gartner market scope multi function firewalls for smb

Post on 30-May-2018






Click to see full reader


8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 1/37


Publication Date: 27 June 2008 ID Number: G00159003

MarketScope for Multifunction Firewalls for Small andMidsize Businesses

Greg Young, Adam Hils

A distinct market exists for multifunction security appliances for SMBs, and manyvendors provide all-in-one or multifunction firewall products that are similar;however, thedifferences in features and pricing make a product selection worthwhile.

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and�  distribution of this publication in any formwithout prior written permission is forbidden. The information contained hereinhas been obtained from sources believed tobe reliable. Gartner disclaims all warranties as to the accuracy, completeness oradequacy of such information. Although

Gartner's research may discuss legal issues related to the information technologybusiness, Gartner does not provide legaladvice or services and its research should not be construed or used as such.Gartner shall have no liability for errors,omissions or inadequacies in the information contained herein or forinterpretations thereof. The opinions expressed hereinare subject to change without notice.

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 2/37


Small and midsize businesses (SMBs) have very different requirements than largeenterprises fornetwork security. Multifunction firewalls are not suitable for the enterprise, andSMBs do not

usually require several best-of-breed network security appliances. The SMBmultifunction firewallmarket is large, fragmented and highly dynamic, with vendors providing a commonset of coresafeguards; differentiating with new added safeguards, ease of installation anduse; andaddressing the realities of the SMB IT environment.


For the purpose of this research, Gartner defines SMB organizations based onnumber ofemployees (see Table 1).

Table 1. SMB Organizations Based on Number of Employees

Small BusinessSegmentAsia/Pacific Europe Latin America North AmericaSmall Business 20-99 10-49 10-99 20-99Midsize BusinessSegmentLow-EndMidmarket100-249 50-249 100-249 100-499Upper-End

Midmarket250-499 250-499 250-499 500-999

Source: Gartner (June 2008)

Market/Market Segment Description

SMBs have network security appliance needs that differ substantially from largeenterpriserequirements. In contrast with large enterprises, which most-often deployfirewalls and othernetwork security functions on distinct appliances to ensure optimal networkperformance and risk

mitigation through multiple security "points of failure," SMBs often opt for "allin one" ormultifunction security appliances built on the "anchor" technology of thefirewall. Additionalsafeguards are added to the firewall, sometimes through a subscription fee.

The feature sets available with these SMB multifunction firewall productstypically fall into threecategories:

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 3/37

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 4/37

The term unified threat management (UTM) is often used to describe products inthis market;however, this term is pure marketing hype, because threats are never really"managed." TheUTM label has also been co-opted by some vendors to describe their enterprisenext-generationfirewall offerings, diluting the term's relevance. This market is also

distinguished from theenterprise and branch office firewall markets (see "Magic Quadrant for EnterpriseNetworkFirewalls, 2H07").

Enterprises tend to select several best-of-breed appliances for network security.Branch officefirewalls are considered part of the enterprise firewall network market becausethey are selectedand deployed as extensions of the central firewalls and do not have the samefeatures as thosedeployed in SMBs (for example, e-mail antivirus is often not used in brancheswhere the e-mail

servers are centralized, and managing a large number of firewalls is required inbranches but notin an SMB). The term "anti-X" is also used in some vendor marketing tocollectively refer to theantimalware and antivirus safeguards.

Overall, the worldwide SMB multifunction firewall market was approximately $1.2billion in 2007,with a forecast 35% to 40% compound annual growth rate through 2011. The SMBmultifunctionfirewall market is a highly competitive, fragmented market, with more than 20active vendors. Thiscompetition is complicated by the multiple individual safeguards within the same

appliance: Novendor can provide best-of-breed functionality across all the safeguards, so manyvendors sharesafeguards from the same OEM providers (for example, Sophos for gatewayantivirus).Differentiation often comes in the form of integration between safeguards,licensing flexibility,management console/reporting and pricing. Successful vendors will:

�Focus on simplicity of deployment and operation.�Provide proactive attention to channel partners in recognition that value-added

resellers(VARs) will often be the greatest influencer for this market.�Introduce new features just ahead of customer requirements.�Provide pricing that encourages the adoption of new subscription-based safeguards,butwith simplicity that does not require frequent changes in payment.�Focus on SMB needs, rather than attempting to use downsized enterprise productsand

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 5/37

strategies.According to Gartner's vendor survey, most of the SMB multifunction firewallreplacements thatvendors are doing are of legacy, firewall-only products from enterprise firewallmarket leaders:Cisco, Check Point Software Technologies and Juniper Networks. By the end of 2010,we expectto see significantly greater numbers of SMB multifunction firewalls displacing in-

kind competitors.Vendors that have traditionally focused on smaller businesses as their corebusiness and have astrong foothold there (such as Fortinet, SonicWALL and WatchGuard Technologies)are trying tomove upstream and, therefore, usually name Cisco as their main competitor. Vendorslooking toestablish a greater presence in the lower-midmarket space consider SonicWALL andFortinettheir strongest competitors.

