2019度網(wǎng)絡(luò)防火墻的魔力象限報(bào)告

Magic Quadrant for Network Firewalls
用于網(wǎng)絡(luò)防火墻的魔力象限
Published 17 September 2019 - ID G00375686 - 86 min read

With firewall providers embedding multiple security features in firewalls and enabling integration and automation capabilities with other security products, firewalls are evolving into network security platforms.
隨著防火墻提供商在防火墻中嵌入多種安全特性，并支持與其他安全產(chǎn)品的集成和自動(dòng)化功能，防火墻正在演變?yōu)榫W(wǎng)絡(luò)安全平臺(tái)。
? Strategic Planning Assumptions
? 戰(zhàn)略規(guī)劃目標(biāo)

By 2024, 20% of new distributed branch office firewall deployments will switch to firewall as a service, up from less than 5% today.
到2024年，20%的新的分布式分支機(jī)構(gòu)防火墻部署將以服務(wù)的形式切換到防火墻，而目前這一比例不到5%。
By 2024, 25% of new firewall deployments will have users consider cloud-native firewall policy support of infrastructure as a service (IaaS) platforms as a mandatory selection criterion, from less than 5% today.
到2024年，25%的新防火墻部署將要求用戶將基礎(chǔ)設(shè)施即服務(wù)(IaaS)平臺(tái)的云本地防火墻策略支持作為強(qiáng)制選擇標(biāo)準(zhǔn)，而目前這一比例還不到5%。
By year-end 2024, 25% of firewall end-user spend will be contained within larger security “platform” deals delivered by enterprise license agreements (ELAs), up from less than 5% today.
到2024年年底，由企業(yè)許可協(xié)議(ELAs)提供的更大的安全“平臺(tái)”交易將占到防火墻終端用戶支出的25%，而目前這一比例還不到5%。
By 2024, 50% of new firewall purchases in distributed enterprises will utilize SD-WAN features with growing adoption of cloud-based services, up from less than 20% today.
到2024年，在分布式企業(yè)中購(gòu)買的新防火墻中，有50%將使用基于云服務(wù)的SD-WAN特性，而目前這一比例還不到20%。
Market Definition/Description市場(chǎng)定義/描述
This year, Gartner has modified the definition of network firewalls. As we are observing more clients moving toward hybrid networks and seeking firewall capabilities in the cloud, cloud vendors are also offering native firewall capabilities to their clients.
今年，Gartner修改了網(wǎng)絡(luò)防火墻的定義。隨著我們觀察到越來(lái)越多的客戶端轉(zhuǎn)向混合網(wǎng)絡(luò)，并在云中尋找防火墻功能，云供應(yīng)商也在為他們的客戶端提供本地防火墻功能。
The traditional firewalls also offer support for these cloud platforms. Hence, starting this year, Gartner has started to also evaluate the native firewall capabilities of cloud providers, along with stand-alone firewall vendors. Also this year, the Magic Quadrants for Enterprise Firewalls and Unified Threat Management (UTM) have been consolidated into a single Magic Quadrant for Network Firewalls.
傳統(tǒng)的防火墻還提供對(duì)這些云平臺(tái)的支持。因此，從今年開始，Gartner也開始評(píng)估云提供商的本地防火墻功能，以及獨(dú)立的防火墻供應(yīng)商。同樣在今年，用于企業(yè)防火墻和統(tǒng)一威脅管理(UTM)的魔力象限也被合并到用于網(wǎng)絡(luò)防火墻的單個(gè)魔力象限中。
Gartner defines the network firewall market as follows: The network firewall market represented by this Magic Quadrant is composed primarily of firewalls offering bidirectional controls (both egress and ingress) for securing networks.
Gartner對(duì)網(wǎng)絡(luò)防火墻市場(chǎng)的定義如下:這個(gè)魔力象限所代表的網(wǎng)絡(luò)防火墻市場(chǎng)主要由提供雙向控制(出口和入口)以保護(hù)網(wǎng)絡(luò)的防火墻組成。
These networks can be on-premises, hybrid (on-premises and cloud), public cloud or private cloud. Network firewalls can also offer additional capabilities such as application awareness and control, intrusion detection and prevention, advanced malware detection, logging, and reporting.
這些網(wǎng)絡(luò)可以是主集群、混合型(主集群和cloud)、公有云或私有云。網(wǎng)絡(luò)防火墻還可以提供其他功能，如應(yīng)用程序感知和控制、***檢測(cè)和預(yù)防、高級(jí)惡意軟件檢測(cè)、日志記錄和報(bào)告。
The companies that serve this market have an identifiable focus on network-based firewall controls — as demonstrated by the proportion of their sales and delivered with their support, sales teams and channels. These vendors provide features dedicated to solve firewall requirements and serve firewall-related use cases.
服務(wù)于這一市場(chǎng)的公司有一個(gè)明確的重點(diǎn)，即基于網(wǎng)絡(luò)的防火墻控制——這可以從他們的銷售比例和他們的支持、銷售團(tuán)隊(duì)和渠道中得到證明。這些供應(yīng)商提供專門用于解決防火墻需求的特性，并提供與防火墻相關(guān)的用例。
This Magic Quadrant includes the following types of network firewalls:
這個(gè)神奇的象限包括以下類型的網(wǎng)絡(luò)防火墻:
? Purpose-built physical appliances專用的物理設(shè)備
? Virtual appliances虛擬設(shè)備
?
