After the introduction of security service edge (SSE) with the February 2022 release of the Gartner Magic Quadrant for SSE, organizations may be wondering how they should choose an SSE vendor from the many profiled in the Gartner report. Interestingly enough during this year’s Gartner Security and Risk Management Summit in June 2022, Gartner actually had a session titled “Do I Buy a SSE Product From a CASB Vendor or a SWG Vendor?”
The question is an interesting one because many of the vendors profiled in the Magic Quadrant started as a vendor of one of the three pillar technologies of SSE, either a cloud access security broker (CASB), secure web gateway (SWG), or a zero trust network access (ZTNA) vendor.
With SSE still relatively new, it’s also not unusual for vendors to be identified by their core product offering. I still hear customers and prospects referring to Netskope as a CASB vendor, and that’s no surprise given Netskope’s roots as a CASB vendor, specializing in cloud security and data protection. For those unfamiliar with SSE, it is part of Gartner’s secure access service edge (SASE) architecture and makes up the security services component of SASE (with the other component being the networking/SD-WAN capabilities).
The question of whether to select from a vendor with roots in CASB, SWG, or ZTNA still remains. Gartner’s session on the topic discussed what each of the different technologies brought to the table in terms of capabilities needed for SSE, and then looked at how much each technology would need to build or add to fill out the SSE feature set.
The analysis found that CASB, as an overall technology, had most of the features that matched the overall feature set needed by SSE, with ZTNA coming in second and SWG third. The resulting conclusion meant that CASB vendors had the least work to get to a full SSE feature set. Looking at the features identified in the Gartner Critical Capabilities for SSE report, a CASB-only solution is just missing two critical capabilities, while a SWG-only solution needs to add and build seven of the ten critical capabilities. The two missing features for CASB were, of course, ones rooted in both SWG and ZTNA. Interestingly enough though, both of these technologies have been part of Netskope’s portfolio for a few years now, in the form of Next Generation Secure Web Gateway (NG-SWG) and Netskope Private Access (NPA), much longer than the SSE Magic Quadrant has been around.
Netskope for Web was introduced in March 2018, more than four years ago. Netskope continued to build on the initial web security features, and combined CASB and SWG features to create the Netskope Next Generation Secure Web Gateway (NG-SWG) offering in 2019. As a converged offering, NG-SWG has continued to add new features and capabilities including the addition of threat and data protection enhancements to the core offering. Gartner also recognized Netskope’s accomplishments in SWG by naming Netskope a Visionary in the SWG Magic Quadrant released in December of 2020.
Netskope Private Access (NPA), the Netskope ZTNA solution, was introduced in February 2020, more than two years ago, and has also had a number of enhancements to its feature set, including the addition of clientless support in August 2021.
With Netskope, organizations get the benefit of a vendor with deep roots in CASB, while also getting a vendor who already has significant experience in building SWG and ZTNA products, offering all the components of SSE, the security services component. of the SASE architecture.
Organizations looking for further recommendations on SSE can reference both the 2022 Gartner Magic Quadrant for SSE, and the accompanying 2022 Gartner Critical Capabilities for SSE, which lists not only the ten critical features to look for, but also four core use cases to review when selecting an SSE vendor.