Enterprise firewall vendors have a slow success rate in this market because theyare unable to

adapt their business models and products to the smaller horizontal market withfeatures such asa management console, which can be used by nonexpert users; a full range ofsafeguards in asingle appliance; licensing for subscription-based, add-on safeguards that doesnot requirefrequent payment increases; and a support offering that is affordable and does nottreat SMBslike a less-desirable class of customer. As part of our interviews with customers,we found thatsome SMBs were using a product that did not provide the option to add on asafeguard they

Publication Date: 27 June 2008/ID Number: G00159003Page 3 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 6/37

needed. These SMBs were left with the two undesirable choices of purchasing asecondappliance or remaining vulnerable, and most were choosing to remain vulnerable.

Gartner's survey of vendors determined that dollar/Mbps of firewall throughputvaried greatly,ranging from $4 to $15. No vendor we assessed yet has IPv6 support, although most

have it ontheir road maps for 2010. In this MarketScope, we use the term "base product" tomean the initialproduct purchase without optional subscription services or add-on products.

This market will continue to grow, driven by the requirement to add new safeguardsto counternew threats, and by the need for growing SMB companies to replace appliances forthose withmore capacity. Small and lower-midsize companies will continue to use the singlemultifunctionappliance. Upper-midsize businesses will be candidates for stand-alone, best-of-breed

appliances as they grow into enterprise-size and enterprise IT. The enterprisevendors willcontinue to struggle for market share and will not fully succeed unless theydirectly address SMBrequirements across their business, and don't just offer downsized enterpriseequipment withhighly complex pricing schemes and overly complicated management.

Inclusion and Exclusion Criteria

Inclusion Criteria

SMB multifunction firewall companies that meet the market definition and

description wereconsidered for this MarketScope if they met the following conditions:

�Regularly appeared on SMB shortlists for final selection.�Achieved SMB multifunction firewall product sales (not including maintenance andsoforth) in the past year of more than US$5 million within a customer segment thatisvisible to Gartner, or had at least 2,000 devices under paid support andmaintenance.Exclusion Criteria

SMB multifunction firewall companies that were not included in this MarketScopemay have beenexcluded for one or more of the following conditions:

�There was insufficient information for assessment, and the company did nototherwisemeet the inclusion criteria or is not yet actively shipping products.�Products are not usually deployed as the primary, Internet-facing firewall (for

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 7/37

example,proxy servers and network IPS).�Products are built around personal firewalls, host-based firewalls, host-based IPSandWeb application firewalls all of which are distinct markets.�Excluded Vendors

Gartner excluded numerous vendors that did not meet the inclusion criteria � usually those thatdid not meet the revenue/supported devices criteria. Two vendors we excluded thatmerit mentionare:

Juniper Networks

Juniper Networks asked not to participate in this MarketScope because it isfocusing more onlarger customers. Even so, SMB firewall vendors list Juniper as a top competitor,and many SMBcustomers include it in RFPs and evaluations. Gartner did not include Juniper in

this assessment

Publication Date: 27 June 2008/ID Number: G00159003Page 4 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 8/37

because Juniper's focus on lower-end appliances is for branch office deploymentsin enterprises,rather than SMBs and SMB customers.


Microsoft asked not to have Microsoft Internet Security and Acceleration (ISA)

Server included inthis MarketScope. Gartner did not include Microsoft ISA Server because replacementproductsfor ISA are forthcoming (in the form of the Forefront Threat Management Gatewayproduct), andthe current version does not include the all-in-one suite of safeguards seen inother vendors inthis MarketScope.

Rating for Overall Market/Market Segment

Overall Market Rating: Strong Positive

The SMB multifunction firewall market is growing; however, heavy price competitionmeans thatindividual vendors require discipline to stay in business. Innovation is somewhatlimited in that thenature of the product platform is to add new features to generate revenue or gaincompetitiveadvantage, but at relatively low margins, making a potential product road mapmistake costly.