? An embedded firewall module嵌入式防火墻模塊
? Firewall controls delivered from IaaS platform providersIaaS平臺(tái)提供商提供的防火墻控制
Magic Quadrant
Figure 1. Magic Quadrant for Network Firewalls
Source: Gartner (September 2019)

Vendor Strengths and Cautions
供應(yīng)商的優(yōu)勢(shì)和注意事項(xiàng)
Barracuda
Barracuda is based in Campbell, California. Its firewalls are visible on public IaaS platforms and in SD-WAN-related use cases on Gartner clients’ shortlists.
梭子魚建立在加利福尼亞州的坎貝爾。它的防火墻可以在公共IaaS平臺(tái)和Gartner客戶的入圍名單上與sd - wan相關(guān)的用例中看到。
These days, with a growing number of firewall vendors offering support for public cloud, Barracuda is facing strong competition because of limited visibility in the on-premises firewall use case. The vendor continues to introduce enhancements related to support for public IaaS platforms and SD-WAN. It is primarily shortlisted by midsize enterprises.
這些天來(lái)，隨著越來(lái)越多的防火墻供應(yīng)商提供對(duì)公共云的支持，Barracuda面臨著激烈的競(jìng)爭(zhēng)，因?yàn)樵诒镜胤阑饓τ美锌梢娦杂邢?。供?yīng)商繼續(xù)介紹與支持公共IaaS平臺(tái)和SD-WAN相關(guān)的增強(qiáng)功能。它主要是由中型企業(yè)入圍的。
Barracuda targets organizations looking for cost-effective security solutions. Its firewall product line (CloudGen Firewall F-Series) includes physical and virtual appliances. It is available on the popular public IaaS platforms Amazon Web Services (AWS), Microsoft Azure and Google Cloud.
Barracuda的目標(biāo)是尋找經(jīng)濟(jì)有效的安全解決方案的組織。其防火墻產(chǎn)品線(CloudGen防火墻f系列)包括物理和虛擬設(shè)備。它可以在流行的公共IaaS平臺(tái)Amazon Web Services (AWS)、Microsoft Azure和谷歌云上使用。
Its firewall centralized management solution, Control Center, is only available as either a software appliance or a public cloud image. Its security portfolio extends beyond firewalls to web application firewalls, data protection and email security solutions.
它的防火墻集中管理解決方案Control Center只能作為軟件設(shè)備或公共云映像使用。其安全投資組合已從防火墻擴(kuò)展到web應(yīng)用程序防火墻、數(shù)據(jù)保護(hù)和電子郵件安全解決方案。
Recent product updates include integration with macmon for network access control (NAC) and full integration, and support for Microsoft Azure Virtual WAN, as well as new firewall instances in Microsoft Azure, Google Cloud Platform and AWS. Barracuda also discontinued its hardware appliances for centralized management, focusing on virtual and IaaS deployments.
最近的產(chǎn)品更新包括與macmon網(wǎng)絡(luò)訪問控制(NAC)的集成和完全集成，以及對(duì)Microsoft Azure虛擬WAN的支持，以及Microsoft Azure、谷歌云平臺(tái)和AWS中的新的防火墻實(shí)例。Barracuda也停止了硬件設(shè)備的集中管理，專注于虛擬和IaaS部署。
Strengths優(yōu)勢(shì) SD- WAN軟件定義廣域網(wǎng)：是將SDN技術(shù)應(yīng)用到廣域網(wǎng)場(chǎng)景中所形成的一種服務(wù)，這種服務(wù)用于連接廣闊地理范圍的企業(yè)網(wǎng)絡(luò)、數(shù)據(jù)中心、互聯(lián)網(wǎng)應(yīng)用及云服務(wù)。
? SD-WAN: Barracuda offers mature SD-WAN capabilities within its firewalls. It has extended this SD-WAN support, including tunnels between Barracuda devices and support of the new Microsoft Azure Virtual WAN.
? SD-WAN: Barracuda在其防火墻內(nèi)提供成熟的SD-WAN功能。它擴(kuò)展了對(duì)SD-WAN的支持，包括Barracuda設(shè)備之間的隧道和對(duì)新的Microsoft Azure虛擬WAN的支持。
? Product: Barracuda continues to enhance support for public IaaS platforms. It offers easy-to-use templates for connecting on-premises environments to multiple public IaaS vendors, specifically AWS, Microsoft Azure and Google Cloud Platform for creating policies and rules. Cloud connections to all cloud providers are configured and monitored from the centralized management console.
? 產(chǎn)品:梭子魚繼續(xù)加強(qiáng)對(duì)公共IaaS平臺(tái)的支持。它提供了易于使用的模板，用于將本地環(huán)境連接到多個(gè)公共IaaS供應(yīng)商，特別是AWS、Microsoft Azure和谷歌云平臺(tái)，用于創(chuàng)建策略和規(guī)則。從集中式管理控制臺(tái)配置和監(jiān)視到所有云提供商的云連接。
? NAC: In addition to offering integration with macmon (an NAC vendor), the vendor offers a lightweight NAC solution called Barracuda Network Access Client combined with its SSL solution for basic client health checks.
