Governance & Risk Management , Zero Trust

Palo Alto, Microsoft, Check Point Lead Zero Trust: Forrester

Top Vendors Spread Their Wings and Ditch Point Products in Favor of Broad Platforms
Palo Alto, Microsoft, Check Point Lead Zero Trust: Forrester

Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time.

See Also: Evolving Threats Require Evolving Private Cloud Security

Forrester Senior Analyst Heath Mullins said vendors in the zero trust space ditched point products and pursued organic investments or M&A to create a broader offering that includes ancillary tools such as data loss prevention as well as centralized management and usability. Vendors that take an approach to zero trust that’s multi-tenant, easily consumable and works in multiple cloud environments fared the best (see: Zero Trust Adoption in Government: Challenges and Strategies).

"It's no longer just, 'We have a certain small aspect,' or 'We kind of do this, and we kind of do that,'" Mullins told Information Security Media Group." These providers have really spread their wings. They have really embraced the zero trust culture rather than just trying to be a best of breed or niche provider."

The zero trust platforms Forrester Wave replaced the version from the summer of 2020, which covered zero trust extended ecosystem platform providers. This time around, Palo Alto Networks edged out Microsoft for the highest ranking in strategy, and Zscaler and Check Point received the third- and fourth-highest scores. In 2020, Illumio got the highest score, with Cisco, Akamai and Appgate coming in behind.

Mullins praised Palo Alto Networks for taking a strong, forward-looking vision and trying to be excellent at everything they offer. Microsoft, meanwhile, sets itself apart through its transparency by offering a publicly referenceable internal zero trust architecture as well as its work to interconnect all its services.

"If you go in there saying, 'We don't play well with what you have in place,' you run the risk of offending the brand champions in place and you run the risk of losing the deal simply because you don't have that good integration story," Mullins said. "Zero trust is all about cooperation, collaboration and integration. Those leaders in this space did that very, very well."

Palo Alto Networks also received the highest score from Forrester for its current zero trust platform tool, and Check Point, Trend Micro and Microsoft got the second-, third- and fourth-highest rankings, respectively. In 2020, Illumio got the highest ranking for its zero trust extended ecosystem platform, with Microsoft, Google, Appgate and Palo Alto Networks bunched together closely behind.

Check Point excels at helping customers with unique architectural requirements and has expanded its artificial intelligence capabilities to address the most critical customer needs, according to Mullins.

"Zero trust is all about cooperation, collaboration and integration.'"
– Heath Mullins, senior analyst, Forrester

Mullins said ChatGPT didn't play any role in the current evaluation of the zero trust provider landscape, but he anticipates generative AI will be used in the coming years to provide greater context and information and help analysts build out their workflows. The most frequent gaps in zero trust platforms tend to be around securing workloads and delivering a differentiated SD-WAN capability, according to Mullins.

Outside of the leaders, here's how Forrester sees the zero trust platforms market:

  • Strong Performers: Zscaler, Trend Micro, Google, Cloudflare, Akamai, Cisco
  • Contenders: Fortinet, Absolute Software, Broadcom
  • Challengers: Forcepoint, VMware

"These are all very familiar names," Mullins said. "You're not going out there working with an untrusted and unknown provider. Every provider that was listed in this Wave is well-known, well-established and has a good track record. It was just being strict around the totality of the offering - and the totality of the coverage - that was the primary differentiating factor."

How the Zero Trust Platform Leaders Climbed Their Way to the Top

Company Name Acquisition Amount Date
Check Point Software Perimeter 81 $490M September 2023
Check Point Software Spectral Not Disclosed February 2022
Check Point Software Avanan $227M September 2021
Check Point Software ForceNock Not Disclosed January 2019
Microsoft RiskIQ $500M August 2021
Palo Alto Networks Gamma Networks $20M August 2021
Palo Alto Networks Sinefa $27M November 2020
Palo Alto Networks CloudGenix $420M April 2020
Palo Alto Networks ZingBox $75M September 2019

Palo Alto Networks Brings Unified Management to the Network

Palo Alto Networks has focused on unified manageability across networking and security so that a single set of policies are applied consistently and applications are identified no matter where they reside, said Senior Vice President of Network Security Products Anand Oswal. The company can dissect users and applications alike on a segment-by-segment basis and bring operations, analytics and insights together.

