The 10 Coolest Network Security Products Of 2017 (So Far)

The Best In Network Security

Security vendors are continuing to step up their game when it comes to network security technologies as customers face an ever-rising tide of threats. The year so far has seen vendors launching new capabilities to help customers respond to the more advanced threats facing their businesses, as well as expand beyond traditional perimeter technologies. Those advancements have included capabilities around artificial intelligence, the Internet of Things, advanced threat protection, cloud security and more. While 2017 is far from over, here are 10 security offerings that have stood out so far in network security.

(For more on the "coolest" of 2017, check out "CRN's Tech Midyear In Review.")

Cisco Security

Cisco boosted its network security portfolio in June with the launch of Cisco Encrypted Traffic Analytics, which solves a growing challenge in security around threats hiding in encrypted traffic. Cisco said almost half of cyberattacks are hidden in encrypted traffic and this number keeps growing. By utilizing Cisco's Talos cyberintelligence and machine learning to analyze metadata traffic patterns, the network can identify the fingerprints of known threats even in encrypted traffic, without decrypting it and impacting data privacy. A month earlier, Cisco also unveiled a partnership with IBM to integrate some of its security products, services and threat intelligence. Both launches speak to Cisco's growing commitment around security, which represents a growing area of the networking giant's business and more than $2 billion of its sales in 2016.

Darktrace Enterprise Immune System

Artificial intelligence is gaining steam in security as a way for companies to better detect threats. Darktrace has been riding a wave of growth on that trend, with an offering that uses machine learning to detect and stop attacks. It's Enterprise Immune System appliance passively monitors raw network data, building profiles of users and devices across the network, then using machine-learning algorithms to spot anomalous behavior. The company raised $75 million in Series D funding in July at a valuation of $825 million.

ForeScout Technologies CounterACT

ForeScout Technologies has been leading the way when it comes to IoT security, and 2017 so far has been no exception. In June, the company unveiled enhancements to its flagship CounterACT system, including a new user interface, out-of-the-box or customized classification of devices, including profiling, taxonomy, segmentation and control policies. The classification works for IoT, OT, mobile and virtual endpoints, the company said. ForeScout also announced unveiled enhancements around scale and resiliency, expanding its Enterprise Manager to handle over 1 million devices and failover clusters for resiliency. ForeScout also deepened its partnership with VMware, unveiling a new data center security solution for VMware environments, providing consolidated visibility into software-defined data centers, a policy-based approach to validate virtual machines, automated compliance checks, resource optimization and more.

Fortinet FortiOS 5.6

The latest update to the Fortinet operating system, unveiled in April, added key capabilities around cloud security, including a new cloud access security broker solution, public cloud integrations, and SD-WAN capabilities. More specifically, the update included extending the FortiGate capabilities with performance to meet public and private cloud needs, availability on the Microsoft Azure Marketplace and extended capabilities with AWS, the launch of FortiCASB, and new SD-WAN features and functionality for the operating system. Fortinet said the updates are part of a recognition by the company that customers want a single set of security offerings to secure their data both on-premises and as they move into public and private cloud environments.

Palo Alto Networks

Palo Alto Networks has made huge enhancements across its entire network security platform this year, including a new PAN-OS 8.0 launch that added upgrades across cloud security, multi-method threat prevention, management at scale, credential threat prevention and new hardware. All in all, Palo Alto Networks added more than 70 new features across those platform categories with the operating system update. Palo Alto Networks also unveiled further updates to its platform in June, adding a new Application Framework for any security provider to build cloud-based applications on top of the platform and a new GlobalProtect cloud service to bring GlobalProtect's traffic visibility, policy enforcement, threat prevention, WildFire, and other security capabilities to remote offices and mobile users with a cloud-based service.


With recent attacks putting industrial control system security into question, Houston-based company PAS is looking to help companies tighten their system systems around the Industrial Internet of Things space. The company was founded in 1993 as a consulting firm for optimizing automation systems in Industrial IoT, serving the oil and gas, refined petrochemical and power industries, but now has offerings for ICS security, automation asset management and operations management. The company raised $40 million in funding in April, money it said it would put in part toward building out its channel strategy.

Pwnie Express

IoT security is front and center in 2017. One company seeing a lot of growth around that market is Boston-based Pwnie Express, which offers threat detection for wired, wireless, and Bluetooth devices. The company's Pulse offering discovers and provides context on all devices on a company's infrastructure, detects threats, and prioritizes threats around those devices. In March, the company added the Device Risk Scorecard, which provides risk assessments of security threats from IoT devices around configuration, device behavior, potential compliance challenges, and shadow IT and rogue devices.

SonicWall Capture Advanced Threat Protection Service

SonicWall continued to build on its widely popular Capture Advanced Threat Protection service this year, saying in February that it had extended the capabilities to email for an additional layer of protection against zero-day and advanced threats. The Capture service uses three different network sandbox engines for a multilayer defense approach. The launch is significant because email remains one of the largest vectors for attacks on small and midsize businesses, with ransomware attacks alone up 167X year over year, Vice President of Worldwide Sales Steve Pataky said. For partners, Pataky said the offering opens up the doors for conversations around advanced threat protection and email security. SonicWall also previewed coming updates to its SonicOS, including deep packet inspection of DPI-SSH, biometric authentication, extended Dell X-Series integration, automated initial site-to-site VPN gateway provisioning, opening up the API to build a third-party ecosystem of threat intelligence, and providing visibility into connected devices and types for IoT devices.

Sophos Central

Sophos has been building on its Sophos Central centralized management platform throughout 2017, resulting in a "dramatic acceleration" in its uptake by partners. Sophos Central sales grew 220 percent to $87.7 million, the company said, and accounted for 17.1 percent of all subscription billings during the year. That growth has driven cross-selling and upselling rates up, CEO Kris Hagerman said, with endpoint and UTM cross-sell reported at 9.6 percent, up from 7.4 percent in 2016. The Oxford, U.K.-based company has continued to add updates across the platform, integrated through Sophos Central, including an Intercept X anti-ransomware solution for endpoint, a Sophos Server Protection product for anti-ransomware, and a new Phish Threat Attack Simulator.

WatchGuard Technologies Threat Detection And Response

WatchGuard Technologies brought together its network and endpoint security portfolios with the January launch of its Threat Detection and Response solution. The new Threat Detection and Response (TDR) offering is an add-on subscription to the Seattle–based company's flagship Firebox appliance as part of the company's Total Security Suite package. The cloud-based service adds threat detection capabilities on the endpoint, which connect back into the network for remediation. WatchGuard has traditionally focused primarily on network security, but it said the TDR launch shows the company recognizes the importance of a "holistic view" when it comes to security. The launch comes after WatchGuard added a new Wi-Fi Cloud solution last year, with cloud-ready access points, built-in wireless security, and a management platform.