At this week’s NVIDIA GPU Technology Conference, the company announced its groundbreaking Bluefield -2X DPU (Data Processing Unit), which combines key elements of the existing Bluefield DPU and NVIDIA’s Ampere GPU. The new DPU enables the use of AI to perform real-time security analytics, and identify abnormal traffic and malicious network activities. The building-blocks NVIDIA needs to enable high-performance and AI workloads in the data center and edge are coming together—this includes the GPU for application-specific workloads, the DPU to facilitate data I/O processing, and finally, the CPU for compute, as NVIDIA seeks to complete its acquisition of ARM.

The DPU, a terminology coined by NVIDIA, falls within Dell’Oro Group’s definition of the Smart NIC market that we track in the Ethernet Controller and Adapter research. Smart NICs are fully programmable network interface cards designed to accelerate key data center security, networking, and storage task functions, offloading valuable CPU cores to run business-oriented applications.

According to Dell’Oro Group’s latest forecast, the Smart NIC market will grow at a 26% compound annual growth rate, from $270M in 2020 to $848M by 2024, vastly outpacing the overall Ethernet controller and adapter market. We believe that this new class of Smart NIC with integrated AI that NVIDIA has introduced, to be potentially disruptive, and could expand the range of applications that have been available to Smart NICs.

As Cloud and Enterprise data centers continue to scale, we believe that Smart NICs could be a solution in achieving high network throughput, low latency, and minimal packet loss demanded by emerging applications such as high-performance computing and AI. However, there are some notable constraints vendors would need to address before we see stronger adoption of Smart NICs:

• The scalability of Smart NICs depends on key considerations such as price and power consumption. While we are still awaiting details from NVIDIA, I believe that the inclusion of both the ARM processor and GPU in the Bluefield-2X DPU could result in higher unit cost and power consumption compared to that of alternatives. NVIDIA announced that future generations of the Bluefield, such as the Bluefield-4X DPU, will have an integrated ARM and GPU cores, which could result in total cost of ownership improvements.
• Most Smart NICs shipped deployed are based on the ARM architecture, including that of the NVIDIA Bluefield DPU family. However, other Smart NIC vendors such as Intel, Napatech, and Xilinx have released FPGA-based solutions that have demonstrated benefits in adapting to a wide range of applications in conjunction with AI inferencing applications. I predict that both ARM-based and FPGA-based solutions will coexist and be optimized for different use-cases.
• Extensive engineering resources and lead-time are required to bring Smart NICs to market. While the major Cloud service providers have the engineering resources devoted to Smart NIC application development, the smaller Cloud service providers and enterprises do not. It is crucial for vendors to provide value-added services and application development toolkits to customers for software implementation. NVIDIA announced the availability of the NVIDIA DOCA SDK, which enables developers to rapidly create applications and services on top of the Bluefield DPU.

Ultimately, customers will need to find a balance between the benefits Smart NICs could bring, along with the aforementioned considerations. However, I am excited that the vendor community is bringing new innovations to the market that could give customers more choices to implement the solutions that fit their requirements. As servers continue to become more commoditized overtime, Smart NICs could shift more control of the data center architecture back to the customers.

 

Over the last year and a half, VMware has been aggressively bolstering its network security capabilities, whether with the acquisition of Velocloud (Nov. 2017), Avi Networks (June 2019), Carbon Black (Oct. 2019), Octarine (May 2020), or Lastline (June 2020).

Today, VMware took another significant step with its new Secure Web Gateway(SWG)/Secure Access Service Edge (SASE) solution in collaboration with Menlo Security and expanded partnership with Zscaler.

In the last couple of months, I had the opportunity to sit down with senior VMware and Menlo Security executives to understand direction and aspirations. As I look back at today’s announcement against those conversations, three key takeaways come to mind:

1. VMware has strong fundamentals to deliver cloud-based security with Velocloud

We expect the physical appliance market for network security to decline 5% this year according to our data. Meanwhile, the virtual appliance and SaaS (i.e., cloud-based) markets for network security will grow 6% and 27%, respectively. 2020 is trending to be the first time the physical appliance market does not grow while virtual and SaaS markets do. The ongoing pandemic has hit the physical appliance market in two ways, by decelerating physical infrastructure projects and accelerating preference for cloud-delivered security.

VMware is banking on its Velocloud business unit to provide the platform and know-how to excel in the cloud-based network security space. Since its founding in 2012, Velocloud has been perfecting how to deliver cloud-based SD-WAN solutions over an ever-increasing global footprint, now with over 2700 cloud gateways across 130 points of presence (POPs). I believe the experience and knowledge gained from their SD-WAN solution will translate well to running a network security application, like SWGs. While Velocloud’s global network size may not be on par with Akamai or Cloudflare, two content-delivery/edge-compute vendors who are also entering the SWG space, they are on par with direct competition, such as Cisco Umbrella or Zscaler. With time we can expect that Velocloud’s scale will continue to increase, but even today is already a suitable foundation for delivering cloud-based security.