? 除了提供與macmon(一個(gè)NAC供應(yīng)商)的集成之外，該供應(yīng)商還提供了一種輕量級(jí)的NAC解決方案，稱為Barracuda Network Access Client，它結(jié)合了SSL 解決方案，用于基本的客戶端健康檢查。
? Customer Feedback: Surveyed customers report higher-than-average overall satisfaction, with Barracuda highlighting ease of deployment, centralized management and service.
? 客戶反饋:接受調(diào)查的客戶總體滿意度高于平均水平，梭子魚強(qiáng)調(diào)部署的便利性、集中管理和服務(wù)。
? Product Strategy: The retirement of the small and midsize business (SMB)-oriented X-Series and on-premises management appliance simplifies the overall product line and centralized management options.
? 產(chǎn)品策略:退休的面向中小型企業(yè)(SMB)的x系列和本地管理設(shè)備簡(jiǎn)化了整體產(chǎn)品線和集中管理選項(xiàng)。
Cautions注意事項(xiàng)
? Customer Experience: A lack of a complete set of APIs and missing integration with the Barracuda Content Shield endpoint security solution were cited as key concerns by customers surveyed. However, in the recent firmware release (8.0), the vendor has made enhancements by offering support for relatively more APIs.
? 客戶體驗(yàn):缺少一套完整的api，并且缺少與Barracuda Content Shield端點(diǎn)安全解決方案的集成，這些都是被調(diào)查的客戶所關(guān)注的關(guān)鍵問題。然而，在最近的固件版本(8.0)中，供應(yīng)商通過提供對(duì)更多api的支持進(jìn)行了增強(qiáng)。
? Sales Execution: While the vendor offers firewall appliances scaling from 1.2 Gbps to 46 Gbps (pure stateful inspection throughput), Gartner does not see them as a preferred shortlist for data center and enterprise perimeter use cases by Gartner clients.
? 銷售執(zhí)行:雖然供應(yīng)商提供的防火墻設(shè)備從1.2 Gbps擴(kuò)展到46 Gbps(純有狀態(tài)檢查吞吐量)，但Gartner并不認(rèn)為它們是Gartner客戶的數(shù)據(jù)中心和企業(yè)邊界用例的首選候選名單。
? Marketing Execution: Resellers express concern that potential customers do not see the vendor as enterprise-grade or competing with larger competitors. Despite receiving high marks for ease of cloud connectivity with CloudGen Firewalls, the overall adoption rate of virtual firewall instances within IaaS as either pay-as-you-go or bring-your-own licenses remains low.
? 營(yíng)銷執(zhí)行:經(jīng)銷商表示，他們擔(dān)心潛在客戶不認(rèn)為該供應(yīng)商是企業(yè)級(jí)的或與更大的競(jìng)爭(zhēng)對(duì)手競(jìng)爭(zhēng)。盡管CloudGen防火墻在云連接方面獲得了很高的分?jǐn)?shù)，但I(xiàn)aaS中虛擬防火墻實(shí)例的總體采用率(即使用即付或自帶許可)仍然很低。
? Geographic Strategy: Barracuda remains primarily focused on North America and Europe, and is not often seen in South America, the Asia/Pacific region and the Middle East.
? 地理戰(zhàn)略:梭子魚的市場(chǎng)主要集中在北美和歐洲，在南美、亞太地區(qū)和中東并不常見。
? Market Responsiveness: Barracuda lacks a FWaaS offering and any cloud access security broker (CASB) integration, which is a favorable requirement with the growing use of SaaS applications. The firewalls also lack support for SDN platforms.
? 市場(chǎng)響應(yīng)性:Barracuda缺乏FWaaS產(chǎn)品和任何云訪問安全代理(CASB)集成，這是SaaS應(yīng)用程序使用不斷增長(zhǎng)的有利需求。防火墻也缺乏對(duì)SDN平臺(tái)的支持
? Sandboxing: The vendor lacks an on-premises network sandboxing product, but offers integration with Lastline.
? 沙盒:供應(yīng)商缺少本地網(wǎng)絡(luò)沙箱產(chǎn)品，但提供與Lastline的集成
? Product Certification: Barracuda firewalls lack certain certifications that are important to enterprises with heavy regulations such as Common Criteria EAL4.
? 產(chǎn)品認(rèn)證:Barracuda防火墻缺乏某些認(rèn)證，而這些認(rèn)證對(duì)于法規(guī)嚴(yán)格的企業(yè)來(lái)說(shuō)非常重要，比如通用標(biāo)準(zhǔn)EAL4。
Check Point Software Technologies CP軟件技術(shù)科技
Check Point Software Technologies is a global pure-play security vendor, with headquarters in Tel Aviv, Israel, and San Carlos, California. Its firewalls are facing strong competition from leading firewall players in the market.
Check Point Software Technologies是一家全球性的純安全性供應(yīng)商，總部位于以色列的特拉維夫和加州的圣卡洛斯。它的防火墻正面臨來(lái)自市場(chǎng)領(lǐng)先防火墻廠商的激烈競(jìng)爭(zhēng)。
Gartner is gradually noticing the vendor’s decreasing visibility for different firewall use cases in client inquiries as compared to other Leaders. With Check Point now showing a focus on cloud and application security with acquisitions, if executed well, it can gain traction in these use cases.
