10 things to know about the US$420M Palo Alto Networks-CloudGenix deal

By on
10 things to know about the US$420M Palo Alto Networks-CloudGenix deal

Getting Serious About SD-WAN

Palo Alto Networks has doubled down on SD-WAN with its proposed US$420 million acquisition of CloudGenix, whose cloud-based approach is expected to streamline the onboarding of remote branches and retail stores to the company’s secure access service edge (SASE) platform.

“Once the pandemic slows, we may see a permanent change in how organizations think about remote workforces,” said Palo Alto Networks Chairman and CEO Nikesh Arora. “As applications move from corporate data centers to the cloud, users need secure access from anywhere, whether that’s the headquarters or somewhere else.”

Arora and Chief Product Officer Lee Klarich spoke with Wall Street analysts Tuesday about how Palo Alto Networks determine CloudGenix would be a good fit, what opportunities the acquisition will create for service providers, and why the company decided to pull the trigger on the deal despite the coronavirus pandemic.

From embracing subscription pricing to maintaining a dual SD-WAN strategy, here’s a look at 10 of the most interesting components of the Palo Alto Networks-CloudGenix deal.

photo

10. Company Was Eyeing SD-WAN Firms Prior To Coronavirus Outbreak

Palo Alto Networks had been in conversations and evaluating the SD-WAN market prior to the coronavirus outbreak, and examined every single player in the SD-WAN market, according to Arora. The company wanted to maximize the integration benefits, and Arora said purchasing CloudGenix provided Palo Alto Networks with a very clear integration path.

In terms of timing, Arora felt doing the CloudGenix deal sooner rather than later would be best to provide the teams with more time to coalesce, align and integrate the products. And from a workforce standpoint, Arora said the Prisma Access team had just come off a big release while CloudGenix was attempting to figure out how to integrate LTE and 5G into its boxes.

“Better sooner than later if you’re going to deliver an integrated product,” Arora said. “We think this is the time where the market will shake out winners and losers.”

photo

9. Board Wanted To Make Sure Company Could Handle CloudGenix Deal

Palo Alto Networks expects to see more activity in the SD-WAN space over the next six to nine months both competitively as well as from established players, according to Arora. And as security and SD-WAN begin to converge, Arora said it was critical for Palo Alto Networks to have a major presence in the space sooner rather than later.

The board of directors made sure Palo Alto Networks management looked both at its capacity to smoothly integrate CloudGenix as well as its ability to carry out the acquisition from a cash perspective, Arora said. Palo Alto Networks has a lot of cash on its balance sheets, so Arora said there was nothing stopping the company from pulling the trigger on the deal.

“We’re not interested in going and spending money in an uncoordinated, undisciplined fashion, but this was an important acquisition from a product roadmap perspective, and something we’d like to get done,” Arora said.

photo

8. Customers Burdened By Traditional Approach To SD-WAN

Most SD-WAN architectures require the customer to deploy an SD-WAN device in every branch office and regional data center around the world, Klarich said. The SD-WAN market space has largely operated under a do-it-yourself model, where the SD-WAN products are sold to customers and the customers are responsible for deploying them.

As a result, Klarich said customers are stuck building their own regional data centers and connecting them together as part of their own network. Forcing customers to effectively build and operate their own global network can be very challenging, according to Klarich.

Altogether there will continue to be a market for the traditional approach to SD-WAN, Klarich said there’s a better way.

photo

7. The CloudGenix Device Sends Most Complex Processing To The Cloud

The acquisition will enable Palo Alto Networks to further enhance its secure access service edge (SASE) platform by integrating the CloudGenix AI-based SD-WAN product with Prisma Access, Klarich said. This is referred to as a thin branch solution since the device in the branch is intelligent yet lightweight, meaning that most of the complex processing happens in the cloud, according to Klarich.

Whether hardware or virtual, Klarich said the CloudGenix SD-WAN device is designed to be lightweight, intelligent, deployed into the branch office, and optimized for connecting into a global cloud footprint like Prisma Access. CloudGenix also provides cloud-based telemetry monitoring capabilities as well as application performance routing, according to Klarich.

Having one cloud-delivered security solution for branch offices, mobile users and partners means that customers can count on secure global connectivity to all applications, according to Klarich. The first CloudGenix integration milestones will be hit within three months of closing, Klarich said, with deeper integration work slated to take place in the second half of 2020.

photo

6. Fusing CloudGenix And Prisma Access Will Ease Data Center Burden

A CloudGenix device can be set up both in the branch office as well as in the data center, according to Klarich. Under this arrangement, Klarich said it won’t be too long in the integration process before Palo Alto Networks can have the data center device be a next-generation firewall simply running a bit of software.

