[wp_tech_share]

There’s nothing like starting the New Year armed with the latest information and insights; so I thought I would share some of Dell’Oro Group’s key predictions for the Wireless LAN market in 2023.

Supply chain acrobatics was the name of the game for Wireless LAN in 2022.  Manufacturers demonstrated some impressive flexibility by redesigning products, expediting components, and paying for air freight in a bid to fulfill their accumulating orders. Just as the lockdowns were underlining the importance of Wi-Fi to the hybrid work model, WLAN equipment became a scarce commodity.

In 2023, the WLAN market will be all about growth. It’s not that the supply constraints have gone away, but they are lessening, and the solutions put in place by the manufacturers are bearing fruit. Meanwhile, enterprises are still clamoring for connectivity.

In this context of accelerating supply meeting backlogged demand, here are a few predictions for the year to come.

1) The Enterprise Class WLAN market will surpass $10B in 2023

Last year, we projected that the WLAN market would break the $10B mark in 2025. However, the last couple of quarters of 2022 showed us how high prices can combine with rising unit volumes to bring record-level revenues. We’ve brought our $10B prediction forward an astonishing two years.

After one of the most prolonged periods of year-over-year price increases, it may seem bold to predict that they will keep rising into 2023. However, there are a couple of unfolding trends backing up this prognosis.

First, prices over the past few quarters have been driven up by the adoption of Wi-Fi 6 (802.11ax) – and there is still room for Wi-Fi 6 to grow. Its adoption curve has been altered by the supply constraints but we are still expecting several more months of gain in share of shipments.

The second trend buoying prices is the rise of manufacturers’ costs, which has been passed on in the form of WLAN price increases. With a backlog worth two quarters of revenues for most manufacturers outside China, it takes at least six months for the higher-priced WLAN orders to flow through to delivery. This means a boost to manufacturers’ revenues in the first half of 2023. Eventually, the basic laws of economics will prevail and price erosion will kick in.  We are predicting that prices will peak and start to come down in the second half of the year.

 

2) Unit shipments will defy the usual seasonality

History tells us that the Enterprise Class Wireless LAN market is back-end loaded. That is, the majority of units are shipped in the second half of the year.  But 2023 will be a year like no other. The industry’s unprecedented backlogs are coinciding with a period of slowing economic growth.

In 2023, we predict that the market won’t follow its usual seasonality, and half of the year’s units will be shipped in the first two quarters of the year – six points above the five-year average.

 

3) The WLAN industry will gain clarity around Campus Network As A Service offers, and the NaaS business model will be put to the test

The term “Network As A Service” was bandied around quite a bit in the context of Campus IT services in 2022, although the industry lacks a common definition for the term.

On one hand, we saw new companies, like Meter, Nile, and Shasta promising to change the way enterprises consume Wireless LAN, building their brand on both technological and pricing innovation. The latter involves moving Wireless LAN from an upfront purchase to a recurring monthly expense, often based on a simplified metric, such as office area or number of employees – a metric that is more intuitive than the number of access points or switches.

On the other hand, we heard incumbent HPE Aruba announce some mega-NaaS deals, with large retailers and educational institutions. These companies bought the As A Service offer in part because it included “Day-2 Operations”; that is, professional services such as network design, monitoring, and troubleshooting. This definition of NaaS is similar to Managed Wi-Fi offerings already being delivered by service providers and systems integrators.

As we peel the onion of the different Campus NaaS offers, we find important dimensions such as consumption-based pricing; a mix of self-managed, co-managed, or fully-managed equipment; value-added network services, service-level guarantees; evergreen technology offers;  and AI-enhanced operations.

Which market segments will be attracted to which definition of Campus NaaS? How will the service impact manufacturers’ revenues?  We will start to get some answers in 2023, and Dell’Oro Group will be front and center in defining and sizing the opportunity.

 

Watch This Video:

What’s next for Enterprise Class Wireless LAN market spending in 2023? 