2. VMware needs to own the SWG, but until then, a partnership with Menlo Security is a good bridge on the journey to SASE

According to our data, the Secure Web Gateway market has been on a tear recently, growing 17% Y/Y in 1Q20 and 14% Y/Y in 2Q20. We expect it to close out the year with 15% Y/Y growth. This growth is remarkable, considering the challenging market environment created by the pandemic. For example, we expect the firewall market to post low single-digit Y/Y growth for the full year 2020, which has not happened since the great recession of 2008. With SWGs hot and firewalls not, VMware is the latest vendor to enter the SWG market in partnership with Menlo Security.

Menlo Security was founded in 2014 and is a late-stage startup that we started tracking here at Dell’Oro recently. Only this year did they begin introducing feature sets, such as CASB (Cloud Access Security Broker) and DLP (Data Leakage Prevention), for them to qualify for our SWG tracker. Most of their history, they’ve been better known for their work in web and email isolation technology and products.

I believe a vendor should directly own all core technology and expertise for their solutions in a perfect world. However, I see the partnership between VMware and Menlo Security a good bridge since making any acquisition takes time, and time is of the essence for VMware. Moreover, Menlo Security isn’t an unproven, early-stage startup, but also not so large to immediately give rise to competitive or strategic direction challenges. It remains what VMware is planning long term – I have no direct knowledge – but I stand by my assessment that VMware should own all the core technology, in particular, to improve the chance of success for the emerging SASE market. I’m currently working on a SASE Advanced Research Report and, in a future blog will hit on some of the key takeaways.

3. VMware hedging bets by keeping Zscaler close

On the one hand, VMware announced their intent to enter the SWG market today, but on the other, they also announced extending their strategic partnership with Zscaler. According to our data, Zscaler has been growing aggressively in the SWG market, as evidenced in 2Q20 with a 19% market revenue share and overtaking Cisco (Umbrella) for the #2 market spot. If they continue current growth velocity, they may take the #1 position before long.

VMware recognized that Zscaler isn’t going away, and customers will continue to seek best of breed deployments, with Zscaler owning the SWG and VMware owning SD-WAN. Few details were released on how VMware and Zscaler will further integrate, but on the face, I see a détente between both vendors, all aiming to reduce thrash near-term.

In summary, VMware continues to deftly expand its sphere of influence in the network security market, and we will be watching their developments with keen interest.

 

I had the opportunity to attend Juniper’s annual analyst event held on September 15 and 16. During the two-day affair, Rami Rahim, CEO of Juniper, and his staff reviewed Juniper’s business and technology strategy. They were joined by a cadre of customers telling their story to why they chose Juniper. I also had the opportunity to sit down one-on-one with Samantha Madrid, VP of Security Business & Strategy and owner of Juniper’s security business, to dig deeper into their security strategy.

As I look back at the event from a network security purview, I see Juniper making three bets on growing security market share.

1. All Network Infrastructure is Security Infrastructure

Juniper seeks to position its entire product portfolio as part of its security vision and solution. They argue that security doesn’t stop at the network security solution, say a firewall, but extends to the total network footprint. They equally see the data center, WAN, and enterprise campus network infrastructure participating in their “Connected Security” security vision. Participation by the network infrastructure is two-fold. On the one hand, as a source of security telemetry, such as who is connected and where. On the other hand, as an enforcement point, where surgically precise remediation action can occur.

This bear hug of all infrastructure is a wise move by Juniper. According to recent revenue data in Dell’Oro’s routing, switching, and security reports, Juniper’s network security market share is nearly five times smaller than their routing market share and 50% smaller than their switching market share. Juniper is looking to leverage its more substantial non-security areas for the benefit of the security sales conversation.

2. Ease of Use Still Matters

Most, if not all, network administrators will say they feel like an unsung hero in their IT organization. When the network works, rarely does the network administrator get congratulated. But when it does go down, fire and brimstone readily come raining down. This means that network admins are eager for solutions to help keep the network going.

During the customer fireside chats, Juniper had the network director from a US municipality tout how Juniper’s SRX firewall solution had facilitated a significant reduction in the number of rules compared with their previous vendor. This customer further detailed their satisfaction with the day-to-day management environment spanning physical appliances on-prem and virtual appliances in the cloud.

Focusing on ease of use is never a bad bet. All too often, security solutions turn into science experiments that are more pain than gain.

