You are on page 1of 51

2017-6-26 Gartner Reprint

  (https://www.gartner.com/home) LICENSED FOR
DISTRIBUTION

Magic Quadrant for Unified Threat Management (SMB Multifunction
Firewalls)
Published: 20 June 2017 ID: G00316047
Analyst(s): Jeremy D'Hoinne, Rajpreet Kaur, Adam Hils

Summary
SMB multifunction firewalls, or UTM, provide SMBs and distributed enterprises with multiple
security functions in a single appliance. Network security leaders should use this research to
evaluate performance, security, ease of use, local support and technology's ability to handle new
SMB practices.

Strategic Planning Assumptions
Through at least 2020, the firewall markets for SMBs and enterprises will remain distinct for
deployment scope and depth of security.

By 2022, more than 50% of new SMB firewall deployment will tunnel web traffic to a cloud-based
secure web gateway, up from less than 10% today.

By 2022, 25% of SMBs will use multifunction firewall as an on-premises monitoring and access
broker to inventory and control SaaS usage, manage mobile devices, or assess endpoint security
posture, up from less than 2% today.

By 2022, 10% of new distributed branch offices' firewall deployment will switch to firewall as a
service, up from less than 1% today.

Market Definition/Description
Gartner defines the unified threat management (UTM) market as multifunction network security
products used by small or midsize businesses (SMBs). Typically, midsize businesses have 100 to
1,000 employees (see Note 1). UTM vendors continually add new functions on the UTM
platforms, and therefore they encompass the feature set of many other network security
solutions, including, but not limited to:

Enterprise firewall
Intrusion prevention systems (IPSs)

Remote access

Routing and WAN connectivity

Secure web gateway

Secure email gateway

https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 1/51

2017-6-26 Gartner Reprint

While consolidation of security controls in a single "appliance" comes with compromises in
performance, security efficacy and capability, these are compromises that many SMBs are willing
to accept (see "What You Should Expect From Unified Threat Management Solutions" ). Browser-
based management, short learning curve for security policy configuration, embedded reporting,
and localized software and documentation don't specifically appeal to large enterprises, but are
highly valued by SMBs in this market.

Gartner sees very different demands from the large-enterprise and branch office firewall markets
(see "Magic Quadrant for Enterprise Network Firewalls" and "Next-Generation Firewalls and
Unified Threat Management Are Distinct Products and Markets" ). These generally require more
complex policy management workflow and network security features, and are optimized for very
different selection criteria and price points.

The branch offices of larger companies often have different network security demands than
midsize businesses, even though they may be of similar size. Large enterprises often use low-end
enterprise products at their branch offices to ensure interoperability and to take advantage of
economies of scale in getting larger discounts from their firewall vendors, and use the same
management console for the headquarters and for the branches. For these reasons, Gartner
allocates branch office firewall revenue to the enterprise firewall market, not the UTM market.

Small businesses with fewer than 100 employees have even more budgetary pressures and much
lower risk awareness than larger organizations. Most security procurement decisions are driven
by nontechnical factors, such as brand awareness, and rarely by competitive feature
comparisons. Therefore, this Magic Quadrant focuses on the UTM products used by midsize
businesses. Midsize organizations frequently manage the technology with in-house IT staff, or
use a managed security service provider (MSSP) to handle the operational maintenance of the
appliance, manage the configuration or handle the security monitoring.

Distributed organizations with highly autonomous offices, such as retail franchises, might total
more than 1,000 employees, even if only a portion of these employees are connected to the IT
infrastructure. Similar to SMB organizations, these organizations often have constrained budgets
due to the large number of branches and often small IT security teams. Many UTM vendors have
added features for this use case, with some vendors even focusing more on distributed
organizations than on traditional SMBs.

SMBs and organizations with a large number of autonomous branches should be skeptical of the
aspirational message from UTM vendors about the frequently exaggerated benefits of feature
consolidation.

Magic Quadrant
Figure 1. Magic Quadrant for Unified Threat Management (SMB Multifunction Firewalls)

https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 2/51

2017-6-26 Gartner Reprint

Source: Gartner (June 2017)

Vendor Strengths and Cautions
Barracuda Networks
Barracuda Networks is a Niche Player. It lacks visibility outside of the EMEA region and has
relatively small market share. However, the vendor demonstrates continued growth and has
made good strides in advanced threat detection and ease of deployment, and shows
improvement in its product strategy.

Barracuda Networks, headquartered in Campbell, California, is a large vendor that delivers
network security, backup and infrastructure solutions. Barracuda NextGen Firewall X-Series
(NGX) comprises six models, including three desktop models. It embeds a web interface
designed for simpler use cases. Barracuda Cloud Control (BCC) is the cloud-based centralized
management portal for the X-Series. Barracuda offers another line of firewall products, the
NextGen Firewall (NGF) F-Series, targeting larger enterprises.
https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 3/51

2017-6-26 Gartner Reprint

Recently, Barracuda announced the introduction of an F-Series firewall for Google Cloud, making
it one of the only third-party firewalls to support Google Cloud. During the evaluation period for
this Magic Quadrant, the vendor also released Zero Touch Deployment service for the F-Series to
eliminate deployment complexity. No new X-Series models were recently introduced.
Barracuda Networks is a good candidate for SMBs looking for good total cost of ownership, or
that require ease of deployment and high quality of support.
STRENGTHS
Marketing and sales execution: Barracuda has been effective in building sales channels that
understand smaller midmarket customers, and continues to invest in its channels. Surveyed
partners like the recent changes to the partner program. Barracuda has a growing visibility in
SMB multifunction firewall client shortlists observed by Gartner, demonstrating particular
strength in the education vertical. Barracuda is profitable, and its 2016 firewall revenue grew
more than this market's average.
Capabilities: Surveyed clients mention advanced threat defense capabilities, ease of
installation and management as product strengths.
Geographic strategy: Barracuda has a growing channel presence across North America,
Europe and Asia/Pacific (APAC). Vendor support centers are available in several countries, and
its support centers are conversant in numerous languages. In addition, the management
console is available in 13 languages, and QuickStart guides are available in six.
Market understanding: With its simplified Cloud Control management console and its Zero-
Touch CudaLaunch capabilities for simplified Client-2-Site VPN rollout, Barracuda X-Series
appeals to smaller midsize businesses and MSSPs targeting SMBs that value simplicity in their
firewall deployments.
Customer experience: Surveyed customers and resellers mention top-notch support as a
primary reason to continue using Barracuda for SMB multifunction firewalls.
CAUTIONS
Capabilities: Despite its enterprise firewall (F-Series) having broad deployment in the public
cloud (most notably in Microsoft Azure, and it became one of the first firewalls to offer a
Google Cloud version), Barracuda X-Series still does not offer a virtual appliance, making it
unusable for smaller midsize companies that wish to deploy resources to the public cloud.
Capabilities: Barracuda firewalls lack canned report for SaaS discovery and do not integrate
with cloud access security brokers (CASBs). Barracuda does not offer endpoint solutions, and
its firewalls cannot integrate with third-party endpoint protection solutions.

Market segmentation: The vendor does not offer a fully featured multifunction firewall
appliance model under $500, as some of its competitors do.

Customer experience: Surveyed customers and Gartner clients note that the Barracuda
firewalls have a slow web interface and lack management sophistication.

Product strategy: As they mature, midsize customers are unable to address more
sophisticated use cases with X-Series; instead, they must graduate to F-Series, which has a
different management console, and a different look and feel.

https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 4/51

2017-6-26 Gartner Reprint

Sales strategy: Barracuda is not visible in Gartner clients' shortlists from South America, the
Middle East and APAC. Barracuda does not have a mature channel structure or support centers
in South America, making it difficult for prospects and customers in that region to receive
effective service.

Check Point Software Technologies
Check Point Software Technologies is a Leader. The vendor continues to win SMB multifunction
firewall selections based upon its enterprise-quality security features, ease of management and
intuitive graphical user interface (GUI). Gartner believes Check Point has strengthened its vision
via its product enhancements and innovations in ransomware protection.

Co-headquartered in Tel Aviv, Israel and San Carlos, California, Check Point is a large pure-play
security vendor with more than 1,300 employees in R&D. Its product lines include SMB and
enterprise firewalls (Security Gateway), endpoint protection against advanced threat (SandBlast
Agent), mobile security (Sandblast Mobile) and virtual firewalls (vSEC for private and public
cloud). Its SMB multifunction firewall line includes the 700, 1400, 3100, 3200, 5100, 5200, 5400
and 5600 lines of appliances, all introduced in 2016 or 2017.

Recent news includes the introduction of vSEC for the Google Cloud Platform and the availability
of the R80 and R80.10 versions, with several improvements to the management console, better
VPN performances and new endpoint protection against ransomware.
Check Point is a good shortlist candidate for midsize enterprises that require very good security
with robust management interface.
STRENGTHS
Market understanding: Check Point continues to make investments to address SMB clients
and MSSP requirements. Its recently announced Check Point Infinity relies on principles that
appeal to smaller organizations with multifunction platforms, a block-first strategy and intuitive
management for small teams.
Management console: Check Point's reporting and management console and on-device GUIs
are consistently rated very highly by midsize companies that need to handle complexity. R80
introduced integrated application control directly in the access policy. A SaaS discovery report
is available.
Capabilities: Check Point's UTM solutions benefit from its enterprise-level security features,
such as the Anti-Bot option, threat intelligence feeds and credible intrusion prevention system
(IPS), backed up by a robust threat research team. Its solutions consistently get high scores in
independent testing for threat detection rate. Check Point's sandboxing solution is now
available for all of its firewall models.

Capabilities: Check Point provides a strong set of network options to protect against custom
malware with its sandboxing subscription (SandBlast Emulation Service), a variety of threat
intelligence feeds (ThreatCloud IntelliStore) and a feature that can automatically remove
suspected harmful content from downloaded files (Threat Extraction).

