Looking forward to the anticipated CAGR of the worldwide Enterprise Network market, Dell’Oro Group has a word of warning for industry observers. Using the elevated 2023 revenues as a baseline is sure to make future CAGR calculations look anemic. Taking an average over 2021 to 2023, smoothing out the supply release tsunami, allows us to predict that cumulative growth rates should return to pre-pandemic levels over the next five years.

Contact Us