Gartner® names Netskope a Leader in the inaugural Magic Quadrant for Security Service Edge (SSE). SSE is a set of security services that enable a successful SASE architecture, securing people and data in the cloud without degrading user experience. In the new report, you’ll gain insights into why we’re positioned in the Leaders Quadrant. We think it comes down to a few key advantages.

With Netskope Intelligent Security Service Edge, you can:

  • Reduce risk
  • Accelerate performance
  • Provide granular visibility to any cloud, web, and private application activity

With Netskope, you’ll be ready for anything on your SASE journey with the SSE that puts cloud and data security first.

Within the report Gartner outlined Netskope’s qualities below:

Netskope is a Leader in this Magic Quadrant. Its primary SSE offerings, available as part of the Netskope Security Cloud platform, include the Next Gen Secure Web Gateway, CASB and Netskope Private Access (NPA). Netskope is headquartered in Santa Clara, California, U.S. Its operations are geographically diversified, and its customers range from midsize to very large organizations across many industries.
In 2021, Netskope received a fresh round of $300 million in funding led by ICONIQ Growth. Also in 2021, Netskope announced that it had acquired Randed (for RBI) and integrated it into its SSE offerings, and released a new in-house-built FWaaS offering as part of its platform. Netskope also acquired Kloudless in order to offer SSPM functionality in addition to Netskope’s CSPM capabilities.
Strengths

  • Feedback from Gartner clients indicates that Netskope appears frequently on SSE shortlists. This is partly because Netskope positions its SSE as a modular cloud-native platform hosted on its in-house-built NewEdge cloud infrastructure.
  • Netskope offers advanced data security capabilities. For example, in addition to OCR for parsing text within an image, Netskope offers machine learning to identify image types and text based on trained classifiers.
  • Netskope’s total private funding of an estimated $1 billion makes it one of the best-funded private companies in the SSE market.
  • Netskope offers a strong SLA for uptime and latency. Its SLA offers a standard five nines of availability, along with guarantees of less than 10 ms of latency for unencrypted web traffic and 50 ms for encrypted traffic.
Cautions

  • Netskope released the first phase of DEM to select tenants in August 2021 and, unlike some competitors, Netskope’s cloud firewall does not support Layer 7 firewall controls outside of HTTP and HTTPS applications. In addition, Netskope provides only basic VPN tunnel configurations in conjunction with its SD-WAN partners.
  • Netskope introduced its agent-based ZTNA service, NPA, in early 2020, and added a clientless option in 2021. But we believe, based on Gartner market share estimates and other sources of information, that NPA is not selling as well to Netskope’s client base as its Next Gen Secure Web Gateway and CASB.
  • Netskope’s cautious approach to releasing new features for its platform results in it being left off some shortlists. It often relies on lengthy beta tests before releasing features. The process by which it released native RBI and FWaaS offerings exemplifies Netskope’s cautious approach.
  • Netskope offers enterprise agreements and combined SSE SKUs, but otherwise has a relatively complicated set of SKUs. Additionally, client feedback indicates that Netskope is less competitive on pricing than other vendors.
Palo Alto Networks
Palo Alto Networks is a Challenger in this Magic Quadrant. Its SSE offering is primarily composed of Prisma Access and SaaS Security services. It also provides a range of other network and cloud security products. It is headquartered in Santa Clara, California, U.S. Its operations are geographically diversified, and it has customers of all sizes from all industries.
In February 2021, Palo Alto Networks announced Prisma Access 2.0, which includes updated cloud management capabilities, DEM, an explicit proxy for its SWG, and CloudBlades to support API integration with third-party technologies such as RBI. It also announced a single SASE SKU for SD-WAN and SSE bundles, and improved on the SWG workflows from its cloud management console.
Strengths

