Red Access Adds SSE Capabilities to Existing Firewalls Without Rip-and-Replace
Red Access launches agentless SSE that layers on top of existing firewalls from Palo Alto, Fortinet, Cisco, and Check Point. Deployment in hours, not months.
Red Access launched what it calls firewall-native SSE, a cloud layer that bolts Security Service Edge capabilities onto existing firewalls. No agents to roll out, no browser changes, no rip-and-replace. The company claims deployment takes hours, not months, and works across Palo Alto Networks, Fortinet, Cisco, and Check Point.
The SSE adoption problem
SSE adoption has hit a wall. The technology promises unified security (DLP, CASB, SWG, browser isolation) but integrating it into existing infrastructure is painful. Most SSE platforms require significant architectural changes, agent deployments, or browser swaps. Many organizations have stalled mid-migration or never started.
Red Access is betting that the answer is going agentless and piggybacking on what is already deployed. CEO Dor Zvi frames it simply: activate modern SSE capabilities over the top of your current firewall using a configuration change.
What the stack includes
The firewall-native SSE package covers the expected SSE components: Data Loss Prevention, Cloud Access Security Broker, Secure Web Gateway, advanced phishing protection, enterprise browser controls, and Local Browser Isolation. On top of that, Red Access adds protections for GenAI tools, desktop applications, browser extensions, messaging platforms, and WebSocket traffic.
The GenAI security angle is timely. As organizations adopt AI tools internally, controlling what data flows through those tools becomes a DLP priority that most existing firewall configurations do not handle well.
WAFplanet take
Red Access is not a WAF vendor, but this matters for the WAF market. The line between WAF, firewall, and SSE keeps blurring. Organizations running Cloudflare, F5, or Zscaler WAAP already get some SSE-adjacent features. Red Access is coming from the other direction, turning traditional firewalls into SSE platforms without touching the WAF layer.
The 80% faster deployment claim is the real selling point. If true, it removes the biggest objection to SSE adoption. But the tradeoff is clear: you are adding a third-party overlay to your firewall vendor's stack, which introduces its own integration and visibility questions. Firewall vendors like Palo Alto and Fortinet have their own SSE offerings. Whether customers will choose an overlay or go native depends on how painful the native path actually is.