Customer experience: Partners and customers note that creating and using objects easily is a
particular strength. Some clients report that the compliance blade can facilitate audits of
configuration in regulated environments. Client feedback on the new software versions in the
R80.x family has been positive.

https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 5/51

Announcements relevant to SMB organizations include the release of the Firepower 2100 Series. Capabilities: Some Gartner midsize clients report that. Market responsiveness: Check Point can be slower than its competitors to release or improve features that appeal only to SMBs. the vendor has doubled down on cloud and security investments. Check Point firewalls lack enough performance capacity to compete with lower- priced solutions.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 6/51 . or are often unaware that Check Point has a line of multifunction firewalls with enterprise-quality features that could address their high security use cases. allowing these organizations to utilize advanced security features without the complexity of having to buy and deploy eight to 10 software blades individually. Cisco demonstrates continued innovation for a segment of the market with its Meraki MX product line. but are both needed to address some customer needs. Marketing strategy: Gartner still sees Check Point mostly selling to its existing client base. and Gartner clients and surveyed customers and partners still note a relative lack of satisfaction with Check Point because of its high subscription renewal price. Meraki MX and the traditional Firepower offering are developed in silos. Check Point Security Gateways do not directly integrate with CASB vendors or leverage SaaS APIs for increased visibility or additional control options. Marketing execution: The abundance of branded names for features is confusing. and updated its cloud- based management console.2017-6-26 Gartner Reprint Marketing and sales execution: 2016 saw a clear uptick of SMBs opting for NGTP and NGTX feature bundles.000 employees. Gartner analysts noticed undersizing of the firewall appliance in many of these situations. Unlike many of its competitors that support decryption for multiple protocols. The firewall still lacks a user quarantine for email. It has a global presence and employs more than 73. headquartered in San Jose. https://www.gartner. However. California. In recent years. Its security portfolio includes firewalls (Firepower and Meraki MX). without any integration. Cisco security solutions also include endpoint (AMP. This is confirmed by Gartner clients who still cite price as the primary reason for not selecting Check Point solutions. Cisco is a large network infrastructure and security vendor. CAUTIONS Sales strategy: Check Point is priced higher than its competitors. as they have conducted competitive evaluations. AnyConnect) and Cloud (Cisco Umbrella) solutions. Cisco Cisco is a Challenger. Check Point can decrypt HTTPS only. a continuation of Cisco's effort to update its entire product line with preinstalled Firepower software. the NGTX feature package has generated more interest among non-Check Point SMB customers. network traffic analysis (Stealthwatch) and CASB (Cloudlock). Cisco also made network sandboxing available on Meraki MX. Capabilities: Check Point's web management interface is a trimmed-down version of the centralized management console. IPS (Firepower). Prospective midsize clients can't figure out the features behind the names.

but with noticeable performance impact. switches. compared with leading solutions. Meraki's users are strongly positive on ease of deployment and implementation.2017-6-26 Gartner Reprint Cisco is a good shortlist contender for all SMBs and distributed organizations. It also continues to invest in improving its management with new versions of on-premises and cloud management console for Firepower.K. an embedded web interface. and Cisco Meraki is a good shortlist contender for distributed organizations.S. threat intelligence from the large Talos threat research team and IPS inherited from the Sourcefire acquisition (full IPS on Firepower. Improvements: Cisco has released several features to offer integration between its security solutions. Meraki lacks email security and does not inspect http files for viruses. Management console: Inferior management console quality. Cisco Cloud Defense Orchestrator and Meraki MX provide overlapping options for cloud-based centralized management. Sourcefire signatures on Meraki MX). Cisco released Firepower Device Management. Meraki MX visibility. and is now considered frequently even when not the incumbent solution. but it is not yet full-featured. For smaller organizations. Customer experience: Clients and prospects often describe Cisco as a trusted brand and trusted partner. Market responsiveness: Gartner analysts see Meraki MX's recent release of Threat Grid sandboxing. months after most of its competitors. In late 2016. Cisco is one of the most visible vendor in UTM shortlists. particularly in the retail industry. when the relevant skills are available from the selected channel partner. Centralized management: Distributed organization clients like the ability to use Meraki's unified management and monitoring solution for wireless. Cisco still offers Cisco ASA appliances. finance) and some European and Latin American countries. Capabilities: All Meraki MX firewalls and the smaller Cisco Firepower appliance lack Transport Layer Security (TLS) decryption to inspect employee browsing over HTTPS. as an indication that Cisco's investment in Meraki is limited. but sends file hashes to the Advanced Malware Protection (AMP) cloud infrastructure. https://www. Capabilities: Cisco's SMB clients like the ability to get enterprise-class security features with AMP. while still mostly limited to the U. Several U. Meraki's cloud-based management console might not be a desirable option. site-to-site VPN and mobile device management. has always been the most vocal complaint from Cisco ASA clients. especially those with 10 to 100 offices. which appeals to SMB customers. STRENGTHS Marketing execution: Cisco is a ubiquitous brand in network and security worlds.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 7/51 . CAUTIONS Product strategy: The Meraki MX product line does not fully address all the use cases for SMB network security needs. firewall. Cisco Firepower is a good choice for midsize businesses. and the U. as no Firepower product is available yet for this segment. and lacks a zero-touch deployment option. In some industries (public sector.S. This dual-product-line offering available to SMB clients from Cisco often creates product management complexity and buying confusion. has also improved.gartner. and it continues to be developed as a separate effort from Cisco's corporate strategy.. which can be upgraded to use the Firepower firmware. clients gave Cisco good scores for client support.

2017-6-26 Gartner Reprint Customer experience: Clients mention that the quality of Firepower firmware updates could be better. CAUTIONS https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 8/51 . STRENGTHS Geographic strategy: Fortinet has the largest channel presence across all regions. Customer experience: Fortinet provides very good performance and pricing to its SMB customers. wireless access point and switches. The concept. including more than 1. and are frustrated with the limited access they have to diagnostic tools. It is also the vendor most frequently cited as being the strongest competitor in this market by surveyed resellers. creating situations where Firepower must replace Meraki for targeted use cases. endpoint protection platform (FortiClient) and web application firewall (FortiWeb).gartner. Recent news includes the latest generation of hardware models (E Series) and tighter integration between the different products of its portfolio (Fortinet Security Fabric). and for distributed offices with simple management needs or working with an MSSP. Fortinet has more than 4.600 employees globally. They also complain about accelerating product life cycles in recent years. Fortinet is a good shortlist candidate for all SMBs. It also allows integration with Fortinet's endpoint solution (FortiClient) to perform a health check before authorizing a connection to the network. Outside of North America. Market understanding: Fortinet offers integration between many products in its portfolio. Vendor support centers are available in 10 countries. the vendor announced the opening of a European data center.000 employees in R&D. Meraki MX clients with a large number of offices note that ease of use suffers with scale. and its 2016 revenue grew almost twice as fast than the market average. gives customers willing to invest in multiple Fortinet solutions a unified view of their infrastructure and the ability to manage AP and switches directly from the Fortigate console. relative to those of some competitors. Marketing and sales execution: Fortinet is the clear leader in this market. Sales execution: Several clients complain about increased costs and price list complexity. endpoint. Fortinet is profitable. Capabilities: Fortinet's security services are driven by a large threat research team. Its portfolio of network and endpoint security solutions includes SMB and enterprise firewalls (Fortigate). Fortinet Fortinet is a Leader. named Fortinet Security Fabric. It has strong presence in SMB shortlists and a strong feature/price/performance offering. We believe its product vision quality has declined somewhat. including firewalls. In 2016. It is the most visible vendor in SMB multifunction firewall client shortlists observed by Gartner. California. as using the new features delivered on the latest version often creates support issues. for its FortiCloud and FortiSandbox features. based in Germany. Dedicated application profiles for SaaS visibility and control are also available. Fortinet is also the most frequently shortlisted vendor for SMB and distributed-office use cases. Headquartered in Sunnyvale. Results from survey and Gartner client inquiries are consistent in highlighting this. which help make it a frequent choice for UTM. and its customer base is vastly distributed. channel awareness and expertise on the Meraki MX solutions are scarce.

China. Hillstone is an established network security player in South East Asia and trying to expand in other regions. Gartner also observed similar issues with clients managing distributed offices with a small in-house team. Customer experience: Surveyed clients and resellers expressed concerns about the lack of intuitiveness of the management console. multiple device status and traffic monitoring. It also offers Hillstone Security Management Platform (HSM) and Hillstone Security Audit Platform (HSA) for centralized management and audit. https://www. FortiCloud is Fortinet's first step in providing centralized management from a cloud portal. but is slowly growing in Latin America. Sales strategy: Gartner has observed that list prices in proposals outside of North America can be significantly higher than in the U. but lacks fully featured centralized management of the configuration. and lacks focus toward all SMB use cases. Its product strategy is more focused toward carrier and enterprise use cases. Hillstone introduced a few major features. Malware prevention: Fortinet has a small base of customers using its cloud-based network sandboxing feature. Other than UTMs. In 2016. Fortinet clients outside of North America should verify competitive pricing propositions and not rely only on Fortinet's reputation for good pricing. STRENGTHS Capabilities: Clients report that the real-time monitoring dashboard provides useful features to easily investigate incidents. Server Breach Detection System (sBDS. such as retail and education. Hillstone is a good shortlist candidate for organizations in China. with regional headquarters in Sunnyvale. The centralized management and monitoring offers features such as VPN topology monitoring.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 9/51 . Capabilities: The advanced monitoring feature of VPN tunnels in Hillstone UTMs makes it a good candidate for distributed branch offices connected through site-to-site VPN tunnels. Hillstone Networks Hillstone is a Niche Player in the UTM Magic Quadrant. as its UTM is missing features such as email security and endpoint security. Hillstone Networks is headquartered in Beijing.S. I-Series) and cloud security solutions (CloudHive and CloudEdge). which helps the administrator understand the branch device status and VPN connection to headquarters. Surveyed resellers report the lowest deployment rate of network sandboxing for vendors evaluated in this research. S-series). California.2017-6-26 Gartner Reprint Capabilities: Fortinet lags behind its direct competitors in cloud-based management that appeals to distributed offices in cloud enthusiast industries. While a small uplift is expected. Hillstone also offers enterprise firewalls (T-Series and X-Series). even for nonsecurity experts. It integrates FortiView.gartner. It is visible mostly in China and South East Asia. especially where there is a need for a unified console for managing hybrid networks with a mix of cloud and on-premises firewall appliances. responsive support from the Fortinet ecosystem. It also gets a low satisfaction score for the quality of its HTTPS decryption feature. Customer experience: Fortinet customers have reported difficulty in obtaining easy. such as Cloud Sandbox and HTTPS decryption. or where skilled channel partners are available. Its portfolio also includes Network Intrusion Prevention System (NIPS.

