Fueled by their acquisition of Ericom, Cradlepoint has put together a four-phase strategy starting with the differentiated value they offer today, and then building out the stages of the Ericom integration.
Today, Cradlepoint, which is deeply focused on cloud-delivered LTE and 5G wireless network solutions, laid out their vision of how moving forward, they will leverage both their existing portfolio and that of the recently-acquired Ericom to make a unique 5G-optimized SASE solution available to the market. They also indicated the stages and timeframes it will take them to get there.
“SASE is defined by Gartner as the coming together of SD-WAN with security delivered from the cloud,” said Bruce Johnson, Senior Product Marketing Manager at Cradlepoint. “We are different from our competitors because we are a wireless WAN company, and the optimization also works with LTE. We are able to gather information from wireless devices on the network, and can steer traffic by wireless telemetry like signal strength. So if you have say, a police car enabled with this technology, if it has a dual modem dual SIM router we can change the route based on that cellular network. We can go to that next level by taking advantage of that information from the cellular network and applying it to traffic or security.”
Cradlepoint does all of this today, and this part falls within Phase One, which is current capabilities.
“What we are announcing today is not a new product release,” Johnson said. “It is a vision strategy. This is Phase One and it is part of our 5G SASE piece we can already deliver today. Another piece of this phase that differentiates us from typical SASE vendors is that all of our SD-WAN and all our security can be managed from the same platform that the customer uses to manage their wireless WAN. Most of the IT customers are very ‘lean IT.’ They have three or four people that are managing thousands of locations and devices. Being able to manage their security and deploy it all through the same interface, that addresses that lean IT issue. Even though that’s not a technology differentiator, it’s a characteristic of a lot of the 5G companies that we work with. They don’t have to introduce a new stack for security.”
Johnson emphasized that even in this first phase, there is still significant differentiation.
“Being able to steer traffic with SD-WAN, and supporting a lot of 5G customers who have very small IT staff, and being able to manage it all through our NetCloud Manager is significant,” he said.
The remaining phases involve various levels of integration of the acquired Ericom technology.
“Ericom gave us two major pieces needed for a full-scale SASE solution,” Johnson stated. “One is a global cloud that they already had in place. The other is the ability to protect users from Dirty Internet, where 90% of attacks come from phishing attacks.
“Ericom targets large enterprise and commercial markets.” Johnson added. “They are based out of Israel, and got their start making 3270 emulator cards. From there, they pivoted into security and then into cloud-based security. They have a remote browser isolation [RBI] and a CASB, to protect against unknown threats. With the RBI, we put a sandbox in the cloud.”
The second phase of the Cradlepoint strategy involves the initial stages of the Ericom integration.
“In the short term, Phase Two is due by the end of the year,” Johnson said. “It is not a full integration yet, but we will take advantage of the Ericom cloud to deliver NetCloud Exchange. This will allow the customer to buy it as a service without needing to install anything.”
Phase Three is the full integration of Ericom and NetCloud Exchange.
“It will make it all manageable and configurable through NetCloud,” Johnson indicated.
The fourth and final phase is more long term.
“Think a year or a year and a half,” Johnson said. “It will involve some additional 5G differentiators, such as a root of trust with the SIM card for immutable security.”
Johnson also stressed that the real growth potential here is not with IT devices as much as IoT.
“What we see in the industry is that user devices are fairly flat, while IoT devices are taking off, with ten times as many IoT devices,” he said. “The problem is that by their very nature, IoT devices are insecure. They don’t get patched, and default passwords don’t get changed, so they are easy to hack. Our Zero Trust piece provides name-based addressing that obscures IoT based advertising, where they actually advertise their IP addresses. We can also protect all of them, so we can play a much stronger role in securing these addresses.”
One area many channel partners are familiar with is video surveillance cameras. But many of these are not installed by IT pros, and are often done by local company staff. They don’t change passwords on cameras. People who aren’t IT pros are installing IoT devices, and companies know this is an issue.
Johnson stressed that the scope of the new strategy will be highly attractive to partners.
“One of the challenges we have always had with partners was that we were historically point products,” he said. “That’s our history, and the challenge for partners is that we were a niche solution. Now with private SASE and private networks, we have a portfolio. It’s all cloud based, so there is no hardware to ship. Any time you are just a small piece of revenue, it’s hard to get partners excited. Now they can sell security, SD-WAN, and a whole SASE solution, and it is all a lot stickier.”