  • Palo Alto Networks is financially strong. It continues to invest in, and develop, its SSE offering into a competitive offering to support the transition of its sizable customer base to cloud-delivered security services.
  • Palo Alto Networks successfully positions Prisma Access as a viable alternative to other SSE offerings, with hybrid (on-premises and cloud) benefits for customers. As a result, Palo Alto Networks appears more frequently than many other vendors on client shortlists seen by Gartner.
  • Palo Alto Networks is a very large security portfolio vendor that has responded positively to market demands by supporting the proxying of traffic to Prisma Access. This has eliminated the need to deploy the vendor’s GlobalProtect agent to all remote endpoints.
  • Palo Alto Networks remains in-line of traffic between endpoints and applications for ZTNA, and applies its object-based rules to segment users and applications. As a result, Prisma Access can apply the same consistent ZTNA access rules for users off- and on-premises.
Cautions

  • Palo Alto Networks’ SSE offering is not well integrated. It requires multiple modules for full SSE functionality and configuration of certain components in different modules, such as those for user and entity behavior analytics (UEBA) and data security. Also, rather than use OEM technology for RBI, it depends on partners, and it relies on its CloudBlades architecture for integration.
  • Gartner clients indicate that Prisma Access is relatively complicated to set up and manage. For example, it requires configurations of network routes over VPN tunnels called “service connections” to connect to private applications and relies on separate modules for CASB API integrations and UEBA functionality.
  • Palo Alto Networks’ SSE product strategy builds on acquired functionality and the use of firewall rules. For example, its ZTNA functionality draws on the GlobalProtect agent and uses object-based firewall rules for user-to-application segmentation. Client feedback indicates that this approach appeals primarily to Palo Alto Networks’ existing customer base and that it has limited appeal elsewhere.
  • Client feedback indicates that it is expensive and confusing to achieve full SSE functionality with Palo Alto Networks. For example, customers must license multiple modules and then choose the Prisma Access security features they need for global or regional deployments to secure users, branches or both.
Versa
Versa is a Niche Player in this Magic Quadrant. Its SSE offering is Versa SASE. It also offers WAN edge infrastructure products. Headquartered in San Jose, California, U.S., Versa operates globally. Its customers range from midsize to very large organizations across many industries.
Versa received $84 million in series D funding in June 2021. Versa released its SSE functionality on the Versa Operating System (VOS) in the fourth quarter of 2020, enabling its Versa SASE security services to be part of an overall SASE framework.
Strengths

  • Versa has a strong set of data security controls that can be applied both in-line and for data at rest in SaaS applications. These controls include support for fingerprinting, encryption, watermarking, redaction and other advanced actions.
  • Versa built its SSE on its VOS, which enables it to build a tightly integrated set of SSE features that can be used as part of its cloud service or within its range of hardware offerings.
  • Client feedback indicates that Versa is known mostly for networking, but Versa has also invested in, developed and released an integrated set of SSE services with the help of its in-house R&D team.
  • Versa has responded positively to market demands. It has got ahead of many other SD-WAN-focused vendors by seizing the opportunity to add cloud-native security to its strong networking stack.
Cautions

  • Versa SASE’s UI is complicated when it comes to building security policies and undertaking troubleshooting. In addition, Versa’s SSE SaaS support is limited. For example, it does not support the importation of proxy logs to provide “shadow IT” SaaS reporting. Also, Versa supports unmanaged device access to a limited number of SaaS applications outside a corporate network.
  • Feedback from Gartner clients indicates that Versa has limited market visibility and market share as a security vendor, and that its marketing lags behind the availability of features. For example, Versa released API integration with SaaS vendors in mid-2021, but its website had no mention of this as of August 2021.
  • Client feedback indicates that Versa SASE appeals primarily to existing Versa SD-WAN customers. It appears on client shortlists for SSE functionality less frequently.
  • Versa customers have indicated that the vendor releases new features with bugs and a steep learning curve, due to poor documentation. Additionally, feedback from Versa customers indicates that presales and postsales support, including professional services, is not strong — customers have to be technically savvy to test, implement and operate the product.

To read more about why Netskope is the Gartner leader in SSE – click here to download the full report

WordPress Appliance - Powered by TurnKey Linux