About the Author

Siân Morgan joined Dell’Oro Group in 2022 and is responsible for the Wireless LAN, and Campus NaaS and Public-Cloud Managed LAN market research program She's known for delivering comprehensive quantitative insights into the Enterprise Wireless LAN market and cloud platform adoption, including AI. With over 25 years of senior management experience in telecom and network technologies, such as 5G, OpenStack, LTE, IMS, and Wi-Fi, Ms. Morgan has held various roles in pre-sales, R&D, and post-sales support. Fluent in both French and English from a decade in Europe, her research is widely cited in industry publications. Ms. Morgan is also a frequent industry conference speaker.

Read articles Siân Morgan has written or been featured in...

[wp_tech_share]

In this blog, Sameh Boujelbene, Senior Research Director for Data Center Switch Ethernet, will share two key takeaways from the OCP Global Summit’22 event related to SONIC adoption and high-speed optics.

About the Author

Sameh Boujelbene joined Dell’Oro Group in 2011, where she currently oversees research in the areas of Ethernet Data Center Switches and AI Networks for AI workloads. During her tenure at the firm, Ms. Boujelbene has expanded her research programs to address data center interconnect, AI/ML workloads, and digital transformation. She has published articles and been cited in various industry and trade publications, and she is a frequent speaker at industry conferences and events.

Read articles Sameh Boujelbene has written or been featured in...

[wp_tech_share]

In this new blog, exclusively contributing to RCR Wireless, Siân Morgan, Research Director for Wireless LAN market, will explore whether these are the reasons that Wi-Fi 6E adoption has lagged, or whether other factors could be preventing access to the 1200 MHz of spectrum that was supposed to bring us better-performing Wi-Fi.

About the Author

Siân Morgan joined Dell’Oro Group in 2022 and is responsible for the Wireless LAN, and Campus NaaS and Public-Cloud Managed LAN market research program She's known for delivering comprehensive quantitative insights into the Enterprise Wireless LAN market and cloud platform adoption, including AI. With over 25 years of senior management experience in telecom and network technologies, such as 5G, OpenStack, LTE, IMS, and Wi-Fi, Ms. Morgan has held various roles in pre-sales, R&D, and post-sales support. Fluent in both French and English from a decade in Europe, her research is widely cited in industry publications. Ms. Morgan is also a frequent industry conference speaker.

Read articles Siân Morgan has written or been featured in...

[wp_tech_share]

 

After being canceled in 2021 and postponed numerous months this year, the 2022 edition of the RSA Conference (RSAC) finally went into the books last week. Perhaps throwing a bit of caution to the wind–we are still in a pandemic after all–I met with nearly 40 vendors, 23 of them consisting of at least a 30-minute conversation and sometimes a couple of hours. In this blog, I summarize three takeaways from my week at RSAC 2022.

  1. Buzzwords starting with ‘S’ keep coming: SWG, SD-WAN, SASE, and now SSE

The industry likes buzzwords that start with ‘S’ for whatever reason. The first ‘S’ came some twenty years ago with the arrival of SWG (Secure Web Gateway). Then came the second, SD-WAN, around a dozen years ago. After that, things were quiet until three years ago, when the third, SASE (Secure Access Service Edge), arrived. And the most recent, SSE (Security Service Edge), emerged last year and was in full view at RSAC 2022.

So why SSE? I blame the pandemic.

The pandemic caused an explosion in remote work that exposed severe inadequacies in enterprise IT networks to handle large numbers of remote workers. Fortunately, a crop of vendors–most with a SWG pedigree–were poised to help with their cloud-based security that was ideal for remote work. But SWG was a twenty-year-old marketing term and no longer cool. So instead, vendors wrapped themselves in the SASE mantel.