Huawei Huawei is a Niche Player. Jindong Cloud. Capabilities: Hillstone UTMs lack email security features. They do not offer any specific reports for SaaS applications. This diverts some of its R&D investment from SMBs. Huawei has a large portfolio of infrastructure and telecom products operating under multiple divisions. but still has most of its firewall sales in China. and also lack support for any third-party EPP. Capabilities: Hillstone firewalls lack SaaS monitoring and control functionality. CloudView offers basic capabilities with strong monitoring and reporting features. This feature provides centralized monitoring capabilities to clients using multiple Hillstone product lines. However. and only offers monitoring and reporting capabilities. China Telecom. offering security and data communication solutions for enterprise and carrier networks. At present. prospective clients should be cautious of the experience of Hillstone's partners. CloudView is only offered in China. such as virtualization and support for software-defined networks (SDNs). because the firewall may be a new solution for them. CAUTIONS Product strategy: Hillstone's strategy is focused on enterprise and carrier use cases. AliCloud and other global public clouds. features like a cloud- based management portal and advanced malware prevention need more granularity to compete with Leaders in the market. such as Latin America and Middle East. Gartner believes the vendor shows greater vision thanks to its increased focus on SMB needs. Capabilities: Hillstone UTMs do not offer any inbuilt endpoint protection platform (EPP). Huawei Cloud. lacks any centralized configuration and deployment capabilities. Infrastructure as a Service (IaaS): Hillstone's virtual CloudEdge firewalls support all the major regional local cloud platforms in China. Huawei Security is part of its networking and security division. including UTM and enterprise firewall (Hillstone E-series next- generation firewall [NGFW] and T-series intelligent NGFW [iNGFW]). which typically look for multiple easy-to-use security features in their UTM. such as Amazon Web Services (AWS) and Microsoft Azure.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 10/51 . https://www. Technical support: Surveyed clients and resellers give high scores to technical support. but has its own security sales team and dedicated channel partners to sell them.2017-6-26 Gartner Reprint Technical architecture: The cloud-based management portal CloudView provides support for multiple Hillstone product lines. It also lacks integration with Office 365 to provide additional visibility and control for the service. China. China Mobile). It has limited presence outside of China. Huawei is a global information and communication vendor. This makes Hillstone a good shortlist candidate for organizations that want to secure their cloud network with the same on-premises UTM vendor. Geographic strategy: Since Hillstone is targeting markets outside China. The vendor is making progress in other regions. including carrier cloud (China Unicom. citing quick resolution and turnaround time.gartner. which remain an important feature for SMBs and a shortlisting criteria. which offers firewalls and application security products along with distributed denial of service (DDoS) appliances. Headquartered in Shenzhen. giving higher priority to features relevant to this market.

security and data communications product portfolio. which makes it a good contender for organizations that look to maintain single vendor relationship. it still lags behind in terms of control and management features that can be centrally applied on the UTM devices. Marketing execution: Huawei lacks strong marketing messaging around security. such as file blocking. leading organizations using Azure to look to different vendors. which is capable of managing its security and data communications product lines. eSight. and login blocking. and those that are looking for basic UTM features at a good price. Technical architecture: Huawei USG UTMs do not provide an EPP feature for antivirus and anti- malware on the endpoints. cloud-based management portal of UTMs and enhancements to its centralized management tool. both by surveyed clients and resellers. Capabilities: The vendor has developed Cloud Access Security Awareness (CASA) for monitoring and controlling SaaS applications over the cloud. SaaS behavior control.gartner. This includes such features as SaaS application and behavior recognition. Capabilities: Huawei USG's quota-based user traffic management feature has been mentioned as one of the strongest features of the product. Centralized management: Huawei has developed a centralized software-based management platform. especially in China and Latin America. CAUTIONS Capabilities: Although Huawei provides a cloud-based management portal for its Agile Controller UTMs. It offers third-party endpoint integration only with McAfee solutions.2017-6-26 Gartner Reprint In 2016. as compared to other international vendors available in the region. local sales engineers. which provides organizations with more visibility and control over their cloud- based SaaS applications.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 11/51 . It released features including network sandboxing. IaaS: Huawei USG UTM is not yet available on Azure. Regional value-added resellers (VARs) struggle to promote Huawei against other international vendors with very strong regional teams and regional market strategies. such as Europe and South East Asia. Huawei's customers that are using its various security and data communication product lines can thus easily manage the different products. Huawei introduced four new appliances and two virtual appliances for AWS and Xen. policy provisioning and synchronization. all of which fill in feature gaps. Customer experience: Customers report that Huawei's documentation and brochures in regional languages other than Chinese are not updated regularly and can be outdated. eSight. and backup and rollback. it strongly competes with leading vendors. as well as a dedicated regional channel market and sales strategy for its security solutions in regions outside China. where the vendor has a good UTM presence. Juniper Networks https://www. The recent enhancements to eSight include a drag-and-drop feature. such as multiple distributors. and better channel training and support to compete in those regions. Sales execution: Surveyed resellers and clients report that Huawei's USG UTM offers good value for the price. In China. STRENGTHS Platform: Huawei has a broad network. Huawei's Unified Security Gateway (USG) UTM is a good shortlist candidate for SMBs that are already using other Huawei product lines.

slipping customer satisfaction and lack of SMB-focused product strategy. with a network of channel partners and technology integration partners in various regions. 345. Based in Sunnyvale. Juniper offers three different web-filtering licenses: the Local Web Filtering option.gartner. Korean and Mandarin. including SRX340. Other than offering support in English. and Websense Redirect. In 2016. which is offered free of charge. including single- click blocking options for users. French. Juniper is a good shortlist contender for upper-midsize organizations already using other Juniper products. such as routers. switches and firewalls. CAUTIONS https://www. private clouds and public cloud (AWS). Russian.2017-6-26 Gartner Reprint Juniper Networks Juniper Networks moved from the Challenger to the Niche Players quadrant. Ukrainian. as well as enhancements to its centralized firewall management. Serbian- Croatian. Its SRX series has strong integrated routing and switching capabilities from the MX-Series routers and EX-Series switches. Tagalog. and plans to extend this support further to third-party switches. 550M and other enterprise firewall models. Its broad product portfolio includes a range of network edge and management devices. which uses cloud-based Websense Master Database URL. Juniper also offers support in multiple regional languages. including Arabic. SDN and enterprise firewalls (SRX series firewalls). It has also introduced four new SRX UTM models. Capabilities: Juniper Networks is known for providing good-quality hardware appliances. California. detection and enforcement across various Juniper platforms. Geographic strategy: Juniper Networks has a strong worldwide presence.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 12/51 . it extended the SDSN Policy Enforcer feature with automated enforcement on EX/QFX switches. Juniper Networks is a global network infrastructure vendor. Sky ATP. geographies or threat events. which redirects the web traffic to an on-premises Websense appliance. Improvements: Juniper has enhanced the firewall management interface and the logging and reporting capabilities in Junos Space Security Director by making it more interactive.exe files for web traffic over HTTP and HTTPS. Sales strategy: Juniper Networks offers a free Sky ATP subscription on SRX platforms. applications. Spanish. Japanese. switches. Junos Space Security Director also supports automated actions from event view. Security Director. Enhanced Web Filtering. German. which resulted in a drop in their UTM market share. The vendor has struggled with its sales execution. Over the past year. This basic subscription only scans . Juniper has made enhancements to its advanced cloud-based malware prevention service. Technical architecture: Juniper has designed Juniper's Software-Defined Secure Networks (SDSN) Platform to equip its customers with centralized policy. STRENGTHS Technical support: Juniper's technical support is always rated highly by both VARs and end users. They often cite the technical support team as being friendly and offering quick response. routers. Polish. Capabilities: Customers and VARs have reported the web-filtering capabilities of Juniper SRX through Websense as one of best product features.