Evaluation Criteria

Table 2. Evaluation Criteria

Evaluation Criteria Comment WeightingOffering (Product) Strategy Product service and customersatisfaction in deployments.Considers factors related togetting products sold, installed,supported and in users' hands.Strong execution means that acompany has demonstrated toGartner analysts that it cansuccessfully and continuously bedeployed in SMBs and, ultimately,win a large percentage of dealswhen competing with other

vendors. Companies that executestrongly generate pervasiveawareness and loyalty amongGartner clients, as well as asteady stream of inquiries toGartner analysts. Execution is notprimarily about company size ormarket share, although thosefactors can affect a company'sability to execute. Sales are afactor; however, winning in

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 9/37

competitive environments throughinnovation and product quality isforemost over revenue.high

Publication Date: 27 June 2008/ID Number: G00159003 Page 5 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 10/37

Evaluation Criteria Comment WeightingMarketing Strategy This includes providing a trackrecord of delivering on innovationthat precedes customer demandrather than an "us too" road map,and can demonstrate anunderstanding and commitment to

the SMB network security market.Gartner makes this assessmentsubjectively by several means,including vendor-briefinginteractions and feedback fromGartner customers on informationthey receive about road maps.Incumbent vendor marketperformance is reviewed yearover year against specificrecommendations that have beenmade to each vendor and againstfuture trends identified in Gartner

research. Vendors cannot merelystate an aggressive future goal;they must put a plan in place,show that they are following theirplan and modify their plan as theyforecast changes in marketdirection.standardInnovation Innovation, including R&D, andquality differentiators, such as:

Performance�Meeting customer�

requirements in a timely

mannerIntegration with other�

security products�Management interface andclarity of reportingThe more a product mirrors theworkflow of the enterpriseoperation scenario, the better thevision.Products that are not intuitive indeployment or operations aredifficult to configure, or have

limited reporting scores. Solvingcustomer problems is a keyelement of this category.Reducing the rules base,interproduct support and leadingcompetitors on features areimportant.high

Publication Date: 27 June 2008/ID Number: G00159003 Page 6 of 20

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 11/37

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 12/37

Evaluation Criteria Comment WeightingMarket Responsiveness andTrack RecordThe key factor is adding newproducts and features in responseto customer needs, and a proventrack record of meeting road map

goals.highCustomer Experience Customer experience andoperations, includingmanagement experience andtrack record, and depth of staffexperience specifically in thesecurity marketplace. Thegreatest factor in this category iscustomer satisfaction throughoutthe sales and product life cycle.Low latency, channel support andhow the firewall fared under

attack conditions are alsoimportant.Key factors are weighted heavily,such as ease of use, consolequality, add-on products beyondthe firewall (VPN, antivirus andURL filtering), the range ofmodels, secondary productcapabilities (logging, eventmanagement and compliance),being able to support SMBdeployments, and meetingchannel and SMB requirements.


Publication Date: 27 June 2008/ID Number: G00159003 Page 7 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 13/37

Evaluation Criteria Comment WeightingProduct/Service Considers factors related togetting products sold, installedand supported. A company hasdemonstrated to Gartner that it issuccessfully and continuouslydeployed in SMBs, and wins a

large percentage in competitivesituations. Generate pervasiveawareness and loyalty amongGartner clients. Not primarilyabout company size or marketshare, although those factors canimpact success in this category.Sales are a factor, but winningcompetitive deals throughinnovation and quality is foremost.Key features are weightedheavily, such as ease of use,subscription model, channel

service, console quality, add-onproducts range of models,secondary product capabilities(logging, event management,compliance), being able tosupport SMB deployments, andmeeting channel and SMBrequirements.highOverall Viability (Business Unit, Overall business viability, standardFinancial, Strategy, Organization) including overall financial health,prospects for continuingoperations, company history, and

demonstrated commitment in theSMB firewall and related securitymarket. Growth of the customerbase and revenue derived fromsales are also considered. Allvendors were required to disclosecomparable market data, such asSMB firewall revenue, competitivewins vs. key competitors (which iscompared with Gartner data onsuch competitions held by ourcustomers) and devices indeployment. Firewalls shipped are

not a key measure of execution.Instead, we consider the use ofthese firewalls to protect the keybusiness systems of Gartner SMBclients.

Source: Gartner

Publication Date: 27 June 2008/ID Number: G00159003 Page 8 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 14/37

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 15/37

Figure 1. MarketScope for Multifunction Firewalls for Small and Midsize Businesses

RATINGStrongNegative Caution Promising Positive StrongPositive

Astaro xCheck Point Software Technologies xCisco xCyberoam xeSoft xFortinet xIBM xNETASQ xSecure Computing xSonicWALL xStillSecure xUntangle xWatchGuard Technologies x

As of 27 June 2008

Source: Gartner (June 2008)

Vendor Product/Service Analysis



Astaro offers a range of Intel-based appliances for SMBs. In addition, Astaroprovides software

for customer hardware, and a separate virtual appliance.

