Palo Alto and Checkpoint are battling for enterprise firewall market leadership.
With Palo Alto Networks and Checkpoint Software both performing strongly in Gartner’s 2013 Enterprise Firewall Magic Quadrant, and seemingly racing away from the fragmented competition, a direct product comparison has perhaps never been more relevant.
Checkpoint’s offerings have come out on top of Gartner’s annual assessment for the past 16 years running; a staggering statistic, which seemingly cements their place as the thought leaders in firewall technology. The company offers what they have dubbed a ‘total security solution’, which encompasses unified gateway and single endpoint, as well as single management architecture.
However, their grip on the top-spot has been slipping somewhat in recent times due to sustained pressure from relative newcomers, Palo Alto Networks. Their ground breaking technology has not only altered the playing field, but given the California-based network security company a real chance of overtaking their rivals.
A bit about the quadrant
The Gartner Magic Quadrant is essentially a way of assessing the competition between the major players in a given sector of the technology industry; In this case, the enterprise next-generation firewall space. The axes of the quadrant have been designed to measure market leadership, based on two key indicators; the ‘ability to execute’ and the ‘completeness of vision’.
The relative ability of each manufacturer is basically an assessment of the resources available to them, and is deemed to be indicative of their capacity to meet demand for, and to ultimately support, a growth in orders.
The second heading, the completeness of vision, indicates the level of technological innovation demonstrated by each product. Once complete, the quadrant’s four sectors categorise each manufacturer as being either being ‘niche’, a ‘challenger’, ‘visionaries’, or ‘leaders’.
How does Gartner define enterprise firewalls?
The enterprise firewall market is being driven by advanced threats to network security, as well as an evolutionary shift from traditional stateful inspection firewalls, to those in the Next-Generation category*. Gartner specifies that products entered into the Magic Quadrant must be able to support single-enterprise firewall deployments as well as large global deployments, including branch offices. The products must also be inclusive of highly scalable management and reporting consoles, products, sales, and support ecosystems which are focused on the enterprise.
*Next-Generation firewalls are characterised by the incorporation of full-stack inspection to support intrusion prevention, application-level inspection and granular policy control.
Head ‘2’ head
As previously stated, Palo Alto Networks and Checkpoint Software both perform well within the quadrant. The two companies alone share the ‘leaders’ space, with Palo Alto adjudged to be demonstrating more ‘vision’ in terms of their technology; a metric which could bode well for outstripping Checkpoint in the future, should the trend continue.
Checkpoint currently occupy the top-spot, predominately on their ‘ability to execute’, which could very well prove to be an accurate indication that their lead is by no means unassailable, given Palo Alto’s sharp rise and on-going momentum.
The technology
Traditional Intrusion Prevention Systems (IPS), such as that of Checkpoint, use port and protocol to classify traffic, which according to Palo Alto can lead to, “erroneous identification of the application”. Contrary to this, Palo Alto have adopted a three tier classification process, a method they feel is more consistent with the type of traffic traversing business networks. Rejecting the assumption that an IP address can be considered a trustworthy indication of user identity, their technology first identifies the application and then traces this to the user; all of which takes place whilst the firewall inspects for policy violations.
In Summary
The inescapable truth to come from Gartner’s 2013 Quadrant, is that Palo Alto currently possess a technically superior product, one that boasts more innovation and advancements than that of their Checkpoint counterpart, not to mention anyone else – a fact that has earned Palo industry recognition, and seen the relative latecomers perform such a remarkable ascent.
It is this level of protocol sophistication that has made Palo Alto firewalls such a strong contender to Checkpoint, and shows precisely why Gartner’s Quadrant estimates Palo’s ‘vision’ as being a commanding factor in their play for market leadership.
If you found this blog useful we’d love to hear your feedback.
To find out more about Palo Alto and next generation firewalls, speak to one of the Ensign team
UPDATE! Latest Palo Alto enterprise security and WildFire advancements have boosted the defence against modern malware.