In addition to reporting very strong growth in its fiscal third quarter, Zscaler announced the completed acquisition of Edgewise Networks last week. At a price tag of $31 million, this won’t be a deal that turns many heads, but maybe it should. We’ve seen much of the industry shift to a cloud-delivered network security approach over the last 10 months, something ESG calls elastic cloud gateways (ECGs). In many ways, this is the logical evolution of the approach Zscaler introduced more than 10 years ago. However, the Edgewise Networks deal, along with the recent acquisition of cloud security posture management (CSPM) vendor Cloudneeti show that Zscaler is beginning to think beyond just user access and toward a broader approach to cloud security overall. Specifically, the addition of Edgewise Networks strengthens Zscaler’s zero-trust capabilities to address not only the workforce, but also applications and workloads.
Edgewise certainly covers the essential capabilities for microsegmentation. Recent ESG research asked respondents for the most important attributes in a microsegmentation solution. The top factor cited by 42% of respondents was the ability to identify and map the traffic and relationships between workloads, applications, and other entities. Also of high importance is support across multiple deployment models (i.e., data center, public cloud, and containers), which was cited by 39% of respondents. Edgewise has both these bases covered.
However, Edgewise provides an interesting take on these typical approaches to microsegmentation by adding a layer of identity authentication between applications or services. This, as well as some of the machine learning capabilities Edgewise brings to the table, could see interesting uses within Zscaler’s current zero-trust access solutions over time. Better visibility into user application access patterns, built-in identity validation, and the machine learning engine itself could all enhance Zscaler’s Private Access offering.
One challenge Zscaler will face is getting this in front of the right people. The ownership for microsegmentation solutions remains fractured, with IT ops, SecOps, DevOps and application development, and the network security teams all potentially having input depending on the organization. Zscaler’s C-level focus should help here, as will providing solutions supporting a more well-rounded zero-trust approach. However, building DevOps credibility will be paramount.
These recent tuck-in acquisitions have potential upside with limited risk due to the small acquisition costs. We expect to see cloud adoption continue to accelerate as organizations look for increased flexibility, agility, and cost-savings due to the impact from COVID-19. Microsegmentation capabilities to support a zero-trust approach and CSPM are two areas of security sure to benefit from the increased focus.