Customers we interviewed liked the ease of installation and intuitive interface,with many defaultsettings reducing configuration complexity to a minimum, and the fact that itintegrates out-of-theboxwith Active Directory and Novell eDirectory. In addition, companies can back thedevice up toa single file. An "up-to-date" feature calls back to Astaro daily for firmwareupdates using a"wizard" process.

Astaro is easy to configure for voice over IP security. The device understands the

SessionInitiation Protocol (SIP)/H.323 control connection, parses the control data, andopens up ports forthe voice and video connections automatically. It also ensures that the voice anddataconnections get automatically shaped with quality of service (QOS) in the sametraffic group asthe control connection.

Base price includes appliance, firewall, IPS and VPN, with third-party Web and e-mail security

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 16/37

feature packages available via subscription. Astaro's leverage and integration ofa range of open-source components provide a competitive price point. The IPS is a Snort-basedengine populatedwith IPS rules; not an ideal blocking solution, but it is consistent with theopen-source strategy.

Astaro is assigned a rating of Positive for having good networking capabilities,

albeit in a limitedgeographic base, and high user satisfaction for ease of use and automation.

Publication Date: 27 June 2008/ID Number: G00159003 Page 9 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 17/37


Astaro has little visibility outside Europe, although North American revenue isgrowing. And thereis no access control for FTP by users.

Appropriate Use Cases

�Most SMB deployments�Novell eDirectory environmentsRating: Positive

Check Point Software TechnologiesDifferentiators/Strengths

Check Point has two product ranges that overlap for the SMB market:

Four models of the Safe@Office small business appliance line�The UTM-1 line available as an appliance (UTM-1) or in software (VPN-1 UTM)As a well-established, large, public company, Check Point offers a wide supportnetwork, healthycustomer base and a range of platform choices. The Safe@Office line, produced bySofaWareTechnologies (a Check Point company), includes virtual LAN support and options forWi-Fi.Customers we interviewed expressed high satisfaction with the graphical userinterface (GUI),especially during product installation. The UTM-1 includes firewall, VPN, IPS,gateway antivirus,

anti-spam, URL filtering, and IM and peer-to-peer blocking. Customers report theGUI to be good,but the IPS as inaccurate.

We assigned a Promising rating to Check Point for good channel presence, brand andits focuson security; however, we did recognize the slower competitive adoption of the fullall-in-onefeature set, limited IPS capability and being listed often as the product replacedby competitors.


Check Point is primarily focused on the enterprise, and positions the UTM-1 forbranch officesrather than the SMB market. Upper-midsize customers will be well-served, but smallbusinessesare likely to find better solutions with SMB-focused vendors.

The management of the two product lines is not interoperable, meaning that twoconsoles couldbe required where a company has multiple firewalls or a change in products whenupgrading to alarger model.

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 18/37

Appropriate Use Cases

�Midsize businesses, especially where rapid growth in the business orinfrastructure isexpected and will require a firewall upgrade in the near termRating: Promising


The primary Cisco offerings for SMBs are the ASA 5505, 5510 and 5520 appliances,enabling thesecurity features on the Cisco Integrated Services Router (ISR). The Linksys brandis also an

Publication Date: 27 June 2008/ID Number: G00159003Page 10 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 19/37

offering, although this consumer-grade product is suitable only for the smallestbusinesses and,like other enterprise-class vendors, there is no integration or interoperabilitybetween the twolines. Two hardware add-in modules are available for ASA: the Advanced InspectionandPrevention (AIP) module, which adds IPS; and the Content Security and Control

(CSC) modulefor other anti-X features (such as URL filtering, antivirus, anti-spam andantispyware); however,both modules cannot be used concurrently in the same appliance. Users we spokewithmentioned that the inability to add memory causes performance problems whenlogging isactivated in the device GUI.

Cisco has a huge networking installed base, a wide marketing and sales reach, anda large baseof trained networking decision makers. The company also offers firewall, VPN andIPS

capabilities in the Cisco ISR, although none of the other anti-X features areavailable.

Cisco is assigned a Promising rating in view of its channel strength and highmarket share,notwithstanding lack of feature parity in the SMB all-in-one firewall market andbeing listed as theproduct most replaced by competitors in our surveys. Enterprise-class managementtools do notadapt well to the SMB market; however, Cisco's long-term road map for an improvedSMBconsole is encouraging. Cisco has a vast geographic reach and has been moving wellin

replacing aging Cisco PIX firewalls in SMBs with the newer Cisco ASA platform. ASAcustomersreported Cisco's hardware to be reliable, but did not like the add-in moduleapproach.