Gartner逐漸注意到，與其他領(lǐng)導(dǎo)者相比，供應(yīng)商在客戶詢問中對(duì)不同防火墻用例的可見性在下降。Check Point現(xiàn)在將重點(diǎn)放在云和應(yīng)用程序安全上，如果執(zhí)行良好，它可以在這些用例中獲得支持。
Check Point’s security portfolio, branded as the Check Point Infinity Architecture, includes enterprise firewall appliances (Security Gateway), virtual appliances available on the major cloud platforms (the CloudGuard brand, which includes CloudGuard IaaS, CloudGuard SaaS, CloudGuard Dome9 and CloudGuard Log.ic).
Check Point的安全組合，被稱為Check Point Infinity架構(gòu)，包括企業(yè)防火墻設(shè)備(安全網(wǎng)關(guān))，主要云平臺(tái)上可用的虛擬設(shè)備(CloudGuard品牌，包括CloudGuard IaaS、CloudGuard SaaS、CloudGuard Dome9和CloudGuard Log.ic)。
The SandBlast brand encompasses threat prevention technologies, including network sandboxing appliances, an endpoint security solution (SandBlast Agent) and a mobile security solution (SandBlast Mobile). Check Point’s centralized management suites (Security Management, SmartEvent and Compliance) are available as a physical appliance (Smart-1 security management appliance) or as software, with a Windows-based management console (SmartConsole).
噴沙品牌包含威脅預(yù)防技術(shù)，包括網(wǎng)絡(luò)沙盒設(shè)備、端點(diǎn)安全解決方案(噴沙代理)和移動(dòng)安全解決方案(噴沙移動(dòng))。Check Point的集中管理套件(安全管理、SmartEvent和遵從性)可以作為物理設(shè)備(Smart-1安全管理設(shè)備)或軟件使用，帶有基于windows的管理控制臺(tái)(SmartConsole)。
Checkpoint introduced four new Security Gateway appliances in the past year. In addition, it acquired Dome9 for cloud security posture management (CSPM) and ForceNock for web application and API protection (WAAP) security. The vendor offers 23 Security Gateway models — from lower-end options to high-end appliances with 1.6 Tbps throughput.
在過去的一年里，Check Point引入了四個(gè)新的安全網(wǎng)關(guān)設(shè)備。此外，它還收購(gòu)了Dome9用于云安全態(tài)勢(shì)管理(CSPM)和ForceNock用于web應(yīng)用程序和API保護(hù)(WAAP)安全。該供應(yīng)商提供23個(gè)安全網(wǎng)關(guān)模型——從低端選擇到1.6 Tbps吞吐量的高端設(shè)備。
Strengths
? Pricing Strategy: Check Point offers a simple pricing model where appliances come with a choice of three bundles of subscriptions: Next Generation Firewall (firewall, intrusion detection and prevention system [IDPS], application control and URL filtering), Next Generation Threat Prevention (Next Generation Firewall features plus antivirus, anti-spam and anti-bot), and Next Generation Threat Prevention & SandBlast NGTX (NGTP plus sandboxing and content disarm and reconstruction). Check Point also offers the Infinity Total Protection ELA, as well as a-la-carte pricing.
? 定價(jià)策略:CP提供了一個(gè)簡(jiǎn)單的定價(jià)模型,電器有選擇訂閱的三個(gè)包:下一代防火墻(防火墻、*檢測(cè)和預(yù)防系統(tǒng)(idps)、應(yīng)用程序控制和URL過濾),下一代威脅的預(yù)防(贏面下一代防火墻功能+防病毒、防垃圾短信和的反傀儡程式),預(yù)防和下一代的威脅和沙盒仿真NGTX (NGTP加上沙盒和內(nèi)容解除和重建)。CP還提供無(wú)限總保護(hù)ELA，以及a-la-點(diǎn)菜定價(jià)。
? Product Execution: Check Point has one of the largest threat research teams among the vendors evaluated in this research. It also offers a third-party threat intelligence feed as an additional option for customers, further increasing the scope of its threat intelligence offering. The vendor’s attach rates for its add-on products are higher than many competitors, which improves its threat intelligence capabilities.
? 產(chǎn)品執(zhí)行:在本研究中評(píng)估的供應(yīng)商中，Check Point擁有最大的威脅研究團(tuán)隊(duì)之一。它還為客戶提供了一個(gè)第三方威脅情報(bào)提要作為一個(gè)額外的選項(xiàng)，進(jìn)一步擴(kuò)大了其威脅情報(bào)提供的范圍。該供應(yīng)商的附加產(chǎn)品的附加率高于許多競(jìng)爭(zhēng)對(duì)手，這提高了其威脅情報(bào)能力。
? Partners: Check Point has a historically strong partner ecosystem, with VMware, Silver Peak, Microsoft and Radware being the recent additions. The vendor has also launched a new partner program called Check Point Engage that rewards providers that strengthen relationships with Check Point customers focused on cloud and mobile over hardware purchases.
