Zscaler CEO: Firewalls Are Going The Way Of The Mainframe
Jay Chaudhry tells CRN he foresees a future world that will be ‘almost’ devoid of firewalls, which Zscaler is looking to displace with its products for enabling zero trust security.
If Jay Chaudhry is right, the days may be numbered for one of the most ubiquitous cybersecurity technologies—the firewall—which he argues has outlived its relevancy in the era of cloud and distributed work.
“Firewalls will become like mainframes,” said Chaudhry, founder and CEO of cybersecurity vendor Zscaler, in an interview with CRN this week.
“A bunch of them are still there, running somewhere,” he said. “But they become incidental because the world they were designed for was different.”
[Related: Zscaler Aims For Bigger Reliance On Partners In Push For $5B ARR]
Chaudhry, of course, is far from unbiased on the subject. Zscaler’s focus has long been on displacing traditional network security technologies, such as firewalls and VPNs, with its products for enabling zero trust security. Among the company’s biggest rivals in the industry are Palo Alto Networks and Fortinet, both of which continue to offer firewalls, in addition to their newer cloud-driven secure access service edge (SASE) platforms.
Zscaler now counts more than 40 percent of Fortune 500 organizations among its customers. And despite current macroeconomic woes, the company beat expectations with its latest quarterly results, growing revenue by 46 percent year over year to reach $418.8 million.
Chaudhry said he believes a lot more companies—including smaller companies that Zscaler plans to increasingly court with the help of channel partners—will soon “wake up” to the shortcomings of traditional network security tools like the firewall.
When it comes to the firewall, Chaudhry said he foresees a world that will be “almost” devoid of the technology in the future. And this will take years, not decades, he said.
Chaudhry spoke with CRN at Zscaler’s Zenith Live 2023 conference in Las Vegas, where he also addressed “legacy” security technology several times during his keynote session.
“Unfortunately, a lot of [cybersecurity spending] gets spent on legacy technology. The biggest segment of the spend is firewalls. And breaches happen all the time,” he said during the Zenith Live keynote Wednesday.
“Tell me a single breach where they didn’t have a firewall or VPN solution in place,” Chaudhry said. Traditional network security “isn’t helping,” he said.
Partners Are Key
At cybersecurity consultancy Dazzpers, a Zscaler partner based in San Ramon, Calif., co-founder and CEO Eduardo Ibanez said there’s no question that using Zscaler’s tools to help customers work toward a zero trust architecture can bring massive security benefits.
At the same time, many organizations have a “huge investment in boxes” such as firewalls, Ibanez said.
The shift away from traditional network security technologies “will take some time,” he said. “There is a lot of evangelization that we need to do.”
Without a doubt, what Zscaler is putting forward is “a different way of thinking,” said Kurt Wagner, director of cybersecurity services at BlackLake Security, No. 282 on CRN’s Solution Provider 500 for 2023.
The Austin, Texas-based company has had a hand in some of Zscaler’s largest deployments to date, Wagner said. And that has required the company to “have a very strong understanding of not only the newer technology that Zscaler is offering, but also the legacy technology,” he said.
“Most of the Fortune 500 clients have firewalls. And they have huge networking teams,” Wagner said.
As a result, for many organizations to embrace a new security architecture, “I think having a partner like us, who has been walking customers through those successful journeys, is key,” Wagner said. “It’s important to have access to a partner that understands the entire environment and enterprise.”
Ultimately, Chaudhry contends that zero trust architecture will win out due to its clear security advantages for today’s distributed environments. “The architecture of the firewall—which is designed to protect servers—is not right to protect users,” he said.