Cisco lacks feature parity with comparable products. Many SMB IT staffs also findits productdifficult to configure and manage.

Appropriate Use Cases

�Upper-midsize (500-1,000 employees), Cisco-oriented IT organizations where otherCisco security offerings are already in placeRating: Promising



With a substantial installed base in India, Cyberoam has a full suite ofsafeguards: firewall, VPN,

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 20/37

IPS and anti-X. The company differentiates on identity-based network access � which providesaccess control that links IP addresses with directory identity (such as ActiveDirectory) and�bandwidth management, which is of interest where Internet connectivity isexpensive or in shortsupply. Cyberoam has seven models of appliances in the CRi series for SMBs. Itlogs user

behavior and provides a policy-based way of limiting access. Specifically, ittargets userenvironments where the user-to-PC ratio is greater than 1:1. Education andhealthcare are thetop two vertical markets Cyberoam delivers to, and they are specific targets toenable Cyberoamto develop a defensible market niche.

Cyberoam is assigned a Positive rating due to its strong presence in Asia, whichprovides adefensible niche market and base for expansion into other markets. Cyberoam'sproducts haveunique features and serve some distinct vertical markets. They are also

potentially disruptive tocompetitors that are trying to enter emerging markets. Balancing this is thechallenge of movinginto new markets and growing a more mature company infrastructure.


Cyberoam must build a meaningful presence outside of Asia.

Publication Date: 27 June 2008/ID Number: G00159003Page 11 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 21/37

Appropriate Use Cases

�SMBs in the Asia/Pacific region, or the healthcare and education vertical marketsRating: Positive



eSoft has four models, with list prices starting at $799. eSoft InstaGate isfocused on ease ofdeployment, and its safeguards include firewall, VPN and URL filtering. All theeSoft InstaGatesafeguards and signature updates are developed in-house. All models include aliquid crystaldisplay (LCD) front panel on appliances, which supports configuration without therequirement forremote management access, and an onboard e-mail server that includes Web mail.

A Caution rating is assigned to eSoft because, although a healthy mix of featuresis provided, thecompany's move into the security market is being met with skepticism by somebuyers that thefull suite of safeguards can be competitively delivered. InstaGate is for smallbusinesses, andmidsize companies will be better-served elsewhere. eSoft also declined to provideany financialinformation as part of the survey. The e-mail server is a differentiator for smallbusinessselections.


eSoft has low visibility in the marketplace.

Appropriate Use Cases

�Small businesses with limited IT resources looking for an easy-to-deploy, all-in-oneproductRating: Caution



Fortinet is well-established as an SMB multifunction firewall maker with a largemodel range. AllFortinet safeguards are developed in-house they do not OEM products from others�  

and�they have their own antivirus, URL and IPS signature research team. This do-it-yourself approachinsulates Fortinet from the acquisitions and travails of partners, with the trade-off being a potentialperception that not all services are able to compete as best-of-breed.

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 22/37

Fortinet has a strong presence in the Asia/Pacific region and North America, andhas a well-developed console. Fortinet SMB appliances are application-specific integratedcircuit (ASIC)based,most are sub-1U size and they have a good number of physical ports. Some modelsinclude dual-WAN ports, so that a backup or dual Internet connection can be usedwithout an

external handler. Two small business models include a wireless access point. Afirewall and VPNare standard, with all other services (antivirus, anti-spam, URL filtering andIPS) requiringsubscription after the first year (most include one-year minimum support).

Fortinet was the second-most-named primary competitor among the vendors surveyed.Theupper-midsize-targeted FortiGate-310B was recently released and includes adedicated contentASIC to complement the ASIC. FortiGate-310B is expected to replace many currentmidsizemodels. Users we interviewed liked the range of features and the common look and

feel acrossthe console.

Publication Date: 27 June 2008/ID Number: G00159003Page 12 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 23/37

Fortinet is assigned a Strong Positive rating because it provides coverage foralmost all SMBdeployment scenarios, is competitively priced, and is highly visible to end usersand competitors.


Fortinet's expansion into the enterprise horizontal market will distract it fromits SMB roots. To thispoint, Fortinet has done a good job in maintaining this balance, but it mustcontinue to nurture itsSMB channels with strong marketing and product development.