? 合作伙伴:Check Point有一個(gè)強(qiáng)大的合作伙伴生態(tài)系統(tǒng)，VMware、Silver Peak、Microsoft和Radware是最近加入的。該公司還推出了一個(gè)名為Check Point Engage的新合作項(xiàng)目，獎(jiǎng)勵(lì)那些加強(qiáng)與Check Point客戶關(guān)系的供應(yīng)商，這些客戶關(guān)注的是云計(jì)算和移動(dòng)設(shè)備，而不是硬件采購(gòu)。
? Scalability: Check Point has invested heavily in building specialized offerings to respond to vertical-specific challenges, including ruggedized appliances for critical infrastructure, telecom-specific hyperscale, and protocols such as GTPv1, GTPv2, Diameter, SCTP and SS7. The Maestro Hyperscale Orchestrator appeals to certain verticals like telecommunications and carrier-grade networks that value extremely high throughput capacities.
? 可伸縮性:Check Point在構(gòu)建專門的產(chǎn)品以應(yīng)對(duì)垂直特定的挑戰(zhàn)方面投入了大量資金，包括用于關(guān)鍵基礎(chǔ)設(shè)施的加固設(shè)備、電信特定的超大規(guī)模以及諸如GTPv1、GTPv2、Diameter、SCTP和SS7等協(xié)議。Maestro超大規(guī)模管弦樂編曲吸引了某些垂直領(lǐng)域，如電信和電信級(jí)網(wǎng)絡(luò)的價(jià)值極高的吞吐量能力。
? Feature: Check Point continues to lead in centralized management offerings, even for very large, complex and highly exposed environments. Its management suite includes several features such as multidomain security management and smart provisioning to specifically serve managed security service providers (MSSPs).
? 特性:即使對(duì)于非常大、復(fù)雜和高度暴露的環(huán)境，Check Point仍然在集中式管理產(chǎn)品中處于領(lǐng)先地位。它的管理套件包括多個(gè)特性，如多域安全管理和智能供應(yīng)，以專門服務(wù)于托管安全服務(wù)提供商(MSSPs)。
? Product Support: Check Point supports a large number of private, hybrid and public IaaS environments with its CloudGuard IaaS product line, including VMware NSX, Cisco ACI, AWS, Microsoft Azure and Azure Stack, Google Cloud Platform, Oracle Cloud, OpenStack, and Alibaba Cloud. With Dome9, Check Point is showing a growing focus on public IaaS.
? 產(chǎn)品支持:Check Point以其CloudGuard IaaS產(chǎn)品線支持大量的私有、混合和公共IaaS環(huán)境，包括VMware NSX、Cisco ACI、AWS、Microsoft Azure和Azure Stack、谷歌云平臺(tái)、Oracle云、OpenStack、阿里巴巴云。通過Dome9, Check Point越來(lái)越關(guān)注公共IaaS。
Cautions
? Marketing Execution: Gartner estimates that, in 2018, Check Point lost market share to its rivals and increasingly is less visible in Gartner client inquiries. Client surveys indicate that the vendor is often left off of shortlists when clients are considering replacement of incumbent firewall vendors.
? 市場(chǎng)執(zhí)行:Gartner估計(jì)，2018年，Check Point的市場(chǎng)份額被競(jìng)爭(zhēng)對(duì)手奪走，在Gartner的客戶咨詢中越來(lái)越不顯眼?？蛻粽{(diào)查顯示，當(dāng)客戶考慮替換現(xiàn)有的防火墻供應(yīng)商時(shí)，供應(yīng)商常常被排除在候選名單之外。
? Market Responsiveness: Check Point is lagging its competition in introducing a full FWaaS offering. The vendor continues to lack the SD-WAN focus found with other firewall vendors.
? 市場(chǎng)反應(yīng):Check Point在引入全面的FWaaS方面落后于競(jìng)爭(zhēng)對(duì)手。該供應(yīng)商仍然缺乏與其他防火墻供應(yīng)商一樣的SD-WAN焦點(diǎn)。
? Product: Check Point Security Management Portal (SMP; cloud-based management console) is only available for limited firewall models and lacks support for the entire firewall series. Check Point firewalls also lack support for TLS 1.3; the product currently downgrades TLS 1.3 connections to TLS 1.2 when decrypting traffic.
? 產(chǎn)品:Check Point安全管理門戶(SMP;基于云的管理控制臺(tái))只適用于有限的防火墻模型，并且缺乏對(duì)整個(gè)防火墻系列的支持。Check Point防火墻也缺乏對(duì)TLS 1.3的支持;該產(chǎn)品目前降級(jí)TLS 1.3連接到TLS 1.2當(dāng)解密流量
? Customer Feedback: Customers and surveyed resellers perceive performance issues requiring purchase of larger appliances than anticipated, giving lower scores for overall performance, especially when enabling multiple features such as DLP. While Check Point is one of the most shortlisted firewalls for public IaaS platforms, clients cite that the installation and deployment process is not a smooth experience and often requires professional services or help from the support team.
? 客戶反饋:客戶和被調(diào)查的分銷商認(rèn)為性能問題需要購(gòu)買比預(yù)期更大的設(shè)備，總體性能得分較低，特別是在啟用DLP等多個(gè)功能時(shí)。雖然Check Point是入圍公共IaaS平臺(tái)的最常見的防火墻之一，但客戶指出，安裝和部署過程并不順利，通常需要專業(yè)服務(wù)或支持團(tuán)隊(duì)的幫助。
? Marketing Strategy: Check Point continues to market Infinity as both an architecture and an ELA around the concept of generational threat protection (currently Gen V). Gartner clients express confusion around this messaging and which solutions the vendor can provide to help protect their environment. Check Point lacks strong positioning and product messaging.