Oswal said Palo Alto Networks has rolled out new offerings for IoT and OT devices over the past 18 months to better understand what's on the corporate network and segment these devices to prevent lateral movement by adversaries. Applying policy rules in a segmented environment ensures patches are applied, regulations are followed and devices are patched appropriately, according to Oswal (see: Palo Alto, Versa, Fortinet, Cato Command SASE Forrester Wave).

"Nobody in the industry has a more complete zero trust solution," Oswal told ISMG. "If you want to really have enterprisewide zero trust, you want to have consistent security for protecting your applications in a data center."

Forrester criticized Palo Alto for having a less consolidated centralized management than competitors and said it's sometimes unclear what can or cannot be managed from a single user interface. Oswal said all network security form factors can be managed through a single console with unified management, policies and analytics applied consistently everywhere.

"If you want to have true enterprisewide zero trust, you want to have a single policy for the user no matter where the user is," Oswal said. "You can't have policies defined multiple times in multiple consoles."

Microsoft Unites Zero Trust, AI to Thwart Advanced Threats

Microsoft integrates more than 50 different categories across security, compliance, identity, privacy and device management based on the 65 trillion threat signals the company sees each day, said Identity and Network Access President Joy Chik. Joining the principles of zero trust with the capabilities of artificial intelligence will allow organizations to create a more formidable defense against modern cyberthreats.

Zero trust's emphasis on continuous, explicit verification as well as least privilege access offers a more effective defense as cyberattacks become more sophisticated and capable of evading traditional security measures, Chik said. Zero trust lowers the risk of unauthorized AI-driven breaches by controlling access to sensitive data, while AI-enabled security can provide rapid automated responses to threats, Chik said (see: Microsoft Brings Passkeys, Bad Code Protection to Windows 11).

"With AI becoming a cornerstone of modern threats and defenses, the zero trust principles of assume breach, least privileged access, and continual explicit verification are more crucial than ever," Chik wrote in a blog. "The synergy between Microsoft's end-to-end zero trust strategy and the capability of AI provides a formidable defense mechanism that is both forward-looking and resilient."

Gartner criticized Microsoft for lacking microsegmentation and zero trust network access, having parts of key solutions that sit outside its E5 license, and convoluted pricing and licensing around individual, disparate components of zero trust such as the Sentinel security information and event management platform. Microsoft declined to comment to ISMG for this story.

Check Point Embraces Flexible Deployment, Rapid Delivery

Check Point Software has embraced flexible deployment models to give partners and customers rapid access to different enforcement points including networks, cloud workloads, identities and cloud data centers, said Vice President of Product Management Eyal Manor. The company provides an integrated environment in a central, managed way and can deploy solutions faster using AI, terraform and scripts.

The company has over the past year rolled out autonomous security capabilities for IoT devices, XDR and SD-WAN that are all managed through Check Point's centralized Infinity platform, he said. Check Point also has doubled down on identifying phishing attacks going after or impersonating local, smaller brands as part of its threat prevention push, which includes new AI-based engines monthly, Manor said (see: CEO Gil Shwed on Why Check Point Decided to Buy Perimeter 81).

"We needed to play for many years in order to shine and provide a solution that customers and partners find to be a ZTE leader," Manor told ISMG. "This is a very long-term journey, delivering a solution that is comprehensive, is consolidated, and that drives to prevention first but delivers the best security."

Forrester criticized Check Point for murky in-house R&D due to the company's focus on M&A and for providing just a single reference customer that hadn't yet implemented a zero trust platform. Although Check Point has made eight transactions in four years, Manor said the company builds on the talent it has acquired with organic innovation and is focused on extending the zero trust journey to identity.

"Any zero trust methodology starts with getting visibility and awareness to identities," Manor said. "Almost all of our customers already today have the ability to identify identities and to relate to identities within the zero trust policy. Our customers are there."

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.