Citrix Targets MSSPs, Cloud Partners with App Firewall

Managed security service providers and cloud vendors for about the past year have been broadening their offerings to include application firewalls. Against this backdrop, Citrix Systems Inc. this week rolled out a line of application firewalls, targeting MSSPs and cloud providers as well as enterprise customers. Here’s some background.

Citrix’s NetScaler Application Firewall appliances come in five hardware models ranging from 500 Mbps to 5 Gbps. Pricing along that spectrum runs from $20,000 to $85,000.

Greg Smith, director of product marketing for Citrix NetScaler, said the appliances let service providers offer application firewall protection to their hosting customers without impacting application performance. He said the appliances’ performance and scale is sufficient to protect multiple applications and tenants.

Citrix also offers a software-based virtual appliance for service providers who want to run a dedicated application firewall for each tenant.

NetScaler Application Firewall offers pay-as-you-grow licensing, which Smith cited as a benefit for service providers. Under this approach, a service provider who purchased an appliance based on a forecasted performance requirement of 3 Gbps could purchase a software license to unlock more performance (a 3Gbps to 5 Gbps upgrade, for example).

Similarly, a company that purchases an application firewall appliance may later transform it to a NetScaler appliance via the software licensing upgrade path, Smith explained. The NetScaler appliance, which Citrix terms an application delivery controller, provides load balancing, application acceleration, server offload and security.

This market certainly is filled with competition. SecureWorks, for example, launched a Web application firewall management and monitoring service last April. Akamai Technologies in December expanded its cloud-based security suite into that area as well. The technology is sufficiently mature and the customer demand sufficiently compelling to drive adoption. Compliance chores also contribute. The Payment Card Industry Data Security Standard points to Web application firewalls as one option for  ensuring Web applications “exposed to the public Internet are protected against the most common types of malicious input.”