Appropriate Use Cases

�Most SMB deployments�Fast-growing, upper-midsize businessesRating: Strong Positive



IBM Internet Security Systems (ISS) has a strong enterprise security legacypowered by the X-Force security research team. The company has strong network IPS capabilities, andits SMB all-in-one firewall, the Proventia Network Multifunction Security product (formerlyProventia-M),contains that technology. In addition to firewall/IPsec VPN, IBM ISS offersinternally developed

Web filtering and anti-spam, the security and quality of which users weinterviewed liked verymuch. However, some customers report problems with latency and performance whenspam andHTTP filtering are turned on.

IBM provides the option for antivirus from its OEM partner, Sophos. In January2008, IBM ISSshipped a limited data loss prevention capability that searches for credit cardnumbers,addresses, Social Security numbers and custom expressions, and will alert and maskor blockcontent.

With its third-quarter release, IBM ISS aims to provide Secure Sockets Layer VPN,WAN failoverand load balancing, traffic shaping, and QOS features that will help the companyreach betternetworking feature parity with several of its competitors.

IBM has also introduced managed services, providing all-in-one firewall services(called IBMExpress Advantage) to provide management as part of a single purchase. IBM Express

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 24/37

Advantage offerings can provide an access point for smaller customers to benefitfrom IBM ISS'security expertise without introducing a product with enterprise complexity inconstrained-resource SMB IT organizations.

IBM is assigned a Caution rating because the company is first-and-foremost asoftware and

services company, not a network security company. This has affected the ISSbusiness overall.Furthermore, the enterprise success and focus of ISS has not been adapted to theSMB market.Competitors do not view IBM as a threat in this market, price is high and buyersdo not oftenshortlist IBM. IBM's sales capability could be a strong competitive advantage ifdirected towardachieving an increase in market share after product feature parity was achievedand the ISSproducts were raised in visibility within IBM.


There is continued uncertainty as to the future of the legacy ISS product lines,and the pricerange ($999-$19,900) is on the high end for SMBs, leaving significant portions ofthe marketunder-served. As a whole, IBM will be challenged to build channels and products toserve SMBs.

Publication Date: 27 June 2008/ID Number: G00159003 Page 13 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 25/37

Appropriate Use Cases

�Upper-midsize environments where other ISS products are deployed�Customers for whom security is the primary motivator, above performance and easeof

useRating: Caution



NETASQ provides a good mix of advanced network security features to drive networkperformance, and provides embedded OEM solutions such as antimalware fromKaspersky Labs,and URL filtering and antiphishing from Optenet. NETASQ's platform and operatingsystem areproprietary, and intrusion prevention is done at the kernel (driver) level.

NETASQ's five modelstargeting less-than-1,000-users enterprises have three or more WAN ports. Itspricing model isall-in-one (no fees for add-on modules), with all signature update fees includedin themaintenance fee.

In Europe, the Middle East and Africa, NETASQ has a strong set of value-addeddistributors tohelp the company gain traction in local markets. It also has telecommunicationspartners that sellmanaged UTM services to their SMB customers.

NETASQ is assigned a Promising rating because it is more focused on generalnetworkingfunctions, balanced with good pricing. Although NETASQ has low competitivevisibility, withinWestern Europe, it provides a good offering.


NETASQ's business is almost entirely in Western Europe (mostly in France), whichis a risk aslarger competitors focus more on the European market. The company also does notemphasizeIPS signatures, which some buyers use as a point of comparison. Explaining how

protocolanalysis and contextual signatures provide protection without touting traditionalIPS signatures asa valid alternate approach is difficult when speaking to SMBs.

Appropriate Use Cases

�Upper-midsize European businesses that focus on network performanceRating: Promising

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 26/37

Secure Computing


Secure Computing is a publicly traded, well-established security company based inthe U.S.Subsequent to the CipherTrust acquisition, Secure Computing develops most of thesafeguards

in the product in-house. Secure Computing, like Check Point and Cisco, maintains adistinctproduct line for small businesses. The SnapGear product line has a good adoptionrate and sixmodels, with tens of thousands of devices in deployment, mostly in North America.Customerscite ease of installation as a benefit. Nessus vulnerability scanning is includedin the baseproduct. The Type of Service (ToS) feature can prioritize by protocol type, and isuseful for somedenial-of-service protection and for enabling QOS. The SnapGear firewall has ICSAcertification,and has a Dynamic Host Configuration Protocol (DHCP) and SIP proxy options. Secure

Computing has a good track record of avoiding vulnerabilities in its products.

Publication Date: 27 June 2008/ID Number: G00159003Page 14 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 27/37

Secure Computing is assigned a Promising rating in light of easy productdeployment cited bycustomers as "very plug and play," the increased capability of the formerCipherTrust safeguards,and its focus on security, balanced with low visibility in competitions and anunclear strategy forthe SMB market. Customers reported that they liked the Web interface, with their

supportexperience being mixed yet improving.