stability of its firmware updates and the quality of its app control feature. Its product strategy and roadmap are more focused toward enterprises and carrier-class requirements. Recent news includes a refresh of the gateprotect appliances and a rebranding of the firewall and UTM portfolios. Its firewall product line now comprises the Unified. Capabilities: Juniper SRX still lacks features desired by SMBs. mobile VPN clients. Rohde & Schwarz Cybersecurity Rohde & Schwarz Cybersecurity is a Niche Player. The vendor has only released support for SMTP in March 2017. Capabilities: eGUI. Its portfolio includes a multifunction firewall product line. Advanced malware prevention: Juniper's advanced malware prevention subscription known as Sky ATP is not available on smaller UTM models SRX 110 and SRX 220d 200. STRENGTHS Organization: Rohde & Schwarz continues to invest in cybersecurity. which can be an important feature for cloud enthusiast industries. The vendor has recently announced an API and partnerships to integrate with third-party endpoint vendors in the future. gateprotect (named after a company acquired in 2014). the Extended and the Specialized Lines.gartner. The vendor does not offer cloud-based management of Juniper SRX. The vendor is quickly losing market share. https://www.2017-6-26 Gartner Reprint Product strategy: Juniper's product strategy lacks focus for SMB security use cases. It primarily serves German customers and has limited reach in the upper-midsize market segment. such as strong. and has 450 employees. but there is not yet any integration between SRX firewalls and third-party endpoint protection platform vendors. includes the ability to build and visualize a network topology map of the filtering policy. Juniper security information and event management (SIEM) supports many third-party endpoint solutions. especially around market responsiveness. Sales execution: Juniper is hardly visible in SMB multifunction firewall client shortlists observed by Gartner. and endpoint security management. end-user quarantine for spam. and a web application firewall. DenyAll.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 13/51 . It is already one of the larger European vendors for network security. but does not support IMAP. Sky ATP can inspect HTTP and HTTPS. the management console for gateprotect firewalls. and expressed customer satisfaction has slightly declined over the evaluation period. such as retail and education. It has just released SSL encapsulation of IPsec traffic for remote hosts as a work-around for its lack of native SSL VPN capabilities. acquired in 2017. It also offers several encryption management products. Customer experience: Juniper receives below-average scores for ease of initial deployment. It lags behind other vendors in terms of execution. Technical architecture: Juniper lacks an EPP offering. Rohde & Schwarz Cybersecurity is a good shortlist candidate for German SMBs and for small organizations in other EMEA countries where certified gateprotect channel partners are available. Rohde & Schwarz is a Germany-based electronics group that has acquired several vendors to build its cybersecurity division.

reflecting its poor market execution. The vendor successfully markets its German R&D and "no backdoor" policy as competitive advantages against its U.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 14/51 . and where its channel has experience.2017-6-26 Gartner Reprint Sales execution: Several clients cite that they selected Rohde & Schwarz because it is a German vendor. Organization: Some gateprotect resellers cite negative consequences of the Gateprotect acquisition and product line refresh. including new rules. but the vendor is not visible in Gartner client shortlists for this segment. and still lacks a cloud management portal and a virtual appliance offering. with a global presence through a long-established channel. its centralized management and the poor number of available security reports. and there are no centralized monitoring and reporting solutions yet. This appeals to local resellers and to a portion of the European market. The gateprotect product line includes models to serve larger organizations. price list changes and lack of flexibility. The vendor is less visible with Gartner clients in recent UTM deals. and the more recent web version for midsize products. Geographic strategy: The management interface and documentation are available in German for all the firewall product lines. Capabilities: Gateprotect lacks network sandboxing and threat intelligence feeds. especially small government agencies. French and English. Spanish. CAUTIONS Marketing strategy: Rohde & Schwarz Cybersecurity is hampered with the required investments to merge its firewall product lines and to migrate to the web version of its management console. It benefits from its remaining market presence. and too-fast end-of-life of legacy products. Market segmentation: Rohde & Schwarz Cybersecurity solutions will not be appropriate for upper-midmarket organizations that have enterprise-class requirements. and its legacy of being a strong SMB and network security brand. promoting enterprise features higher in the roadmap priority. both of which have been offered for some time by other UTM vendors in the market. SonicWall SonicWall is a Challenger. Organizations with multiple offices might have to juggle between the two flavors of eGUI management console that exist: the Windows software for smaller appliances. Customer experience: Customers score gateprotect very highly for the ease of use of the eGUI management console. Customer experience: Gateprotect gets low scores for its high rate of false positives. Its strategic vision is slowly moving away from SMBs to target larger organizations. especially when defining a security policy. It also has a relatively small sales and presales team to address this market. Its centralized management (Command Center) is in beta only.S. Its product strategy has also impacted its vision. The gateprotect management console is also available in Italian. French and Turkish.gartner. https://www. SonicWall has been late in introducing new features such as advanced malware protection. The small and lower-midsize organizations from Europe are where most of the vendor customer base is deployed. Support is available in German. Legacy centralized management and monitoring solutions are still available for the unified line only.-based competitors. Several differences in capabilities exist between the Unified and Extended Lines.

Capabilities: Surveyed SonicWall customers and channel partners have given high ratings to the TLS inspection engine (Deep Packet Inspection of Secure Sockets Layer. SonicWall firewalls use a multiengine cloud-based sandbox. which offers a SSL VPN mobile app for various mobile clients. SonicWall offers solid IPsec site-to-site VPN tunnels that can be scaled very easily to multiple sites. therefore it has no presence over the public clouds. The vendor has recently experienced a decline in revenue. nor during the first half of 2017. including iOS 7. This approach makes it a good shortlist candidate for SMBs looking for a strong advanced malware protection cloud service. and also offers good sales and technical support. and Chrome OS 45+. STRENGTHS Market segmentation: SonicWall UTMs have a good presence among more than 50 distributed-office use cases. SonicWall has launched its cloud management portal (Cloud GMS). and after the split. Marketing strategy: SonicWall has a strong network of loyal channels across the globe that are pleased about SonicWall becoming an independent vendor again. Gartner attributes many of these issues to the succession of ownership changes and subsequent disruption to the company. DPI-SSL) for its ability to limit throughput degradation.gartner. It also offers integration capabilities with SonicWall Mobile Connect. access control and email security product lines.2017-6-26 Gartner Reprint SonicWall. it is an independent vendor company. SonicWall was under Dell as Dell SonicWALL.200 employees. Windows 10 and Windows 10 Mobile devices. The SonicWall portfolio includes network security.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 15/51 . SonicWall remains a good candidate for most SMB use cases. CAUTIONS Market segmentation: SonicWall lacks a virtual appliance offering for its firewalls and UTMs. It is a favorable vendor for SMBs that offer wireless access in their organizations. Marketing execution: Gartner less frequently sees SonicWall being shortlisted by clients. This offering is useful for SonicWall customers that are using multiple product lines. is a long-established network security vendor. Centralized management: SonicWall Global Management System (GMS) offers a centralized management solution for SonicWall firewalls. SonicWall communicates its product strategy and roadmap to them on a regular basis. headquartered in Santa Clara.9+. Technical architecture: SonicWall offers integration with Kaspersky and McAfee for enforcement of their endpoints through SonicWALL UTMs.0+. Capabilities: SonicWall offers multiple wireless AP management and control features within its firewall portfolio. Android 4. In May 2017. Until last year. with site-to-site IPsec VPN connectivity. SonicPoints (access points). It employs more than 1. https://www. macOS 10. It did not release any new UTM models in 2016.1+. California. Dell Networking X- series switches and WAN Acceleration Appliance (WXA) series devices. This forces organizations with hybrid networks to consider another vendor for their cloud networks. especially organizations that want to offer cost-effective integrated wireless access managed centrally from within the UTM. This helps the clients to centrally enforce the endpoint platforms. The majority of its customers utilize this feature.

Sophos has more than 3. which is useful in making Sophos UTM increasingly relevant to public cloud deployments. Sales execution: Sophos has a significant IaaS presence relative to most UTM competitors. Sophos has Synchronized Security. relative to those of some competitors. Capabilities: SonicWall has just released the first version of its cloud-based management portal. and the acquisition of Invincea. SonicWall has not integrated all those features in the inbuilt email security UTM feature. Capabilities: Despite having a separate product line for email security and encryption. the recently added capability to isolate endpoints missing a heartbeat. U. Headquartered in Abingdon. an advanced-threat- focused endpoint vendor. The feature is tightly integrated in the management interface and https://www. Its firewall product line consists of Sophos XG Series.. Sophos offers a number of other security solutions.gartner. an integration between its UTM and Sophos Endpoint product. Customer satisfaction: Gartner continues to receive mixed feedback on SonicWall customer support. It demonstrates strength in its product vision and roadmap execution. Sophos is a frequently shortlisted vendor for lower-midsize business and distributed-office use cases. especially from upper-midsize organizations. Technical architecture: With Security Heartbeat. and still lacks zero-touch deployment. Sophos Sophos is a Leader in the UTM Magic Quadrant.K. Continued execution on an aggressive roadmap has strengthened prospective buyers' view of Sophos UTM as a security leader. It continues to gain market share due to ease of use.2017-6-26 Gartner Reprint Market responsiveness: SonicWall has been slow in providing new features and enhancing its existing capabilities. Recent news includes the introduction of a new set of XG firewalls that support Sophos Sandstorm and Synchronized Security. Endpoint security products include Sophos Endpoint and Intercept X. including mobile security and encryption. and the legacy Sophos SG Series.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 16/51 .000 employees globally. Massachusetts. Surveyed clients have also reported that the wireless AP management feature has not been enhanced to offer more unique capabilities. Sophos UTMs are available as virtual appliances with integration on the AWS and Azure IaaS platforms. Its portfolio includes a mix of network and endpoint security solutions. STRENGTHS Capabilities: A majority of surveyed customers and partners mention security feature richness and breadth as a reason for the selection of Sophos. Sophos is also a good shortlist contender for SMBs. Sophos Synchronized Security is maturing and has become a recognized differentiator. and in Burlington. security feature richness and successful integration with its endpoint product. security features and firewall/endpoint integration. The SG line has an integrated Web Application Firewall feature. all of which were introduced in 2015 and refreshed in 4Q16. which includes 19 models. especially those that value ease of use. Capabilities: Sophos customers and partners cite on-box UI quality and the ease with which they can interact with it as strong positives.