? 市場(chǎng)策略:Check Point繼續(xù)將Infinity作為一個(gè)架構(gòu)和一個(gè)ELA圍繞代際威脅保護(hù)(目前為Gen V)的概念進(jìn)行營(yíng)銷。Check Point缺乏強(qiáng)大的定位和產(chǎn)品信息。
? Technical Support: Gartner clients continue to cite that Level 3 escalations take longer than Level 1 and Level 2 escalations, and that the vendor lacks in timely updated communication while the team is working on it.
? 技術(shù)支持:Gartner客戶繼續(xù)指出，第3級(jí)升級(jí)比第1級(jí)和第2級(jí)升級(jí)耗時(shí)更長(zhǎng)，并且在團(tuán)隊(duì)進(jìn)行升級(jí)時(shí)，供應(yīng)商缺乏及時(shí)更新的溝通。
Cisco
Cisco is a large network, infrastructure and security vendor, based in San Jose, California. It continues to offer multiple firewall models for different use cases, although many models under the different firewall product lines overlap with each other. Cisco firewalls continue to be part of large Cisco infrastructure deals. Gartner does observe the vendor being shortlisted by existing Cisco clients as one of the firewall vendors. Its vision of cloud and automation, if executed well, can help the vendor gain traction in related use cases.
思科是一家大型網(wǎng)絡(luò)、基礎(chǔ)設(shè)施和安全供應(yīng)商，總部位于加州圣何塞。它繼續(xù)為不同的用例提供多個(gè)防火墻模型，盡管不同防火墻產(chǎn)品線下的許多模型相互重疊。思科防火墻仍然是思科大型基礎(chǔ)設(shè)施交易的一部分。Gartner確實(shí)注意到該供應(yīng)商被現(xiàn)有的思科客戶列為防火墻供應(yīng)商之一。它對(duì)云和自動(dòng)化的愿景，如果執(zhí)行良好，可以幫助供應(yīng)商在相關(guān)用例中獲得牽引力。
Cisco’s security product portfolio includes many solutions, including firewalls, and it has grown continually over the past few years, mainly through acquisitions. It offers endpoint security client Cisco AMP, Cisco AnyConnect (* client), Stealthwatch and Stealthwatch Cloud (network traffic analysis [NTA]), secure web gateway (SWG), email security, network access control and a CASB — with Talos threat intelligence included with Cisco security products.
思科的安全產(chǎn)品組合包括許多解決方案，包括防火墻。在過去幾年里，思科主要通過收購(gòu)不斷發(fā)展壯大。它提供端點(diǎn)安全客戶端Cisco AMP, Cisco AnyConnect (*客戶端)，Stealthwatch和Stealthwatch云(網(wǎng)絡(luò)流量分析[NTA])，安全網(wǎng)絡(luò)網(wǎng)關(guān)(SWG)，電子郵件安全，網(wǎng)絡(luò)訪問控制和一個(gè)CASB -包括Talos威脅情報(bào)思科安全產(chǎn)品。
Cisco continues to sell multiple firewall product lines: Cisco Adaptive Security Appliance (ASA) 5500-X Series and Adaptive Security Virtual Appliance (ASAv), its virtual firewall appliances; Cisco Firepower NGFW Series, which also exists in the form of virtual appliances (NGFWv); the Meraki MX series; and Cisco IOS Firewall. The vendor also offers two industrial firewalls (the ISA series).
思科繼續(xù)銷售多個(gè)防火墻產(chǎn)品線:思科自適應(yīng)安全設(shè)備(ASA) 5500-X系列和自適應(yīng)安全虛擬設(shè)備(ASAv)，其虛擬防火墻設(shè)備;思科火力NGFW系列，也以虛擬設(shè)備(NGFWv)的形式存在;Meraki MX系列;和思科IOS防火墻。供應(yīng)商還提供了兩個(gè)工業(yè)防火墻(ISA系列).
Cisco Umbrella is the vendor’s cloud DNS security and secure web gateway. Cisco Tetration started as cloud visibility software, and recently evolved into an agent-based firewall for application and microsegmentation.
思科傘是供應(yīng)商的云DNS安全和安全的網(wǎng)絡(luò)網(wǎng)關(guān)。Cisco Tetration最初是云可視化軟件，最近發(fā)展成為一個(gè)基于代理的應(yīng)用和微分割防火墻。
Cisco Threat Response (CTR) is the Cisco web portal for threat investigation, adding context and an indicator of compromises to events sent from registered Cisco security products.
思科威脅響應(yīng)(CTR)是思科威脅調(diào)查的門戶網(wǎng)站，為注冊(cè)的思科安全產(chǎn)品發(fā)送的事件添加上下文和危害指標(biāo)。
The vendor continues its effort to build a unified centralized management console with Cisco Defense Orchestrator (CDO), which aims at managing all of its firewall product lines. The Cisco Meraki MX series also offers cloud-based management targeting distributed organization use cases.