Secure Computing is primarily focused on the enterprise market, so serving the SMBmarket willremain a challenge, especially against SMB-focused competitors.

Appropriate Use Cases

�SMBs where security is valued over feature parity with other SMB firewall

competitorsRating: Promising



Vendors we surveyed listed SonicWALL most often as their primary competitor.SonicWALLappliances are ASIC-based, most are sub-1U size and they have a good number ofphysicalports. The management interface is clear, intuitive, includes wizards for commontasks, a packet

capture option and hierarchical management roles. An "application firewall"feature is included;however, this is a protocol-blocking tool (for example, blocking BitTorrent)rather than a Webapplication firewall. With its E-Class Network Security Appliance (NSA) line,which is based onmulticore processors, SonicWALL is trying to address upper-midmarket performanceneeds.More than 60% of SonicWALL's 1Q08 product revenue came from devices priced at lessthan$1,500, with 12% coming from devices priced over $5,000.

With its upcoming release of NSA 2400, SonicWALL aims to bring multicore

performance withSMB-friendly pricing. Client satisfaction is generally high among Gartnercustomers usingSonicWALL products, with customer friction occurring mostly when midsize customersoutgrowthe all-in-one product form a problem common to many direct competitors.�

SonicWALL is assigned a rating of Strong Positive because it's highly visible toend users andcompetitors, is focused on the SMB market with strong finances and releasesfeatures ahead of

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 28/37

customer demand.


SonicWALL is trying to address enterprise environments with its "E" series, whichcould distractthe company from its SMB focus.

Appropriate Use Cases

�Most SMB deploymentsRating: Strong Positive



The Cobia platform is an open-source project sponsored by StillSecure thatincludes selectablemodules for network firewall, router, DHCP and a beta of an IPS module. Although

it does not

Publication Date: 27 June 2008/ID Number: G00159003 Page 15 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 29/37

have a General Public License, Cobia is generally free for use for users willingto source theirown server hardware.

Although Cobia is new and does not have the full feature set of competingproducts, it representsan option for cost-conscious smaller businesses that want to combine networking

and security, oras a platform for emerging security vendors to build products on.

StillSecure's Cobia is rated as a Caution because it does not have many of thefeatures oftraditional multifunction SMB firewalls; however, for network-savvy smallbusinesses, it is anoption.


Most organizations will opt for appliances and will not have the expertise or thewill to build their

own firewall. Open-source blocking technologies (such as firewalls and IPS) havenot had a highadoption rate.

Appropriate Use Cases

�Cobia can represent a cost-effective solution for the most cash-starved securitybudgetsin small businesses.�As a platform for third-party security products.Rating: Caution


Untangle's model differs from most of its competitors. Aimed at the smallestbusinesses (lessthan 150 users) and the VARs that serve them, this open-source platform isdownloadable at nocharge. Optional service and support packages, as well as OEM relationships(Untangle recentlyannounced an option for Virus Blocker powered by Kaspersky), generate revenue.

Even with paid support, Untangle is inexpensive. In addition to the paid support

the companyoffers, it hosts an active community forum for support questions. Untangle hascreated closerelationships with its channel and customers.

Untangle is assigned a Positive rating for small businesses because of the lowentry price forcustomers and its strategy for opening up product licensing for adoption by othervendors.


8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 30/37

Untangle will be challenged to generate revenue and gain a broader base of payingcustomers. Italso must maintain a high degree of customer touch as business grows, and it willneed more-advanced features.

Appropriate Use Cases

�Very small businesses with no in-house IT capabilities, where price is the primary

motivationRating: Positive

Publication Date: 27 June 2008/ID Number: G00159003Page 16 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 31/37

WatchGuard Technologies


With 10 years experience in the SMB multifunction firewall market, WatchGuard haseightcompetitively priced, Intel-based firewall models in the "e-Series," starting as

low as $480 in theSMB market. The e-Series has three sub-classes Edge, Core and Peak with each� �  linerespectively providing greater throughput and processing. The company uses modularper-feature pricing to activate IPS, e-mail antivirus, anti-spam, URL filtering andWeb antivirus. Allfeatures except for the firewall, IPS and VPN are resold from third parties.

WatchGuard is competitive in bringing new features to market early. It iscustomer-focused, hasEvaluation Assurance Level (EAL)-4 Common Criteria certification and is increasingits market

share. WatchGuard Firebox appliances include a cryptographic accelerator chip toease the loadon the processor from VPN handling, traffic shaping, QOS, multi-WAN support, highavailabilityand DHCP relay.