Stormshield Stormshield is in the Niche Players quadrant. the addition of an automated risk score for hosts. EPP (Stormshield Endpoint Security) and data encryption (Stormshield Data Security). CAUTIONS Product strategy: Although Sophos says that it will support the two UTM product lines for an undisclosed period.2017-6-26 Gartner Reprint provides a unified dashboard. it is still not at feature parity with SG. Former Cyberoam channel partners might still have limited experience with Sophos products. Existing Cyberoam customers should carefully evaluate the cost of migrating from the CR Series to the XG platform. Stormshield portfolio includes firewalls (Stormshield Network Security). It employs more than 200 employees. and it has a large installed base of European SMBs. the vendor focuses its roadmap on the XG Series. Gartner has observed that adoption for the new platform is slow. Stormshield is a good shortlist contender for EMEA organizations with a few locations when local skilled channel support is available. Stormshield is a subsidiary of Airbus Defence and Space. Customer experience: XG Series is a completely new solution when compared to the Cyberoam CR Series. along with a one-year warranty for customers that want to try Sophos UTM before committing to paying for a support contract. and does not offer on-device CASB features or integration with CASB vendors for improved visibility and better control of SaaS activity.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 17/51 . STRENGTHS Geographic strategy: Stormshield's dense channel coverage in Europe makes it a frequent contender on SMB shortlists. https://www. Capabilities: Sophos lacks SaaS discovery reports. but shows increasing promise in enhancing the security posture of midmarket organizations willing to make the effort to integrate firewall and an endpoint.gartner. Prospective customers should confirm the roadmap and support services' long-term availability for the SG Series. The vendor also regularly updates its European certifications and ensures that it offers dedicated features for regional regulations and compliance requirements. and real-time monitoring features embedded on the web management function. Customer experience: Sophos is the only UTM vendor to offer three months of free support. based in France. Product strategy: Although the XG platform has recently added support for network sandboxing and Synchronized Security. the release of a new centralized management solution. with a strong regional focus. Customer experience: Gartner clients and surveyed Sophos stakeholders mention occasional issues with customer support in terms of response time and ability to access expert resources to solve complex issues. It has demonstrated recent product improvements. the tools provided by the vendor and the channel experience with the XG software. Recent news includes several product improvements: a refresh of the low-end appliances and new models with integrated Wi-Fi. It is still evolving.

Marketing strategy: Stormshield invests significantly less of its revenue in marketing compared to the Leaders evaluated in this research. Customers would like further improvement in the real-time monitoring after the release of the version 3. CAUTIONS Customer experience: The recent feedback on Stormshield support has declined. Despite expected short-term interferences. Operations: Stormshield continues to invest in developing its sales workforce in countries where the vendor previously had minimal involvement. Channel partners report that they don't find what they need from the available tools. is still unproven and far from feature parity with the solutions from its competitors. Stormshield Management Center. To support this expansion. and improved user access management and integration with the user directory in the latest version of Stormshield Visibility Center. Capabilities: Surveyed customers give poor scores to the email security features (anti-spam quality and lack of user quarantine). nor the zero-touch deployment features that distributed organizations prefer. The vendor continues to receive marks of high customer satisfaction. but the large amount of false alerts when deploying the firewall has been a consistent subject of feedback over the recent years from end users and resellers. https://www. Surveyed customers point out that it is difficult to find relevant step-by- step technical documentation. Customers cite good integration of the IP reputation feature in the security policy. This is good for security. Product strategy: Innovations often lack sufficient polish and continued investment after first release to clearly impact user experience. The vendor does not offer a cloud-based centralized management console. Hardware quality also received a good average score. compared with previous years. The vendor is committed to serve lower-midsize businesses first. similar investments are being made in support and R&D. including North America.2017-6-26 Gartner Reprint Customer experience: Several customers and resellers gave excellent scores and described the security policy as combining intuitive controls for most use cases and more advanced capabilities when needed. Centralized management: Stormshield's centralized reporting and management receive lower scores than similar offerings from its direct competitors. and has limited market reach outside of the U.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 18/51 . False positives: The Stormshield IPS engine is in prevention mode by default. The performance degradation when enabling IPS is one of the lowest for vendors evaluated in this research. it is also beginning to target new regions. its centralized reporting solution. Its latest attempt to solve this issue. Gartner notes a renewed ambition following its recent acquisition.gartner. Untangle Untangle is in the Niche Players quadrant. as well as to the basic URL filtering and antivirus modules (Stormshield is also offering a premium subscription for antivirus and URL filtering).S. Capabilities: Stormshield integrates a vulnerability detection engine and offers the ability to adapt the security policy for vulnerable hosts directly from the monitoring console. Improvements: Stormshield has released entry-level appliances with integrated wireless.

Upper-midsize organizations should evaluate their functionality and scaling needs against Untangle's capabilities. Its value proposition for central management is progressing. with fewer than 100 employees. based in San Jose. Untangle is a good candidate for small and lower-midsize organizations. This can impact the vendor's ability to devote resources to grow and innovate with market needs. https://www. to be installed on standard hardware. especially in North America. Capabilities: Several clients and resellers cite ease of implementation. In September 2016.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 19/51 . Improvements: Untangle has improved its user interface with its latest version. with the recent addition of a first version of its cloud-based global control. Untangle was acquired by an equity firm. Untangle has less experience with hardware appliance sales than its direct competitors. Its product portfolio includes software and appliance versions of its firewall solutions. but it is not yet feature-complete. but the endpoint solution (Total Defense) acquired in 2014 by Untangle was not part of this acquisition. Every application. nor other enterprise-class support options that upper-midsize organizations and large resellers want. CAUTIONS Market segmentation: Gartner estimates that more than 90% of Untangle's UTM customers have fewer than 500 employees. It has limited policy verification features and lacks role-based management. Customer experience: As in previous evaluations. which started with centralized device monitoring. which is popular among the smaller offices and for remote workers. Its products have not received any certifications. A first version of a cloud-based centralized management solution was launched in February 2017. Organization: Untangle remains one of the smallest vendors evaluated in this research. It serves its channel of smaller resellers and is useful for organizations willing to evaluate the product. Its approach of cloud-centralized management is promising. vendor. which prevents Untangle from addressing distributed organizations and large MSSPs. The vendor has also released a threat intelligence service (ScoutIQ). delivered as a software appliance. Marketing execution: Untangle can be offered as software. A large majority of its clients are U.S.-based. It also lags behind its competitors for advanced networking features.S. A new CEO has been named.2017-6-26 Gartner Reprint Untangle is a U. interface flexibility and the quality of the numerous embedded reports as the key reasons to work with Untangle. is available for a 14-day trial. STRENGTHS Sales execution: Untangle offers a free version of its UTM. California. including security features. Capabilities: Untangle's largest physical appliances offer a throughput of 2 Gbps only.gartner. Its dynamic community also provides useful resources for newcomers. The availability of a threat intelligence service is a good addition for Untangle's target customers that are concerned about malware campaigns. Marketing execution: Untangle does not offer 24/7 support. vendor support gets great scores and some of the most positive comments from customers and resellers surveyed for this research.

vulnerability scanner and IDS. which is not offered by many UTM vendors in the market and strengthens its email filtering feature. SIEM.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 20/51 . The cloud-based sandboxing is unproven and has not yet been part of any independent test. It offers its software subscription free of charge for the first year. China. including Chinese applications such as Youku.gartner. especially for a distributed-office use case. Sales strategy: The international version of its low-end Venusense UTM is priced significantly higher than the competition. Capabilities: Surveyed VARs and clients highly rate the IPS feature of Venusense UTM. but has some gaps to fill compared with its competitors.2017-6-26 Gartner Reprint Capabilities: Untangle lacks cloud-based sandboxing. Venustech Venustech is a Niche Player. Headquartered in Beijing. https://www. Its visibility in SMB shortlists is limited to China and Japan. along with firewalls for SMBs and enterprises (Venusense UTM). endpoint security. It does not offer any dedicated monitoring for SaaS inventory and monitoring. The majority of customers opt for direct vendor support and are very satisfied with it. Venusense UTM is a good candidate for existing Venustech customers in China. STRENGTHS Capabilities: Venustech is one of the few UTM vendors offering granular DLP for both email and web traffic. Technical support: Vendor technical support has received positive reviews and is cited as responsive. except for a limited presence in Japan. It also offers outbound email encryption. Venustech addresses this use case by hosting virtual appliances of its centralized management software. which includes web application firewall. TongHuaShun and LeTV. Capabilities: The application control feature has a large database of applications. and for SMBs that are looking for a good local vendor with strong regional support in China as well as a cost- effective UTM offering. which makes it a desirable vendor as compared to other international vendors that lack local applications in their databases. It has dedicated firewall models for China and other models for the international market. Sales strategy: Venustech licensing is pretty straightforward and follows a bundled pricing model for both support and maintenance. Technical architecture: The vendor lacks a cloud-based management portal for managing multiple UTMs. Venustech is a long-established security player in China and offers the foundational UTM features in its UTM series. and mention it as one of the top features. CAUTIONS Geographic strategy: Venustech does not have any presence outside China. Venustech has a large product portfolio. Capabilities: Venusense UTMs cannot decrypt HTTPS or other TLS-encrypted traffic.