Alternatively, Klarich expects to see a lot of customers connect CloudGenix up to the Prisma Access service. From there, Klarich said it can be ensured that only the traffic that actually needs to go to the data center is routed back to the data center.

Conversely, Klarich said traffic that’s destined for a SaaS application, a cloud application or the internet is secured and then forwarded to the appropriate destination. As a result, Klarich said security is primarily delivered through the cloud with only the traffic that needs to be in the data center actually present there.

photo

5. Palo Alto Networks Will Maintain A Dual SD-WAN Strategy

Palo Alto Networks intends to maintain a dual SD-WAN strategy, and will therefore continue to enhance both the existing CloudGenix SD-WAN product as well as the company’s own firewall-based SD-WAN product, according to Klarich. There’s a set of customers out there that for various reasons will continue to go down the path of standalone products, Klarich said.

Doing that will ensure that Palo Alto Networks meets the range of requirements from its customers and provides a great onramp to the company’s full SASE (secure access service edge) offering, Klarich said. In the future, Klarich expects the standalone SD-WAN products will serve more as an onramp to Prisma Access as the fastest solution.

photo

4. CloudGenix, Prisma Access Management Consoles Will Be Integrated

CloudGenix’s cloud-based approach provides customers with constant visibility, telemetry and management capabilities, according to Klarich. On the branch side, Klarich said CloudGenix provides customers with the choice between a hardware option or a software virtual client option.

From an integration perspective, Klarich said CloudGenix will be designed to connect customers directly up to Prisma Access, the Palo Alto Networks global network and security as a service, Klarich said. From there, Klarich said the CloudGenix and Prisma Access management consoles will start to be integrated to provide customers with a unified experience.

“CloudGenix has been working on this for the past close to seven years, and they’ve built up a tremendous amount of knowledge and experience through that process,” Klarich said. “There’s no questions we’ll tap into that as we integrate the teams and leverage the knowledge and learning in both directions.”

photo

3. Service Providers Will Help Bring CloudGenix To Market

Service providers are a very viable and interesting channel for CloudGenix, and Palo Alto Networks already has a number of relationships around the world with service providers, according to Klarich. The company could initially use its existing service provider footprint to provide both networking and service as a service around CloudGenix, and then extend from there, Klarich said.

A lot of the deals that CloudGenix has done have happened through network influencers and people who support large network transformation, according to Arora. Some of these influencers come from the security side, Arora said, while others come from the network side.

On both the security and network side, Arora said Palo Alto Networks has access to people who are working with service providers directly.

photo

2. Deal Creates Robust Upsell, Cross-Sell Opportunities

Palo Alto Networks has been pivoting its sales force to learn more and more about Prisma Access and SD-WAN since the company launched SD-WAN capabilities in its firewall, Arora said. The company anticipates being able to cross-sell SD-WAN into Prisma Access customers as well as upsell Prisma Access into CloudGenix SD-WAN customers, according to Arora.

The company is seeing a bump up in the conversation around the most secure ways to work from home, which Arora said usually evolves into an SD-WAN conversation in the medium-term. As working from home becomes the new norm due to the coronavirus pandemic, Arora anticipates seeing more and more SD-WAN projects in the next few years.

“There’s a huge opportunity of putting the sales teams together and leveraging both SD-WAN and Prisma Access secure capabilities,” Arora said.

photo

1. Both CloudGenix, Prisma Access Embrace Subscription Pricing

The CloudGenix pricing structure is largely based on a subscription model and is priced by the size of the branch office, according to Klarich. The entire CloudGenix offering – including hardware – is included in the subscription, Klarich said.

As Palo Alto Networks looks forward, the primary strategic focus will be on integrated CloudGenix with Prisma Access, which Klarich said is also designed as a subscription model. The company hasn’t finalized all the pricing models, and expects to go through refining the integration plan during the process leading up to the close of the deal, according to Klarich.

Having said that, Klarich anticipates that the CloudGenix and Prisma Access pricing models will fit seamlessly together.

This article originally appeared at crn.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © 2018 The Channel Company, LLC. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Log In

Username / Email:
Password:
  |  Forgot your password?