供應(yīng)商繼續(xù)努力，以建立一個(gè)統(tǒng)一的集中式管理控制臺(tái)與思科防御編配(CDO)，旨在管理其所有的防火墻產(chǎn)品線。Cisco Meraki MX系列還提供了針對(duì)分布式組織用例的基于云的管理。
Firepower Management Center (FMC) is Cisco’s on-premises centralized management offering, available for Cisco ASA 5500-X and Firepower devices only.
火力管理中心(FMC)是思科的現(xiàn)場(chǎng)集中管理產(chǎn)品，僅適用于思科ASA 5500-X和火力設(shè)備。
Strengths
? Sales Execution: Cisco’s global footprint is a big asset when trying to convince large organizations to purchase its firewalls and adjacent security products. Gartner analysts see a large number of organizations signing ELAs with Cisco, including for a large number of Cisco Firepower firewalls. Many clients describe themselves as “Cisco shops.”
? 銷售執(zhí)行:當(dāng)試圖說(shuō)服大型組織購(gòu)買思科的防火墻和鄰近的安全產(chǎn)品時(shí)，思科的全球足跡是一項(xiàng)巨大的資產(chǎn)。Gartner分析師認(rèn)為，許多組織與思科簽署了ELAs協(xié)議，其中包括思科的大量火力防火墻。許多客戶將自己描述為“思科商店”。
? Marketing Execution: Cisco owns a broad portfolio of network and security solutions. Gartner sees the vendor enthusiastically promoting the integration and automation roadmap within its products as a strong marketing and sales strategy, which is also resonating with end users. It is also an attractive proposition for clients that want to consolidate toward a single vendor.
? 市場(chǎng)執(zhí)行:思科擁有廣泛的網(wǎng)絡(luò)和安全解決方案。Gartner認(rèn)為，供應(yīng)商熱情地在其產(chǎn)品中推廣集成和自動(dòng)化路線圖，這是一種強(qiáng)有力的營(yíng)銷和銷售策略，也引起了終端用戶的共鳴。對(duì)于希望向單個(gè)供應(yīng)商合并的客戶來(lái)說(shuō)，這也是一個(gè)有吸引力的建議。
? During inquiries, Gartner clients mention the Cisco integration story among the different Cisco products as a primary reason for the purchase.
? 在詢問中，Gartner的客戶提到了思科不同產(chǎn)品之間的集成故事，這是購(gòu)買的主要原因。
? Capability: Customers and resellers continue to give high scores to Talos threat research and to advanced malware protection (AMP) features available on Firepower. Existing Sourcefire customers also like the IDPS integration on Firepower.
? 能力:客戶和經(jīng)銷商繼續(xù)給予高度評(píng)價(jià)Talos威脅研究和先進(jìn)的惡意軟件保護(hù)(AMP)功能可用的火力。現(xiàn)有的Sourcefire客戶也喜歡集成在“火力”上的IDPS。
? Capability: Cisco Meraki MX appeals to distributed organizations looking for ease of deployment and maintenance. Cisco Meraki MX’s proprietary auto-* and SD-WAN simplify site-to-site deployments when using only Meraki devices.
? 能力:Cisco Meraki MX呼吁尋求部署和維護(hù)的簡(jiǎn)便性的分布式組織。Cisco Meraki MX的專有自動(dòng)和SD-WAN在僅使用Meraki設(shè)備時(shí)簡(jiǎn)化了站點(diǎn)到站點(diǎn)的部署。
? Feature: The Cisco AnyConnect client offers support for most mobile devices and their OSs. Gartner constantly receives inquiries in which clients rate the offered by the vendor as higher compared to other vendors. They state that the tunnels are stable and users do not experience disconnected sessions. Many Gartner clients that replace their Cisco ASAs with a firewall from a different vendor continue to use ASAs for only.
? 特點(diǎn):思科AnyConnect 客戶端為大多數(shù)移動(dòng)設(shè)備及其操作系統(tǒng)提供支持。Gartner經(jīng)常收到客戶的詢問，其中客戶對(duì)供應(yīng)商提供的的評(píng)價(jià)高于其他供應(yīng)商。他們表示隧道是穩(wěn)定的，用戶不會(huì)經(jīng)歷斷開的會(huì)話。許多Gartner的客戶用來(lái)自不同供應(yīng)商的防火墻替換了他們的Cisco as，他們?nèi)匀恢粚SAs用于*。
Cautions
? Project Execution: While Cisco has made progress on its competitive positioning, it struggles to win firewall evaluation against other competitors in pure firewall deals based on technical evaluation alone. This puts Cisco in a difficult spot when the three vendors offer similar prices, which is more frequent than in the past due to recent pricing strategy changes from Cisco and its competitors.
? 項(xiàng)目執(zhí)行:雖然思科在競(jìng)爭(zhēng)定位上取得了進(jìn)展，但在純粹的基于技術(shù)評(píng)估的防火墻交易中，思科很難從其他競(jìng)爭(zhēng)對(duì)手那里贏得防火墻評(píng)估。當(dāng)這三家供應(yīng)商提供類似的價(jià)格時(shí)，思科陷入了一個(gè)困難的境地。由于思科及其競(jìng)爭(zhēng)對(duì)手最近改變了定價(jià)策略，這種情況比以往更加頻繁。
? Product Execution: Cisco clients that have purchased multiple Cisco security products with Cisco Firepower firewall to utilize integration and automation capabilities, as highlighted by the vendor at the time of sales, are often disappointed when they don’t work in their environment. Gartner clients often cite the lack of automation between Cisco ISE (NAC solution) and Cisco Firepower as quite frustrating. Gartner highly recommends that clients evaluate the integration capabilities between different Cisco products before purchase.