It continues to drive an ambitious roadmap while growing its customer base at pace with the overall market. Capabilities: WatchGuard customers and partners value highly the simplicity and depth of the reporting and analysis capabilities of WatchGuard Dimension. and wireless APs. ease of policy setup and a low rate of false positives as examples. WatchGuard's product vision and roadmap execution have slightly improved relative to those of some competitors. Geographic strategy: WatchGuard has a global presence across regions and continues to grow its already-large channel presence. the WatchGuard Dimension reporting tool includes an interactive heat map view (FireWatch) that is useful for quickly identifying network issues created by a specific user or application. WatchGuard WatchGuard is in the Visionaries quadrant. The Firebox UTM product line includes 15 physical appliances. https://www. for public cloud deployment.2017-6-26 Gartner Reprint IaaS: Venusense UTM is not available as an instance on any public clouds. WatchGuard offers virtual appliances. FireboxV and Firebox Cloud.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 21/51 . Capabilities: WatchGuard's customers and resellers report that WatchGuard UTM performs well under load with all features enabled. They cite ease of implementation. but has yet to release a version for Microsoft Azure. endpoint security. has more than 500 employees and is well-established in the multifunction firewall market. secure email gateways. STRENGTHS Product strategy: Midmarket customers like the free endpoint threat detection software packaged with the Firebox UTM. For example. which is provided by some of Venustech's competitors and is a desirable feature for SMBs that are adopting more SaaS applications. The endpoint presence is enabled by the WatchGuard Host Sensor. including XTMv. While the offer is still new. Recent WatchGuard news includes the introduction of the Threat Detection and Response (TDR) capability. The vendor released Firebox Cloud for AWS in the first quarter of 2017. It provides SMB and enterprise firewalls. WatchGuard is a good shortlist candidate for SMB organizations and distributed enterprises in need of a broad set of security and infrastructure features. some of which with embedded wireless capabilities. CAUTIONS Product strategy: WatchGuard has lagged behind competitors in public cloud firewall development and deployments. or a cloud-based visibility and management console. which uses a cloud-based threat scoring engine to correlate events seen in the network or on the endpoint. Customer experience: Overall ease of use is an oft-cited positive attribute noted by WatchGuard stakeholders. it will potentially benefit limited- budget midsize customers looking to detect and stop active threats in the network. which compels organizations to go with a different UTM vendor for their cloud environments. technology which came from the acquisition of Hexis HawkEye. Washington. Capabilities: Venusense UTMs lack support for monitoring and managing SaaS applications. WatchGuard is a privately held network security vendor that is over 20 years old.gartner. Based in Seattle.

Added No vendor was added. Customer experience: Some surveyed WatchGuard stakeholders mention longer-than-average time lags between the time an issue is reported and the time they receive a response. A vendor's appearance in a Magic Quadrant or MarketScope one year and not the next does not necessarily indicate that we have changed our opinion of that vendor. and the local currency negatively impacted the vendor's ability to meet the criteria. The vendor does most of its business in Brazil. It may be a reflection of a change in the market and. Vendors Added and Dropped We review and adjust our inclusion criteria for Magic Quadrants and MarketScopes as markets change.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 22/51 . As a result of these adjustments. Product execution: WatchGuard customers report that Threat Detection and Response is not fully integrated with WatchGuard Dimension. therefore. Prospective clients should ensure that the appropriate technical expertise for WatchGuard is available. The vendor can provide at least three reference customers willing to talk to Gartner. or of a change of focus by that vendor. changed evaluation criteria. Dell SonicWall is now SonicWall. They also achieved this revenue on the basis of product sales. the mix of vendors in any Magic Quadrant or MarketScope may change over time. Sales execution: Gartner midsize clients do not mention WatchGuard in their shortlists as frequently as they mention Leaders.2017-6-26 Gartner Reprint Sales strategy: The WatchGuard channel comprises a lot of smaller resellers. Inclusion and Exclusion Criteria Inclusion Criteria UTM companies that meet the market definition and description were considered for this report under the following conditions: They shipped UTM software and/or hardware products — targeted to midsize businesses — that included capabilities in the following feature areas at a minimum: Network security (stateful firewall and intrusion prevention) Web security gateway Remote access for mobile employees (VPNs) Email security They achieved UTM product sales (not including maintenance or other service fees) of more than $9 million in 2016. or Gartner has had sufficient input from Gartner clients on the product. exclusive of managed security service (MSS) revenue. Exclusion Criteria https://www. Dropped Aker Security Solutions did not meet the revenue criteria. after the split from Dell. and within a customer segment that's visible to Gartner.gartner.

the installed base. SaaS and mobile device management. Presale and postsale support are evaluated. Secucloud. My Digital Shield. integrated Wi-Fi support. In addition to the vendors included in this report. and the company didn't otherwise meet the inclusion criteria or isn't actively shipping products yet. proxy servers and IPS solutions). and the strength of sales and distribution operations in the vendors. North Coast Security Group. Sangfor Technologies. UTM revenue and/or competitive visibility levels. Buyers want value more than they want bargains. and demonstrated commitment to the multifunction firewall and network security market. Sales Execution/Pricing: This includes. company history. This includes current product and service capabilities.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 23/51 . Products are built around personal firewalls. Gartner tracks other vendors that did not meet our inclusion criteria because of a specific vertical market focus. integration with endpoint. Secui. host-based firewalls. The number of multifunction firewalls shipped isn't a key measure of execution. although low price is often a factor in building shortlists. to the extent that product sales did not reach the $9 million threshold. visibility in shortlists. competitive wins versus key competitors (which is compared with Gartner data on such competitions held by our clients) and devices in deployment. internet-facing firewall (for example. These vendors include Aker Security Solutions. the number of deals.gartner. prospects for continuing operations. feature sets. Endian. Solutions are typically delivered as a managed security service (MSS). GajShield. Key features that are weighted heavily include: Ease of deployment and operation Console quality Price/performance Range of models The ability to support multifunction and distributed organization deployments Secondary product capabilities (such as logging. such as multifunction firewall revenue. Evaluation Criteria Ability to Execute Product or Service: Core goods and services that compete in and/or serve the defined market. we consider the use of these firewalls and the features deployed to protect the key business systems of Gartner midsize business clients. quality. ilem Group. Instead. The total cost of ownership during a https://www. Low pricing won't guarantee high execution or client interest. Growth of the customer base and revenue derived from sales are also considered. including the cost of all hardware. and remote access) Overall Viability: This includes a vendor's overall financial health. SecPoint. support. Smoothwall and ZyXEL. Netgear. Quick Heal. Products aren't usually deployed as the primary.2017-6-26 Gartner Reprint There was insufficient information for assessment. host-based IPSs and web application firewalls — all of which are distinct markets. All vendors are required to disclose comparable market data. Pricing is compared in terms of a typical midsize business deployment. and skills. Cato Networks. maintenance and installation.

be flexible and achieve competitive success as opportunities develop. programs. customer needs evolve and market dynamics change. Table 1. availability of user groups. experiences. This criterion also considers the vendor's history of responsiveness to changing market demands. promotional.gartner. service-level agreements and so on. frequent changes in strategic directions and how recent organizational changes might influence the effectiveness of the organization.   Ability to Execute Evaluation Criteria Evaluation Criteria Weighting Product or Service High Overall Viability Medium Sales Execution/Pricing High Market Responsiveness/Record Medium https://www. quality. This "mind share" can be driven by a combination of publicity. Marketing Execution: The clarity. and transparency. These also include management experience and track record. overall throughput across different deployment scenarios and how the firewall fares under attack conditions. systems and other vehicles that enable the organization to operate effectively and efficiently. Also important is ease of use. thought leadership. competitors act. the cost of refreshing the products is evaluated. change direction. Operations: The ability of the organization to meet goals and commitments. This may also include ancillary tools. as is the cost of replacing a competing product without intolerable costs or interruptions. as is the pricing model and bundling approach for adding security safeguards. technical support or account support. and the depth of staff experience — specifically in the security marketplace.2017-6-26 Gartner Reprint typical multifunction firewall life cycle (which is three to five years) is assessed. We also recognize companies that are consistently identified by our clients and often appear on their preliminary shortlists. The greatest factor in these categories is customer satisfaction throughout the sales and product life cycle. skills.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 24/51 . customer support programs. Market Responsiveness/Record: Ability to respond. Customer Experience: Products and services and/or programs that enable customers to achieve anticipated results with the products evaluated. promote the brand. this includes quality supplier/buyer interactions. social media. creativity and efficacy of programs designed to deliver the organization's message in order to influence the market. referrals and sales activities. Specifically. Factors include quality of the organizational structure. as well as quality and responsiveness of the escalation process. In addition. Gartner analysts also monitor repeated release delays. increase awareness of products and establish a positive identification in the minds of customers.

advertising. and clear explanations and recommendations for detection events and deployment efficacy. expertise. such as Common Criteria. Integration with other security components is also weighted. We consider how vendors show a clear vision of their market — listen. In addition. as well as product integration with other IT systems. We look at partners that extend the scope and depth of market reach. As threats change and become more targeted and complex. and can shape or enhance market changes with their added vision. They must enact a plan.gartner. show that they're following it and modify the plan as they forecast how market directions will change. current features. we weight vendors that add mobile device management to their offerings and are looking to support SMB organizations that use cloud-based services. we weight vendors highly if they have roadmaps to move beyond purely signature-based. rather than an "us. virtualization and performance.2017-6-26 Gartner Reprint Evaluation Criteria Weighting Marketing Execution Low Customer Experience High Operations Low Source: Gartner (June 2017) Completeness of Vision Market Understanding: Ability to understand customer needs and translate them into products and services. Gartner makes this assessment subjectively by several means. including indirect sales and channel management. and against future trends identified in Gartner research. services and their customer base. Building loyalty through credibility with a full-time midsize business security and research staff demonstrates the ability to assess the next generation of requirements. https://www. are included. including interaction with vendors in briefings and feedback from Gartner clients on information they receive concerning roadmaps.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 25/51 . and communication. differentiated messaging consistently communicated internally. Marketing Strategy: Clear. deep-packet inspection techniques. Sales Strategy: A sound strategy for selling that uses the appropriate networks. and positioning statements. Offering (Product) Strategy: The emphasis is on the vendor's product roadmap. understand customer demands. These include providing a track record of delivering on innovation that precedes customer demand. channel and customer programs. Vendors can't merely state an aggressive future goal. This also includes preproduct and postproduct support. technologies. Incumbent vendor market performance is reviewed yearly against specific recommendations that have been made to each vendor. independent third-party certifications. externalized through social media. marketing. service. leading-edge capabilities. The quality of the security research labs behind the security features is considered. Credible. too" roadmap and an overall understanding and commitment to the security market (specifically the SMB network security market). value for pricing.

