As is probably no big surprise to those in the industry and those purchasing network security products,
Palo Alto Networks (PAN) and Check Point had the top rated products in the 2014
Gartner Magic Quadrant for Enterprise Network Firewalls. The report came out in April. These are the only two companies in the
Leaders Quadrant, with Palo Alto Networks leading on Completeness of Vision and
Check Point for Ability to Execute. Fortinet and Cisco were the closest to the
in the Challengers quadrant. The report,
ID:G00258296 is available on the PAN web site for those who register. http://connect.paloaltonetworks.com/gartner-mq-2014
Palo Alto Networks pretty much was the originator of the
acronym NGFW or Next Generation Firewall, and PAN and Check Point Software Technologies
companies compete for many of the same customers. Last year, PAN introduced
their Wildfire infrastructure, enabling the PAN firewall to detect and stop
Advanced Persistent Threats (APTs) This is offered to customers via the public
cloud or can be deployed as a private cloud. Gartner also wrote that PAN was
consistently on most NGFW competitive shortlists. PANS Advanced Persistent Threat Solution was not
among those recently tested by NSS Labs in their April Breach Detection Study.
Check Point was cited by Gartner as being the market share
leader in firewall installed base. They offer an extensive line of security
appliances and were also delivered the industry’s first flexible, extensible
security architecture, the Check Point Software Blade Architecture. Check Point’s
Anti-Bot Software Blade detects bot-infected machines, prevents bot damages by
blocking bot C&C communications. This isn’t a comprehensive Advanced
Persistent Threat Solution, but it helps protect the network.
PAN’s product portfolio isn’t quite as extensive Check Point’s,
they do offer a virtualized firewall platform
in addition to the more traditional appliance offering, threat subscriptions
for URL filtering, and a management platform.
Fortinet was rated a Challenger by Gartner. They stated
Fortinet was “not often beating Leaders in mainstream enterprise selections
based on features and vision, nor causing Leaders to react to Fortinet.”
Cisco was rated a Challenger as well. Gartner didn’t seem them displacing PAN nor
Check Point on the basis of visions or features. They saw Cisco winning firewall business through
channel “execution and “aggressive discounting”.
Juniper Networks completed the trio of companies in the
Challenger quadrant. McAfee was a leader
in the Niche quadrant.
Offerings from F5, Arkoon-Netasq, and AhnLab were the
furthest down and to the left in the Magic Quadrant.
Check out the complete report. For an assessment of all sixteen vendors in
the report. Some names you’re familiar with may be missing due to
consolidation. Gartner also has some brief information on why virtualized
firewall penetration is a less than two percent. “Security-minded enterprises are also rightly
skeptical of running firewalls within a hypervisor that is between the threat and
the firewall,” according to Gartner.
Regarding the Leaders
quadrant from the Gartner Magic Quadrant Endpoint report - “A leading vendor
isn't a default choice for every buyer, and clients should not assume that they
must buy only from vendors in the Leaders quadrant. Some clients believe that Leaders are
spreading their efforts too thinly and aren't pursuing clients' special needs.”
For more details on the Magic Quadrant and how it is
created, read “Magic Quadrants and MarketScopes: How Gartner Evaluates Vendors
within a Market”. Sometimes a leader is
not the best solution for a particular customer. Despite that, you will see many presentations where the vendor uses being in
the Leaders quadrant as a reason to buy
from that particular vendor. Who would
have thought that they would do that? www.gartner.com
Some of NSS Labs reports are available at no charge. www.nsslabs.com
craig kensek
Some of NSS Labs reports are available at no charge. www.nsslabs.com
craig kensek
Posts
