SSE Magic Quadrant
For the countless organizations looking to enable hybrid and distributed workforces in 2023, providing secure access to corporate applications, data and other resources remains a top priority. Capabilities that are now widely seen as essential include zero trust network access (ZTNA) as a more-secure alternative to VPNs; cloud access security broker (CASB) for protecting the use of cloud-based applications; and secure web gateway (SWG) for protecting web usage. Increasingly, these capabilities are coming as a single package, as part of a unified security service edge (SSE) platform.
At research firm Gartner, analysts coined the term SASE (secure access service edge) in 2019 to denote a platform that offers both the security and networking elements needed for enabling modern remote access to applications and data. Gartner analysts then introduced SSE as a category in 2021, on the idea that the security components involved in SASE deserve a category of their own that’s distinct from the networking elements such as SD-WAN.
Gartner’s inaugural SSE Magic Quadrant was released in 2022. This week, the research firm debuted the 2023 edition of the SSE Magic Quadrant vendor ranking. The new Gartner Magic Quadrant for SSE recognizes 10 cybersecurity vendors, with Netskope, Zscaler and Palo Alto Networks named “leaders” in SSE in the report. Other major vendors recognized by Gartner included Cloudflare, Cisco and Skyhigh Security (formerly the SSE business of McAfee Enterprise). The Gartner Magic Quadrant rankings are a highly influential and closely watched indicator of how key players compare in numerous segments of the tech industry.
Gartner defines the “core capabilities” of a cloud-based SSE platform as including SWG, CASB and ZTNA, ultimately providing a modern way to secure user and endpoint traffic across hybrid and distributed teams. SSE platforms are “primarily cloud-delivered,” according to the research firm. SSE offerings can include numerous other capabilities, as well — such as remote browser isolation, cloud security posture management, SaaS security posture management and advanced data protection functionality, Gartner said in its report.
There were just a few major changes in the 2023 SSE Magic Quadrant, as compared to last year’s ranking. Cybersecurity giant Palo Alto Networks had appeared in the “challengers” quadrant in Gartner’s 2022 SSE Magic Quadrant, suggesting that the company’s “completeness of vision” was not as robust as that of several of the leaders, and that its “ability to execute” ranked behind that of Zscaler, according to the 2022 ranking. But for the 2023 SSE Magic Quadrant, Palo Alto Networks moved into the coveted “leaders” quadrant after extending the capabilities for its Prisma Access platform in 2022, according to Gartner. Meanwhile, Cloudflare appeared in the SSE Magic Quadrant ranking for the first time as part of the 2023 report.
Gartner ranked Netskope at No. 1 for both vision and execution in the 2023 SSE Magic Quadrant.
Originally best known for its CASB technology, Netskope has expanded to provide a full SSE offering, its Netskope Intelligent SSE platform. Along with CASB, key components include its SWG technology (known as Next-Gen SWG) and its ZTNA offering (Netskope Private Access). Recent enhancements cited by Gartner included the expansion of Netskope’s data loss prevention (DLP) capability to cover endpoints and the extension of its ZTNA offering to additional use cases. Other moves included two M&A deals in 2022 — the acquisition of Infiot, bringing SD-WAN technology into the platform, as well as the acquisition of WootCloud for improved IoT visibility.
Strengths: Netskope has “strong revenue and growth” compared to other SSE vendors, according to Gartner, and the company “appears frequently” on customer shortlists for the technology. Gartner also cited Netskope’s “advanced” capabilities on data security; a simplified SKU and packaging model; and a “strong” ZTNA offering, including capabilities around in-line DLP inspection.
Cautions: Gartner said that Netskope has a “complicated” administration console as a result of dividing it into two separate environments. Clients told Gartner that Netskope is often among the “most expensive” SSE options. The company’s SSE platform also doesn’t provide “advanced” capabilities in digital experience management (DEM).
Gartner ranked Zscaler at No. 2 for both vision and execution in the 2023 SSE Magic Quadrant.
Among the pioneers in the SWG space, Zscaler now offers comprehensive SSE capabilities available in several different offerings — all of which leverage the company’s Zero Trust Exchange technology for connecting users, apps and devices, using zero trust principles such as least-privileged access. Zscaler Private Access is the company’s standalone ZTNA offering, while Zscaler Internet Access is a full SSE platform. Zscaler for Users extends further by combining those two offerings with Zscaler Digital User Experience for detecting and fixing issues that are affecting apps, devices and networks. Recent enhancements cited by Gartner included Zscaler’s addition of IoT discovery capabilities (through the acquisition of Priatta Networks) and security workflow automation (through the acquisition of ShiftRight). On data security, Zscaler launched automated data classification as well as improved inspection for email and endpoint DLP.
Strengths: Zscaler has “strong revenue growth” from a sizable base, according to Gartner, and the company has excelled at crafting a marketing message that “appeals to many organizations” — which has helped land Zscaler on many customer shortlists for SSE. Gartner also cited Zscaler’s “extensive” network, “strong” partner ecosystem and integrations with tools in many related segments including endpoint detection and response (EDR), security information and event management (SIEM) and SD-WAN.
Cautions: Gartner said that Zscaler’s console does not have a “leading” user experience, and some capabilities have a “convoluted” configuration process. Clients told Gartner that pricing and “perceived sales arrogance” can be issues in working with Zscaler, in particular at renewal time for its products.
Leader: Palo Alto Networks
Gartner ranked Palo Alto Networks at third overall on execution in the 2023 SSE Magic Quadrant ranking, and at fourth overall for vision.
Palo Alto Networks’ SSE platform, Prisma Access, has sought to offer advantages that include ZTNA technology that goes beyond existing products that are “too trusting and can put customers at significant risk,” the company has said. Prisma Access enables what the company calls “ZTNA 2.0,” which “solves these problems by removing implicit trust to help ensure organizations are properly secured.”
After appearing in the “challengers” quadrant in the 2022 SSE Magic Quadrant, Palo Alto Networks has now moved into the “leaders” quadrant after extending the capabilities for Prisma Access, including through better integration with the vendor’s Prisma SD-WAN and enhancements to its ZTNA offering, according to Gartner.
Strengths: Palo Alto Networks is “strong” financially and has been heavily investing in development of its SSE platform, according to Gartner. The research firm also cited Palo Alto Networks’ “complete unified console” for SSE and “simplified” management, as well as strong capabilities around ZTNA and AI/ML, such as categorization of URL categories powered by deep learning and “advanced” DNS security.
Cautions: Gartner said that Palo Alto Networks’ console requires clients to choose between two methods of administration upfront, and “cannot change this after the fact.” Clients told Gartner that licensing for the vendor “remains complex and confusing,” and that the Prisma Access offering appeals “primarily” to existing customers of the vendor.