Geographic Strategy: The vendor's strategy to direct resources.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 26/51 . or operations that are difficult to configure or have limited reporting. such as performance. Solving customer problems is a key element of this category. logic and execution of the organization's business proposition to achieve continued success. and R&D spending.2017-6-26 Gartner Reprint Business Model: The design. and a https://www. This includes the process and success rate of developing new features and innovation. and integration with other security products. virtualization. Products that aren't intuitive in deployment. skills and offerings to meet the specific needs of geographies outside the "home" or native geography. support for multiple features. Reducing the rule base. Innovation: This includes product innovation. channels and subsidiaries. Table 2. These include the ability and commitment to service geographies. are scored accordingly. as appropriate for that geography and market. offering interproduct support and beating competitors to market with new features are most important. The requirements necessary for leadership include a wide range of models to cover midsize-business use cases.gartner. a management interface and clarity of reporting. The more a product mirrors the workflow of the midsize-business operations scenario. such as R&D.   Completeness of Vision Evaluation Criteria Evaluation Criteria Weighting Market Understanding High Marketing Strategy Medium Sales Strategy Medium Offering (Product) Strategy Medium Business Model Medium Vertical/Industry Strategy Not Rated Innovation High Geographic Strategy Low Source: Gartner (June 2017) Quadrant Descriptions Leaders The Leaders quadrant contains vendors at the forefront of making and selling UTM products that are built for midsize-business requirements. the better the vision. such as distributed multinational organizations deployments and MSSPs. quality differentiators. either directly or through partners.

but businesses need to make their decisions by mapping their threat and deployment patterns to optimal offerings.2017-6-26 Gartner Reprint management and reporting capability that's designed for ease of use. rather than the product.gartner. Vendors in this quadrant lead the market in offering new safeguarding features and in enabling customers to deploy them inexpensively without significantly affecting the end-user experience or increasing staffing burdens. The UTM market consists of a wide range of suppliers that meet the common core security requirements of SMBs. but lack the performance capability and support network. this is not always the case. Niche Players Most vendors in the Niche Players quadrant are enterprise-centric or small-office-centric in their approach to UTM devices for SMBs. The market growth is leveling out and becoming closer to the other network security markets.3 billion. consistent throughput. due to different threat environments. different business pressures and different levels of staffing. but lack the sales base. Challengers The Challengers quadrant contains vendors that have achieved a sound customer base. and because of their strength in execution. Visionaries Visionaries have the right designs and features for the midsize business. Common characteristics include reliability. These vendors also have a good track record of avoiding vulnerabilities in their security products.7% to reach a total of approximately $2. Market Overview The market for multifunction SMB firewalls (still also known as UTM) is mature and sees heavy competition regardless of region. if required. these vendors can offer economical product bundles that others can't. Some Niche Players focus on specific vertical industries or geographies. Context SMBs have significantly different network security requirements from those of large enterprises. Visionaries are shortlist candidates. If SMBs are already clients of these vendors for other products. strategy or financial means to compete globally with Leaders and Challengers. to win deals. Although the branch offices of some larger enterprises have requirements that are similar to midsize businesses. then Niche Players can be shortlisted. https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 27/51 . Savings and high-touch support can be achieved for organizations that are willing to update products more frequently and switch vendors. Gartner estimates that the UTM market grew at 12. Challengers' products are often well-priced. Where security technology is a competitive element for an enterprise. Many Challengers hold themselves back from becoming Leaders because they're obligated to set security or firewall products as a lower priority in their overall product sets. For 2016. Many Challengers have other successful security products in the midsize world and are counting on the client relationship or channel strength. but they aren't leading with features. and products that are intuitive to manage and administer. Most Visionaries' products have good security capabilities.

Direct integration with a CASB could be another option. Prospective customers of the integrated approach should conduct a separate evaluation of each considered technology. based on inquiry. However.and resource-constrained SMBs.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 28/51 . but tightly integrated with other security solutions and cloud services. often limited to the solution from the firewall vendors. Some vendors offer integrated management of wireless access points. and the panel of features that CASB vendors offer larger enterprises is more comprehensive than what UTM vendors can easily provide (see "Market Guide for Cloud Access Security Brokers" ).gartner. These more complex evaluation procedures are often out of reach for budget. extending visibility to the wireless networks. More vendors have added a SaaS discovery report. and therefore face lower organizational friction than larger enterprises. to improve monitoring and control options. They use channel partners more frequently for implementing security solutions. such as Office 365 or file-sharing services. The last Magic Quadrant for UTM was published in August 2016. Check Point Software Technologies and Sophos— and grows much faster than the market average (see "Market Share Analysis: Unified Threat Management (SMB Multifunction Firewalls). SonicWall. see Note 3). we observe a number close to 100%) URL filtering (77%) IPS (70%) Web antivirus (51%) IPsec (63%) and SSL (46%) VPN Application control (46%) User control (41%) Anti-spam (41%) Quality of service (41%) Will UTM Become a Meta-Security Platform? Leading vendors create new marketing messages after they attempt to convert a point product into a meta-security platform. The CASB market is quickly growing. First integrations are with endpoint solutions. This combination of criteria makes it easier to envision the integration of multiple security solutions. 2016" ). to align publication date with the enterprise network firewall Magic Quadrant. Midsize organizations have smaller teams. and only then evaluate the benefits of the integrated approach. Midsize organizations will often trust their channel partner. positioned at the edge of the corporate network. https://www. the most common features deployed on a UTM are: Firewall (90% — however. This evaluation period for this research was a bit shorter. with the promise of a unified monitoring dashboard and flexible security policy based on endpoint posture assessment. allowing SMB to inventory unmanaged SaaS. The next step is tighter integration between the firewall and the SaaS offerings frequently seen in SMBs. Based on the customer research survey for this Magic Quadrant (which aligns with Gartner inquiry except for firewall features.2017-6-26 Gartner Reprint Fortinet continues to own the largest market share in the UTM market (see Note 2) — with more than twice the revenue of its closest competitors. Worldwide.

but also try to identify the resellers' biases. despite the self-evaluation bias that generally results in inflated numbers. principally to enforce web-filtering policies and to prevent malware infection. more than 60% of organizations will fail to decrypt HTTPS efficiently. will move to use HTTPS to covert initial infection and command and control communications. Midsize organizations should assess the level of expertise of their channel partners on all the considered solutions. https://www. End-user experience is likely to be affected. Decrypting SSL/TLS on a UTM creates organizational issues. a growing number of malware attacks. more than 80% of enterprises' web traffic will be encrypted. for example. but a majority of vendors have stopped using the UTM name to highlight their platform concept instead." Many vendors evaluated in this research continue to focus more on distributed organizations made of autonomous offices. SMBs and enterprises continue to have different expectations for their perimeter gateway. whereas the channel partner also sells third-party solutions. relying on firewall appliances in default factory settings' ability to touch base with cloud management to get its prepared configuration. Ransomware and Encrypted Traffic Are Top Challenges for SMBs SMB organizations face a growing need for SSL decryption. They invest more in cloud-based centralized management consoles. This could create issues. only 32% of the respondents answered that they were decrypting HTTPS traffic. and the fact that references provided by vendors tend to use more features than the market average. a firewall vendor may start to promote integration with its own endpoint. Some application traffic cannot be decrypted. Some vendors already offer zero-touch deployment. including ransomware. and firewall vendors do a poor job at providing an up-to- date list of exceptions. missing most targeted web malware. Ease of Use and Price Continue to Drive SMB Purchases In previous years. such as performance issues and product sizing difficulties for the firewall channel. aimed at serving MSSPs and channel partners looking to automate repetitive provisioning and deployment tasks. and technical challenges.2017-6-26 Gartner Reprint channel partners have already built a portfolio of security solutions from different vendors. By 2020. as explained in "Next-Generation Firewalls and Unified Threat Management Are Distinct Products and Markets.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 29/51 . However. SMBs remain focused on total cost of ownership. In our client reference survey for this Magic Quadrant (see Note 3). the term "unified threat management" was used by vendors and channel partner to convey the notion of good price for value." Gartner anticipates that through 2019. Most clients and resellers continue to understand UTM as SMB multifunction firewalls. leading to blocked traffic. Consequently. ease of use and the ability to run multiple security features on a single platform. With a few exceptions.gartner. such as franchises. In "Predicts 2017: Network and Gateway Security. such as ensuring an employee's right to privacy. These differences are one of the major reasons why many of firewall vendors that sell successfully to the enterprise and SMB markets develop specific features for each market. multifunction SMB products and larger enterprise firewalls might compete for the same budget. too.