3. Cloud-Based Security is the Future

Our data shows that we are at an inflection point in the network security market regarding form factor preference and market direction. We track three form factors in our network security program: physical appliances, virtual appliances, and SaaS (Software as a Service). Until recently, all three form factors were on a growth trajectory. However, due to the pandemic limiting physical infrastructure projects and a growing customer preference for cloud-delivered security, we expect the market in 2020 for physical appliances to decline 5%. The virtual and SaaS form factors will grow 6% and 27%, respectively.

Juniper sees the same writing on the wall and looks to pivot the cloud to a greater degree. Most of Juniper’s competitors have already entered the SaaS-based network security market (e.g., Secure Web Gateways). While no SaaS-based solutions were announced during the analyst event, the Juniper team made it abundantly clear that their direction was cloud-based and to expect future product announcements.

In summary, Juniper is making common sense bets, and we will be watching their developments with great interest.

To learn more about Dell’Oro Group Network Security and Data Center Appliances market research program, please check out the Network Security page for more information.

Dell’Oro Group published an update to its Data Center switch market five-year forecast report. The report shows that the data center switch market is expected to grow at a 4% CAGR from 2019 to 2024, approaching $17 B by the end of our forecast period. Despite the COVID-19 pandemic, our revised forecast of 4% CAGR shows only a slight downward adjustment from our prior January forecast of 5%.

Most of the downward adjustment was driven by the non-Cloud segment, which includes enterprises as well as Telco Service Providers (SPs). The non-Cloud segment comprises about 60% of the total data center switch revenue and accounted for more than 70% of the downward adjustment for every year during our forecast period. In the meantime, our current forecast for the Cloud segment shows only a slight downward revision, relative to our prior January report  as shown in the chart. Our Cloud segment includes the Top 4 U.S Cloud SPs (Google, Amazon, Microsoft, and Facebook), The Top 3 Chinese Cloud SPs (Alibaba, Tencent and Baidu), and other Tier 2/3 Cloud SPs that are mostly Content Cloud providers.

Within the non-Cloud segment, we have lowered our forecast for large enterprises, as well as for small and medium enterprises. However, while we project the “Large Enterprise” segment (which includes Fortune 2000 companies) to return to growth and surpass its 2019 pre-COVID revenue level in 2021, we predict that small and medium enterprises will continue to decline during our forecast period—never to return to growth, for reasons explained in more details in our Ethernet Data Center Switch Five-Year Forecast Report.

Within the Cloud segment, we essentially maintained our projections for the Top 4 U.S. Cloud SPs, as well as the Top 3 Chinese Cloud SPs, as our underlying assumptions for the growth in those segments have remained unchanged. These assumptions are mostly driven by the timing of the 200/400 Gbps adoption as well as the consumption/digestion cycles. However, we have lowered our forecast for the “Rest of Cloud” segment, as macroeconomic headwinds may affect the ability of these Tier 2/3 Cloud SPs to grow revenue, consequently impacting their ability to expand their data center infrastructure to support their business. We believe that some of these Tier 2/3 Cloud SPs may rely on Tier 1 Public Cloud providers to expand capacity during and after the pandemic. Leveraging Public Cloud SPs is an opex alternative that allows them to scale up and down capacity according to the demand.

Other highlights from the report

• 400 Gbps adoption in 2020 will continue to be driven mainly by Google and Amazon, and benefit mostly white box switch vendors. In the meantime, we don’t expect the adoption of 200/400 Gbps by Facebook and Microsoft to materialize until 2021. Facebook and Microsoft still deploy a fair amount of branded switches but we do expect a potential change in the vendor landscape in tandem with the 200/400 speed transition at these accounts.
• We predict Google, followed shortly by Amazon, will spearhead the adoption of 800 Gbps in 2023/2024. 800 Gbps will be driven by the availability of 100 G SerDes technology which will allow to build dense 100 Gbps or dense 400 Gbps systems in 1 U form factor (i.e., each 800 Gbps port can be used as 2×400 Gbps or 8×100 Gbps). 100 G SerDes will also allow to match the electrical lanes with the optical lanes.
• With the transition to 400 Gbps and higher speeds, the role played by optics will become even more crucial for several reasons including increased optics prices, the possibility to displace DWDM systems in the data center interconnect (DCI) and the potential migration to co-packaged optics at high speeds. For these reasons, some switch vendors are increasing their offerings of optical transceivers. In the report, we explain if/when we will include optical transceivers in our data center switch revenues. We also expect to see many consolidations and acquisitions in the market in order for switch, chip, and optics vendors to position themselves during this transition.
• The adoption of disaggregated switch systems will continue to increase during our forecast period, although at a slower rate than in the prior years. Early adoption of disaggregated systems has been driven mainly by large Tier 1 Cloud SPs and has greatly affected the market given their scale (involving a server-installed base of well over one million). However, the next wave of adoption will be driven either by Tier 2 Cloud SPs (which are significantly smaller in size than the Tier 1) or by some large enterprises.