Users we interviewed mentioned the robust firewall features in the appliances andthe high-quality customer support.

WatchGuard is assigned a rating of Positive because of its increased investment inengineeringand support, and its focus on the SMB deployment realities and customer

satisfaction, albeit withlimited competitive visibility.


Since going private in 2007, WatchGuard has been in a rebuilding mode. As it triesto execute onits larger-customer (up to 5,000 users) firewall vision, it will be continuallychallenged to maintainIts SMB product focus. WatchGuard must overcome customer perceptions ofuncertainty aboutcompany viability.

Appropriate Use Cases

�Most SMB deploymentsRating: Positive


"Magic Quadrants and MarketScopes: How Gartner Evaluates Vendors Within a Market"

Acronym Key and Glossary Terms

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 32/37

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 33/37

IPS intrusion prevention systemISA Internet Security and AccelerationISR Integrated Services RouterISS Internet Security SystemsLCD liquid crystal displayNSA Network Security ApplianceQOS quality of service

SMB Small and midsize businessToS Type of ServiceUTM unified threat managementVAR value-added resellerVPN virtual private network

Vendors Added or Dropped

We review and adjust our inclusion criteria for Magic Quadrants and MarketScopesas marketschange. As a result of these adjustments, the mix of vendors in any Magic QuadrantorMarketScope may change over time. A vendor appearing in a Magic Quadrant or

MarketScopeone year and not the next does not necessarily indicate that we have changed ouropinion of thatvendor. This may be a reflection of a change in the market and, therefore, changedevaluationcriteria, or a change of focus by a vendor.

Gartner MarketScope Defined

Gartner's MarketScope provides specific guidance for users who are deploying, orhavedeployed, products or services. A Gartner MarketScope rating does not imply thatthe vendor

meets all, few or none of the evaluation criteria. The Gartner MarketScopeevaluation is based ona weighted evaluation of a vendor's products in comparison with the evaluationcriteria. ConsiderGartner's criteria as they apply to your specific requirements. Contact Gartner todiscuss how thisevaluation may affect your specific needs.

In the below table, the various ratings are defined:

MarketScope Rating Framework

Strong Positive

Is viewed as a provider of strategic products, services or solutions:

�Customers: Continue with planned investments.�Potential customers: Consider this vendor a strong choice for strategicinvestments.Publication Date: 27 June 2008/ID Number: G00159003 Page 18 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 34/37

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 35/37


Demonstrates strength in specific areas, but execution in one or more areas maystill bedeveloping or inconsistent with other areas of performance:

Customers: Continue planned investments.�Potential customers: Consider this vendor a viable choice for strategic ortacticalinvestments, while planning for known limitations.Promising

Shows potential in specific areas; however, execution is inconsistent:

�Customers: Consider the short- and long-term impact of possible changes in status.

Potential customers: Plan for and be aware of issues and opportunities related totheevolution and maturity of this vendor.Caution

Faces challenges in one or more areas.

�Customers: Understand challenges in relevant areas, and develop contingency plansbased on risk tolerance and possible business impact.�Potential customers: Account for the vendor's challenges as part of due diligence.

Strong Negative

Has difficulty responding to problems in multiple areas.

�Customers: Execute risk mitigation plans and contingency options.�Potential customers: Consider this vendor only for tactical investment with short-term,rapid payback.Publication Date: 27 June 2008/ID Number: G00159003Page 19 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 36/37


Corporate Headquarters

56 Top Gallant RoadStamford, CT 06902-7700

U.S.A.+1 203 964 0096European Headquarters

TamesisThe GlantyEghamSurrey, TW20 9AWUNITED KINGDOM+44 1784 431611

Asia/Pacific Headquarters

Gartner Australasia Pty. Ltd.Level 9, 141 Walker StreetNorth SydneyNew South Wales 2060AUSTRALIA+61 2 9459 4600

Japan Headquarters

Gartner Japan Ltd.Aobadai Hills, 6F7-7, Aobadai, 4-chome

Meguro-ku, Tokyo 153-0042JAPAN+81 3 3481 3670

Latin America Headquarters

Gartner do BrazilAv. das Na es Unidas, 12551��9 andar World Trade Center� �04578-903 S o Paulo SP� �BRAZIL+55 11 3443 1509

Publication Date: 27 June 2008/ID Number: G00159003 Page 20 of 20

2008 Gartner, Inc. and/or its Affiliates. All Rights Reserved.�

8/14/2019 Gartner Market Scope Multi Function Firewalls for SMB 37/37

top related