this will become a valid option for most organizations. in the cloud is acceptable. 2016. each office is similar to an autonomous organization. Placing the management and monitoring consoles fully in the cloud is generally a first step. From an economic perspective. but also from upper-midsize organizations. The promise of automated quarantine of infected hosts triggers additional interest from SMBs to integrate the endpoint with the network firewall. More frequent user interface updates are also a real advantage to the cloud. The promise of FWaaS is to provide simpler and more flexible architecture by leveraging centralized policy management.gartner. multiple enterprise firewall features and traffic tunneling to partially or fully move security inspections to a cloud infrastructure. This includes MSSPs for SMBs and distributed enterprises such as retailers. Despite centralized purchase and maintenance centers. utilizing a cloud management solution should at least minimize management costs. but end-user organizations should evaluate whether hosting their firewall configuration. In Gartner client surveys (see Note 3 consideration about self-evaluation bias). Gartner analysts hear more frequently from distributed organizations. Gartner first added firewall as a service to the "Hype Cycle for Infrastructure Protection. These thinner on-premises approaches could increasingly compete with UTM vendors' offerings." (https://www. The End of the Thick "All-in-One" Physical Appliance Era Is Slowly Approaching More UTM providers now target distributed organizations that have needs similar to those of midsize organizations.gartner. https://www. when asked about future scenarios for their UTM purchase: 29% are likely (15%) or very likely (14%) to consider a cloud-based management console 15% are likely (11%) or very likely (4%) to consider a cloud-based secure web gateway 14% are likely (8%) or very likely (6%) to consider moving all the security features to a firewall as a service (FWaaS) solution Due to the increasing share of encrypted traffic. MSSPs like the turnkey solution. with the growth of SD-WAN and virtualized customer premises equipment (vCPE) platforms in branches (see "Market Guide for WAN Edge Infrastructure" ). Reporting and log retention are well-suited to the cloud. WAN edge infrastructure is also changing rapidly.com/document/3367417) Gartner defines FWaaS as follows: Firewall as a service (FWaaS) is a firewall delivered as a cloud-based service or hybrid solution (that is. and both markets could ultimately merge. cloud plus on-premises appliances). healthcare organizations and small government agencies. even if the privacy and residency challenges could slow down adoption in some regions. As more vendors will offer direct integration with their own cloud-based secure web gateway.2017-6-26 Gartner Reprint The fear of ransomware infection drives the adoption of cloud-based sandboxing subscriptions. that they consider shifting and lifting web security features from the edge firewall to a cloud-based secure web gateway to reduce their dependency on the appliance.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 30/51 . or one from a third-party vendor. including the filtering policy. with security workloads transferred to a cloud infrastructure. but not exclusively.

and revenue of $100 million to $500 million (see "Gartner's Small and Midsize Business Market Definition.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 31/51 . Gartner believes that. while midsize businesses are usually defined as companies with between 100 and 1. It took eight years for cloud-based secure web gateways to represent 27% of the total market. Note 2 UTM Revenue Differentiation Gartner does not include branch office firewall revenue as UTM revenue. the transition to the cloud could take more time for UTM. but also end-user references and reseller references submitted by vendors. limited trust in a foreign supplier and other privacy concerns would be additional reasons to avoid the cloud model. Based on today's level of interest. Small businesses usually have fewer than 100 employees. Gartner surveys its clients.000 employees.gartner. Note 1 Small or Midsize Business Market Definition Gartner generally defines SMBs by the number of employees and/or annual revenue they have.2017-6-26 Gartner Reprint The promise. feature sets. Evaluation Criteria Definitions Ability to Execute Product/Service: Core goods and services offered by the vendor for the defined market. while midsize businesses are defined as those with less than $1 billion in annual revenue. This includes current product/service capabilities. In some regions and industry verticals. and numbers should not be taken literally. 80% of the companies that Gartner analysts speak with have between 100 and 999 employees. especially for distributed organizations and MSSPs. Typically. Self-evaluation surveys tend to give inflated numbers compared to reality. skills and so on. The market size and growth are estimated compared with numbers from the previous UTM Magic Quadrant. quality. The secondary attribute used most often is annual revenue. When results are included in this research. whether offered natively or through OEM agreements/partnerships as defined in the market definition and https://www. The primary attribute used most often is the number of employees. and the general trends. Small businesses are usually defined as those with less than $50 million in annual revenue. 2013 Update" ). it is because they accurately reflect how the different answers rank. a portion of the SMB market will not accept this exclusively cloud model due to latency and the need to access the console when under attack. although it's convenient for the vendors to do so. Note 3 Customer and Reseller Survey In addition to hundreds of end-user inquiries about firewall that Gartner analysts conduct every year. is to better manage complexity and reduce dependency on thick on-premises hardware such as UTM.

the financial and practical success of the business unit. and can shape or enhance those with their added vision. Specifically. competitors act. availability of user groups. will continue offering the product and will advance the state of the art within the organization's portfolio of products. marketing. be flexible and achieve competitive success as opportunities develop. This "mind share" can be driven by a combination of publicity. Factors include the quality of the organizational structure. Customer Experience: Relationships. increase awareness of the products. Market Responsiveness/Record: Ability to respond. and communication affiliates that extend the scope and depth of market reach.gartner. systems and other vehicles that enable the organization to operate effectively and efficiently on an ongoing basis. and establish a positive identification with the product/brand and organization in the minds of buyers. word of mouth and sales activities. including skills.2017-6-26 Gartner Reprint detailed in the subcriteria. advertising. products and services/programs that enable clients to be successful with the products evaluated. technologies. Sales Strategy: The strategy for selling products that uses the appropriate network of direct and indirect sales. Operations: The ability of the organization to meet its goals and commitments. creativity and efficacy of programs designed to deliver the organization's message to influence the market. this includes the ways customers receive technical support or account support. and the overall effectiveness of the sales channel. thought leadership. service. customer needs evolve and market dynamics change. This includes deal management. Completeness of Vision Market Understanding: Ability of the vendor to understand buyers' wants and needs and to translate those into products and services. Marketing Execution: The clarity. functionality. and the likelihood that the individual business unit will continue investing in the product. change direction.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 32/51 . pricing and negotiation. expertise. differentiated set of messages consistently communicated throughout the organization and externalized through the website. Business Model: The soundness and logic of the vendor's underlying business proposition. quality. skills. experiences. promotional initiatives. programs. This criterion also considers the vendor's history of responsiveness. service-level agreements and so on. promote the brand and business. Marketing Strategy: A clear. Vendors that show the highest degree of vision listen to and understand buyers' wants and needs. services and the customer base. Overall Viability: Viability includes an assessment of the overall organization's financial health. Offering (Product) Strategy: The vendor's approach to product development and delivery that emphasizes differentiation. methodology and feature sets as they map to current and future requirements. customer programs and positioning statements. customer support programs (and the quality thereof). https://www. Sales Execution/Pricing: The vendor's capabilities in all presales activities and the structure that supports them. This can also include ancillary tools. presales support.

Although Gartner research may include a discussion of related legal issues.gartner.jsp) Careers (http://www. defensive or pre-emptive purposes. This publication consists of the opinions of Gartner's research organization and should not be construed as statements of fact.com/newsroom/) Policies (http://www. Gartner is a public company.com/technology/contact/contact_gartner.gartner. manufacturers and sellers.com/technology/about/policies/guidelines_ov. Gartner research is produced independently by its research organization without input or influence from these firms. Geographic Strategy: The vendor's strategy to direct resources. and/or its affiliates.com/technology/site-index. expertise or capital for investment.gartner.com/privacy) Site Index (http://www.com. related. completeness or adequacy of such information and shall have no liability for errors. channels and subsidiaries as appropriate for that geography and market. see "Guiding Principles on Independence and Objectivity.2017-6-26 Gartner Reprint Vertical/Industry Strategy: The vendor's strategy to direct resources. For further information on the independence and integrity of Gartner research. Inc. funds or their managers.gartner. Gartner provides information technology research and advisory services to a wide range of technology consumers.com/it-glossary/) Contact Gartner (http://www.com/technology/careers/) Newsroom (http://www.gartner.gartner. The opinions expressed herein are subject to change without notice. (https://www.jsp?cm_sp=bac-_-reprint-_-banner) © 2017 Gartner. omissions or inadequacies in such information. and may have client relationships with. your use of it is subject to the Usage Guidelines for Gartner Services (/technology/about/policies/usage_guidelines.gartner. Innovation: Direct.jsp) IT Glossary (http://www. Inc. Gartner's Board of Directors may include senior managers of these firms or funds. including vertical markets. skills and offerings to meet the specific needs of geographies outside the "home" or native geography. and derive revenues from.jsp)" About (http://www.gartner. either directly or through partners.jsp) posted on gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 33/51 . skills and offerings to meet the specific needs of individual market segments. companies discussed herein.gartner. (/technology/about/ombudsman/omb_guide2.gartner. or its affiliates.com/technology/about. complementary and synergistic layouts of resources. consolidation. Gartner does not provide legal advice or services and its research should not be construed or used as such.jsp) Privacy (https://www. This publication may not be reproduced or distributed in any form without Gartner's prior written permission. Gartner disclaims all warranties as to the accuracy. Gartner is a registered trademark of Gartner. The information contained in this publication has been obtained from sources believed to be reliable.com/technology/contact/become-a-client. All rights reserved. If you are authorized to access this publication.jsp) https://www. and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research.

gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 34/51 .2017-6-26 Gartner Reprint https://www.

2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 35/51 .gartner.

gartner.2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 36/51 .

gartner.2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 37/51 .

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 38/51 .gartner.2017-6-26 Gartner Reprint https://www.

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 39/51 .gartner.2017-6-26 Gartner Reprint https://www.

2017-6-26 Gartner Reprint https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 40/51 .

2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 41/51 .gartner.

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 42/51 .gartner.2017-6-26 Gartner Reprint https://www.

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 43/51 .gartner.2017-6-26 Gartner Reprint https://www.

gartner.2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 44/51 .

gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 45/51 .2017-6-26 Gartner Reprint https://www.

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 46/51 .2017-6-26 Gartner Reprint https://www.gartner.

2017-6-26 Gartner Reprint https://www.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 47/51 .gartner.

2017-6-26 Gartner Reprint https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 48/51 .

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 49/51 .gartner.2017-6-26 Gartner Reprint https://www.

com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 50/51 .gartner.2017-6-26 Gartner Reprint https://www.

2017-6-26 Gartner Reprint https://www.gartner.com/doc/reprints?id=1-43R5S9W&ct=170621&st=sb 51/51 .