If you need to access the full report to obtain revenue, units, pricing, relevant details including speeds, regions, market segments, etc., please contact us at dgsales@delloro.com

About the Report

The Dell’Oro Group Ethernet Switch – Data Center Five Year Forecast Report provides a comprehensive overview of market trends and includes tables covering manufacturers’ revenue, port shipments, and average selling price forecasts for various technologies: Modular and Fixed by Port Speed; Fixed Managed and Unmanaged by Port Speed. We forecast the following port speeds: 1000 Mbps; 10 Gbps; 25 Gbps; 40 Gbps; 50 Gbps; 100 Gbps; 200 Gbps; 400 Gbps. We also provide Regional Forecast as well as forecast by different market segments (Top 4 U.S. Cloud SPs, Top 3 Chinese Cloud SPs, Telco SPs, Rest of Cloud, Large Enterprises, Rest of Enterprises).

The Network Security and Data Center Appliance market, consisting of the Firewall, Content Security, Intrusion Detection System and Intrusion Prevention System (IDS and IPS), and Application Delivery Controller (ADC) markets, is forecasted to grow at 6% five-year CAGR and go from $14 B in 2019 to $19 B in 2024.  Growth at 6% is slightly weaker than the typical high single-digit pattern we have seen over the last decade, but considering the ongoing COVID-19 pandemic is explicable. Several of the key takeaways from our forecast report include:

• The ongoing COVID-19 pandemic will continue to impact the market both negatively and positively throughout 2020 and into the first half of 2021, assuming that an effective therapy or a vaccine is developed that allows society to restabilize.
• In aggregate, the network security market, which consists of the Firewall, Content Security, IDS, and IPS markets, will continue to experience both positive and negative factors. The negative factor of delayed spending will have a slight advantage, however, leading to flat Y/Y growth in 2020.
• We expect that post-pandemic, the network security market will return to the overall growth of 8% Y/Y from 2021 to 2024 and reach $17.1 B in 2024.
• The network security market will vary significantly from historical growth trends during the pandemic. We expect that the Content Security and Firewall market will rebound and return to nominal growth post-pandemic. However, the IPS and IDS market will not and will continue to its long decline.
• During the pandemic, the ADC market will be affected by both positive and negative factors. Overall, we anticipate that the positive factor of surge spending will keep growth in positive territory at 1% Y/Y in 2020.
• Post-pandemic, we expect that the ADC market will accelerate slightly faster than we predicted in our previous forecast due to the combination of positive factors ranging from market demand and vendor dynamics. The five-year CAGR of our current forecast is 1% versus our prior forecast of flat growth.

For a near-term perspective on the effects stemming from the pandemic, please refer to our recently published blog: Network Security Market Not Immune to the Pandemic.

The Top Four Trends Impacting our Forecast

• Investment in enterprise IT transformation will accelerate due to the pandemic and drive overall market growth. Many enterprises that are neither digitized, multi-cloud present, nor mobile-friendly have experienced more business continuity problems during the pandemic than those farther into their transformation. Expect investment to be broad-based in the service of securing new applications, new data centers, and connectivity solutions for mobile, branch, and campus environments.
• The pandemic has drastically increased the ranks of teleworkers. While we expect many teleworkers will eventually go back into the office, we also believe that the percentage of teleworkers post-pandemic will be significantly higher versus pre-pandemic, falling somewhere between 20% and 45%, as work and cultural norms change in favor of teleworking. Anticipate that secure connectivity solutions will stand to benefit as enterprises invest for the long-term.
• We expect the pandemic will accelerate enterprise automation and expand the network and application footprint that needs to be secured. Many enterprises want to automate manufacturing processes to ensure business continuity while implementing physical distancing. We believe the increase in automation and the associated expansion of the network footprint will continue post-pandemic, as the growth in connected devices, commonly referred to as the Internet of Things (IoT), accelerates.
• Investment by public cloud service providers and telco service providers will continue to grow to support the higher number of enterprise IT workloads and 5G on their platforms, respectively.

If you need to access the full report to obtain revenue, units, pricing, relevant segmentation including technology, end-users, use cases, regions, vertical markets, etc., please contact us at dgsales@delloro.com

 

About the Report

Dell’Oro Group’s Network Security & Data Center Appliance 5-year Forecast Report offers a complete overview for the Firewall, Content Security, Intrusion Detection System and Intrusion Prevention System (IDS and IPS), and Application Delivery Controller (ADC) markets and discusses the short- and long-term market and technology trends that shape the forecast.