Confusion ensued since there were competing narratives by networking vendors, who ironically were primarily SD-WAN vendors and tended to remain more faithful to the original SASE premise of network and security convergence. So instead of picking sides, the industry created a new term, SSE, to let security vendors distinguish themselves. So yes, today’s emerging SSE vendors are, in many instances, yesterday’s SWG vendors. What’s different about SSE than prior SaaS-based SWGs is that now multiple security functions run in the cloud, such as CASB (Cloud Access Security Broker), ZTNA (Zero Trust Network Architecture), and FWaaS (Firewall-as-a-Service).

At RSAC, there wasn’t much talk about SD-WAN, but there was about SASE and SSE. It was humorous to hear certain security vendors sometimes use SASE and SSE in the same sentence as if they were freely interchangeable. On the one hand, they were trying hard to check off all the buzzwords, but on the other, a clear symptom of immature markets.

 

  1. Traditional Network Vendors Double Down and Get More SASE

Two stalwarts of the enterprise networking landscape, Cisco and Juniper, introduced updates to their SASE portfolio.

Cisco has had all the pieces to deploy SASE for some time, but there was no substantive integration. At RSAC, they introduced a new strategy to build a tighter integration between the Cisco SD-WAN and SSE (Umbrella) houses through a new unified manager based on the Meraki cloud management platform. Moreover, Cisco intends to sell everything, whether the cloud service or the hardware, as a subscription.

Meanwhile, Juniper has improved its recently introduced cloud-based security platform, Secure Edge. At RSAC, they announced the addition of CASB and DLP (Data Loss Prevention) services to Secure Edge. Like Cisco’s management approach, they also have a unified manager, Security Director, spanning SRX firewall elements and the cloud-based Secure Edge.

Both Cisco and Juniper are taking an interesting approach to SASE. It’s not all in the cloud since the networking/SD-WAN piece is still effectively on-prem, but nor is it disaggregated bag of parts. They’ve provided me with a lot of food for thought that I plan to infuse into my upcoming SASE research.

 

  1. Cloud Workload Security Remains a Smorgasbord

Over the last half-year, I’ve been meeting with vendors large and small to understand what cloud workload security, i.e., securing apps/workloads moving to a cloud architecture, means to them. From the onset, things have been cloudy (no pun intended).

On the one hand, we can all agree that the enterprise shift to the cloud is a significant change in IT architecture. The challenges, nuances, and caveats that must be dealt with during the journey from a traditional on-prem legacy app enterprise to a cloud-based, cloud-native app enterprise are significant.   It’s a problem-rich environment that has given rise to dozens, if not hundreds, of security vendors.

On the other hand, the marketing most cloud-focused vendors use to describe themselves is on the verge of hyperbole. But it makes some sense why this is. Considering there are so many problems and challenges to solve, there isn’t any one company that solves them all or even close. So in a landscape that still requires many technologies from many vendors to solve most cloud problems, what does an individual vendor need to stand out? That answer is that they lean heavily on marketing and make it seem like they cover more than they do.

At RSAC, I met with a handful of cloud-focused security vendors, which only reinforced my conviction that it is a smorgasbord of products and overly creative marketing and far from being a single product or even a handful of solutions. Some vendors focus on threat detection. Some focus on risk and compliance. Others focus on the identity implications. Others seek to protect container communication. It’s a literal zoo of vendors. However, in this zoo of vendors, there are some emerging delineations.

Give me any cloud-focused vendor, and I’m pretty sure they’ll fit into one of three significant buckets,  code security (coding/build security),  IaaS/PaaS platform security (ensuring the runtime platform is as secure as possible), and app/container security (runtime security). I’ll be delving deeper into cloud workload security in an upcoming advanced research report. Stay tuned.

While not a numbered takeaway, my parting thought is that after two years of working exclusively via video conference, I’ve concluded that it doesn’t replace face-to-face meetings. There’s a quality and richness that face-to-face brings that current video conference technology fails to replicate. As such, I look forward to upcoming opportunities to engage the security community in person and the next RSAC in April 2023.

[wp_tech_share]

I recently had the opportunity to moderate a panel for the Business Innovation Leaders Forum that brought five veteran security executives together to discuss contemporary CISO demands and challenges. On the five-person panel, I had two CISOs at major multi-billion firms, the former Deputy Director of the U.S. National Cybersecurity division, the godfather of Zero Trust, and the Executive Vice President for the cloud and security business at a major telecommunications company.

