The enterprise network firewall market represented by this Magic Quadrant is composed primarily of purpose-built appliances and virtualized models for securing corporate networks. Products must be able to support single-enterprise firewall deployments and large global deployments, including branch offices. These products are accompanied by highly scalable management and reporting consoles, products, and a sales and support ecosystem focused on the enterprise.
The firewall market has evolved from simple stateful firewalls to NGFWs, incorporating full-stack inspection to support intrusion prevention, application-level inspection and granular policy control. Such NGFWs will eventually subsume mainstream deployments of stand-alone network intrusion prevention system (IPS) appliance technology at the enterprise edge. Gartner already sees this shift in the form of reduced IPS buying activity and a flattening of IPS market growth, but Gartner believes the security-conscious segment of the market will continue to use separate IPSs. The reality of product life spans cannot be ignored in this market shift, however: Enterprises refresh individual firewalls, on average, every five years, and IPSs are refreshed about four years or less, so the market won’t shift quickly.
Although firewall/VPN and IPS are converging, other security products are not. All-in-one or unified threat management (UTM) products are suitable for small or midsize businesses (SMBs) but not for the enterprise: Gartner forecasts that this separation will continue until at least 2016. Branch-office firewalls are becoming specialized products, diverging from the SMB products (for more information, see “Magic Quadrant for Unified Threat Management”).
Gartner has successively increased the Magic Quadrant evaluation weighting for NGFW features. This edition signals a significant increase in the weighting of NGFW capabilities reflecting the changing markets and enterprise needs.