Editor’s Note: This article was originally published under the title, “What is Zscaler and How Does It Secure Enterprise Networks” and was written by Maria Korolov. A Data Center Knowledge editor has since updated the article to include more context around the Security Service Edge space.
Remote work saw unprecedented growth in 2022, and with that growth comes an increased level of attention to distributed network security. Security service edge (SSE) providers play a key role in this effort. Gartner places Zscaler, Cisco’s Cisco Umbrella, and Palo Alto Networks’ Prisma Access at the top of their list of solution providers in this space.
One of the top use cases for SSE is securing remote access to enterprise networks. Enterprises with remote workforces are placing value on a high level of visibility and monitoring for cloud, on-premises, and colo workloads.
For instance, 2022 saw a 24% increase from 2021 of workers opting to stay home rather than return to the office, according to research by Owl Labs and Global Workplace Analytics.
Remote work is expected to grow with the expanding implementation of 5G, IoT, edge computing, and cloud infrastructure, increasing cybersecurity threats, and the normalization of working from home.
In 2022, Gartner predicted that 70% of organizations will choose an SSE provider to facilitate their zero-trust framework by 2025. This number was only 20% in 2021.
What Is Security Service Edge?
Security service edge is one of the preeminent examples of the emerging SASE sector. SASE, pronounced “sassy,” stands for Secure Access Service Edge. It combines software-defined wide-area networking (SD-WAN) with access control and security, all bundled as a cloud service.
In effect, SASE offers a secure private internet that interconnects a company’s users, data centers, cloud infrastructure, and software as a service and other third-party services.
Here’s how SSE fits in the SASE umbrella of solutions:
End users get virtual clients on their mobile devices that create secure tunnels to the nearest SSE provider’s data center. For data centers, enterprises install a virtual machine that does the same thing on a larger scale.
SSE providers can also monitor internal data center communications, allowing companies to have all their networking security in one place, even if the traffic never leaves their premises.
Everything is built around zero-trust principles, and the platform is dramatically more flexible, scalable, and easier to manage than traditional VPNs and other networking approaches.
Who Are the Key Players in the SSE Space?
Some SSE vendors don’t sell their services directly to enterprises. Instead, they work with channel partners such as AT&T and Verizon.
As organizations look critically at data security strategies, they often couple SSE solutions with their network transformation efforts. Enterprises that chose one SSE vendor over another depended on their strong consulting relationships to make a decision on which vendor to choose. Quality vendors, or their channel partners, will work closely with enterprise customers to help achieve their security goals.
Zscaler made it to the coveted ‘Leader’ spot in Gartner’s Magic Quadrant for Security Service Edge. Zscaler was joined in that quadrant by Netskope and McAfee. Our other two SSE vendors of interest are Palo Alto Networks’ Prisma and Cisco’s Cisco Umbrella.
Here’s a quick rundown of the pros and cons of each solution provider, according to Gartner’s strengths and cautions evaluations and customer reviews:
- Large sales org, plus fast customer growth
- Innovation in product offerings, eager to invest before competitors in cutting-edge solutions
- Integrated reporting across all SSE features
- Hefty price tag, annual price increases
- Recent acquisitions offer similar solutions, potentially drawing Zscaler away from core SSE solutions
- Reporting sometimes suffers from performance/availability issues, plus difficulty managing larger data sets
- Financially strong due to Cisco’s overall posture with a larger share of the SSE market
- Affordable, low barrier of entry SSE products
- Integration with Cisco’s network products Meraki and Viptela
- Enterprises constrained by fewer resources to secure SaaS access outside of a company’s network
- Not a fast innovator, just added browser isolation, still no ZTNA feature
- Complete SSE coverage hard to find/understand with this solution
- Offers both on-premises and cloud coverage for customers with hybrid cloud infrastructures
- Responsive to market demands, such as providing proxy access to Prisma for all remote endpoints
- Continuous security coverage of on-premises and cloud users.
- High-priced and labyrinthine to acquire full suite of SSE
- Complex onboarding and management
- Requires several modules for the complete SSE experience
SSE remains a key part of the zero-trust framework through SASE. The segment appears to be positioned for growth, and vendors that take a measured approach to listening to customers should come out on top.