This blog summarizes five takeaways that stood out from our discussion.

  1. The COVID pandemic has been both a crisis and an opportunity

The pandemic has been an enterprise crisis. The pandemic compounded the rate of technology and threat change, which was already a source of discomfort for many enterprises. Two key examples are the shift to remote work and the acceleration of enterprise digitalization (the shift and embrace of public cloud for enterprise apps), each of which has thorny security problems to solve.

But the pandemic has also been an opportunity for enterprises. The massive disruption caused by the pandemic has provided the impetus for new ways of looking at security problems and has driven investment that in a non-pandemic environment would not have been possible.

  1. Enterprise users have and will continue to pose a complex security challenge

If a CISO’s job wasn’t already challenging enough, they need to contend with enterprise users being humans that flourish off three Cs: curiosity, convenience, and comfort. Curiosity will lead to users doing unexpected things that may open security holes. Likewise, users will defeat security measures they find inconvenient. Passwords on a post-it note, anyone? The pandemic-induced need to work remotely has caused many users to appreciate the comfort of working at home and no longer want to commute to the corporate office. Yet, remote work has enormous security implications compared to the traditional office environment.

Rather than fight the users and change behavior, a CISO needs to continually evolve and always look for new security controls that match the current user landscape and behaviors.

  1. The threat landscape is not only more brutal but innovating faster than enterprises can counter

Not only has the Internet threat landscape gone from being a tough neighborhood to open warfare, but the threat actors are moving at a blinding speed. Threat actors aren’t constrained by processes like enterprise change control, which is valuable in preventing unintended IT instability, but often leads to slow, glacial response during an active attack.

So what’s a CISO to do? While there’s no panacea, the panelists repeatedly remarked on the need to focus on the security fundamentals, like knowing what in the enterprise needs to be protected and developing a solid security plan focused on that needed protection.

  1. Security vendors are a double-edged sword: New products are distractions, yet relationships are key

The security vendor landscape is highly fragmented, with hundreds of products vying for CISOs’ attention. New products are a dangerous pitfall. Persuasive vendor marketing for new products may lull CISOs into thinking they need the product even though the reality could be the opposite. Unless a CISO is working off the knowledge of what needs to be protected in their enterprise and a robust security plan, a CISO can’t assign security value to any new product.

However, a CISO is not to shirk all vendors.   The panel agreed that relationships play an essential role, particularly with those select vendors seen as trusted and willing to listen to the CISO. Bi-directional communication is vital to help vendors develop security controls and technologies that benefit the enterprise.

  1. Zero-trust is a strategy, not a product: The folly of mixing up strategy and tactics

Among hot industry buzzwords, “zero trust” has been white-hot recently. Vendors of all stripes have applied the buzzword to their products and looking to turn zero trust into a product sale. “Buy my product, and you will have zero trust,” say many security vendors. However, the clear consensus of the panel was that zero trust isn’t a product but a strategy–and a valuable strategy at that.

Putting the value of zero trust aside, this situation highlights how easy it is to mix strategy with tactics. A CISO that buys a “zero trust” product from a vendor may think they are covering all necessary security bases. But, the reality is that this CISO is stuck in the tactics that may or may not align with the strategy that the enterprise needs to follow. A CISO that doesn’t have a coherent strategy – anchored to knowing what needs to be protected and having a good plan – is at best wasting IT budget on products that minimally improve security posture. Still, at worst, creating a false sense of security that eventually will lead to an enterprise being compromised.

There are several more key takeaways from the discussion, and I highly recommend watching the playback. However, if there were a common thread among all, it’s that CISOs face a wide variety of challenges that can only begin to be addressed by a diligent focus on doing the fundamentals right.

 

Watch the on-demand video:

CYBER SECURITY – MEETING CISO DEMANDS