Palo Alto Networks, AppGate, VMware Named Leaders in Zero Trust Network Access
The Forrester ZTNA report includes vendors ranked as leaders, strong performers and contenders. See who made it.
![zero trust security zero trust security](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt43759b376094c4d0/65240fc99faa270c3b29107c/6-Zero-Trust-1.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Palo Alto Networks offers a strong combination of deployment options, indentity provider (IDP) integration and non-web apps, the Forrester report says. However, it still needs to improve its endpoint offering, including mobile. It’s a good fit for organizations seeking a hybrid of SaaS and on-premises software.
Appgate offers “exceptional” integration with services like IT service management (ITSM) and configuration management database (CMDB). However, it lags the leading competition on inline security inspection. It’s the best fit for companies that need high security and a self-hosted option.
VMware has superior inline security inspection and device posture security. However, it must provide better support for access to legacy applications, the Forrester report says. It’s the best fit for companies already invested in VMware’s portfolio.
Zscaler can take enormous deployments into its global network. However, it needs to support server-initiated applications like VoIP. It works well for companies already using Zscaler for outbound security.
Perimeter 81 focuses on the cloud-delivered and managed SaaS experience. However, it needs to integrate with enterprise device security. It’s the best fit for smaller enterprises that need ZTNA as a service, quickly.
Citrix offers strong romote desktop protocol/virtual desktop infrastructure (RDP/VDI) and inline security capabilities. However, it needs to complete integration with major endpoint detection and response (EDR) solutions. It’s the best fit for companies already invested in an on-premises Citrix infrastructure.
Netskope offers strong device posture security today and a great vision for tomorrow. But it needs to add features to support third-party access, says Forrester. It should be on the shortlist for organizations moving to the zero trust edge.
Akamai offers strong ecosystem integration and programmability. However, it needs to improve the product experience. It’s a good fit for large enterprises that need managed services around ZTNA.
Tencent Security offers a broad range of ZTNA deployment options. However, it needs to improve the onboarding process for applications. It’s a great fit for companies with a heavy APAC presence.
Google offers the strongest agentless capability and the biggest network in the space. But Forrester says it needs to improve the mobile experience and IDP integration. It’s a good fit where Good Cloud Platform (GCP) is a strategic partner.
Cloudflare offers strong integration with identity providers. However, it still needs device security, notes Forrester. It’s a good fit for technically savvy, forwarding-looking IT shops.
Proofpoint offers strong identity provider integration, as well as client and network support. However, it should invest more in inline inspection. It will be attractive for business access to enterprise web applications.
Juniper Networks offers self-hosted ZTNA. But, Forrester points out, it needs a SaaS offering. It’s a fit for companies that are both on-premises and Juniper devotees.
Wandera excels with its mobile offerings. However, it needs to improve its desktop offering. In addition, Wandera’s Mac and Windows offerings are a weakness. It’s the best fit for companies where mobile ZTNA is the primary driver.
Cisco offers strong integration with its multifactor authentication. However, it needs to leave AnyConnect behind because ZTNA customers already have. It’s an appropriate choice for enterprises that have already bought into Duo.
Cisco offers strong integration with its multifactor authentication. However, it needs to leave AnyConnect behind because ZTNA customers already have. It’s an appropriate choice for enterprises that have already bought into Duo.
Palo Alto Networks, Appgate, VMware, Zscaler and Perimeter 81 are leaders in zero trust network access (ZTNA) according to the latest Forrester New Wave report.
With ZTNA, users can access on-premises applications using zero trust principles while allowing their two-way video conference traffic to go directly out to the internet. That improves security and employee experience.
Ultimately, zero trust network access reduces the need for employee VPNs, according for Forrester. It makes way for infrastructure and security teams to adopt cloud-delivered networking and security capabilities. That’s a model Forrester calls the zero trust edge (ZTE), more widely known as secure access service edge (SASE).
The Forrester New Wave differs from its traditional Forrester Wave. In the Forrester New Wave evaluation, the firm assesses only emerging technologies. It bases its analysis on a 10-criterion survey and a two-hour briefing with each evaluated vendor. It groups the 10 criteria into current offering and strategy. In addition, it reviews market presence.
The Forrester ZTNA report includes vendors ranked as leaders, strong performers and contenders.
Vendor Qualifications
Each of these vendors has:
A proprietary ZTNA product or service.
Annual ZTNA revenues of at least $5 million.
At least 150 ZTNA customers and a global presence.
At least 100 full-time employees.
An “unaided mindshare” within the industry. The vendors are frequently mentioned in Forrester client inquiries, vendor selection RFPs, shortlists, consulting projects and case studies. They’re also mentioned by other vendors during Forrester briefings as viable and formidable competitors.
Forrester said security professionals can use this report to select the right partner for their ZTNA.
Scroll through our slideshow above to see who made the list and Forrester’s comments on each.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like