? 產(chǎn)品執(zhí)行:Cisco的客戶購(gòu)買了多個(gè)Cisco安全產(chǎn)品，并使用了Cisco的“火力防火墻”來(lái)利用集成和自動(dòng)化功能，正如供應(yīng)商在銷售時(shí)強(qiáng)調(diào)的那樣，當(dāng)他們不能在自己的環(huán)境中工作時(shí)，常常會(huì)感到失望。Gartner的客戶經(jīng)常說(shuō)，思科的ISE (NAC解決方案)和思科的“火力”之間缺乏自動(dòng)化是非常令人沮喪的。Gartner強(qiáng)烈建議客戶在購(gòu)買之前評(píng)估對(duì)比不同思科產(chǎn)品之間的集成能力。
? Product Execution: Cisco Meraki MX, Firepower and, increasingly, Viptela can be relevant in overlapping use cases for distributed organizations with SD-WAN requirements. As the three solutions do not have full feature parity, prospective clients and Cisco resellers struggle to build an architecture when it needs to combine multiple solutions. CDO is still a work in progress and lacks fully featured unified management, which could help with the issue.
? 產(chǎn)品執(zhí)行:Cisco Meraki MX、和Viptela在具有SD-WAN需求的分布式組織的重疊用例中可能越來(lái)越重要。由于這三種解決方案沒有完全的功能對(duì)等，潛在客戶和思科經(jīng)銷商在需要組合多個(gè)解決方案時(shí)，很難構(gòu)建架構(gòu)。CDO還在進(jìn)行中，缺乏全功能的統(tǒng)一管理，這有助于解決問題。
? Capabilities: Cisco Firepower lacks SD-WAN features and zero-touch deployment. Gartner observes that Cisco clients are less likely to use application control, TLS decryption and URL filtering features. Surveyed customers also express frustration with the lack of comprehensive real-time logging and reporting solutions.
? 能力:思科火力缺乏SD-WAN功能和零接觸部署。Gartner指出，思科客戶不太可能使用應(yīng)用程序控制、TLS解密和URL過濾功能。被調(diào)查的客戶還對(duì)缺乏全面的實(shí)時(shí)日志記錄和報(bào)告解決方案表示失望。
? Geographic Strategy: Gartner is noticing declining visibility of Cisco firewalls in pure firewall deals outside North America in client inquiries. The vendor is more visible in other regions as part of large Cisco infrastructure deals. Gartner has also observed more focus by the vendor on expanding the Cisco Meraki MX product line in the U.S. and U.K.
? 地理戰(zhàn)略:Gartner注意到，思科防火墻在北美以外的客戶咨詢業(yè)務(wù)中，純防火墻業(yè)務(wù)的可看性正在下降。作為思科大型基礎(chǔ)設(shè)施交易的一部分，思科在其它地區(qū)的知名度更高。Gartner還注意到，思科更加注重在美國(guó)和英國(guó)擴(kuò)展思科Meraki MX產(chǎn)品線
? Capabilities: Cisco clients continue to complain about their inability to effectively deploy Firepower virtual machines on IaaS platforms. They mention stability issues and feature inconsistencies. Gartner also does not see Cisco being deployed on public cloud, compared to competitors.
? 功能:思科客戶繼續(xù)抱怨他們無(wú)法有效地在IaaS平臺(tái)上部署火力虛擬機(jī)。他們提到穩(wěn)定性問題和特性的不一致性。與競(jìng)爭(zhēng)對(duì)手相比，Gartner也認(rèn)為思科不會(huì)部署在公共云上。
? Customer Experience: Cisco scored lower than average on surveyed customers’ satisfaction with quality of support. This aligns with what Gartner analysts observe during client inquiries, where the ability to get timely answers has been reported as degrading over time, especially when facing issues with centralized management features.
? 客戶體驗(yàn):思科在客戶對(duì)支持質(zhì)量的滿意度調(diào)查中得分低于平均水平。這與Gartner分析師在客戶咨詢過程中觀察到的情況一致，據(jù)報(bào)道，及時(shí)獲得答案的能力會(huì)隨著時(shí)間的推移而下降，尤其是在集中管理功能出現(xiàn)問題時(shí)。
? Capability: Cisco Firepower’s management API lags in maturity behind its direct competitors. This has noticeable consequences, such as delays in support from network security policy management tools (NSPM), and the absence of integration, notably with any third-party endpoint detection and response (EDR) tools.
? 能力:思科“火力”的管理API在成熟度上落后于其直接競(jìng)爭(zhēng)對(duì)手。這帶來(lái)了明顯的后果，比如網(wǎng)絡(luò)安全策略管理工具(NSPM)的支持延遲，以及缺乏集成，特別是與任何第三方端點(diǎn)檢測(cè)和響應(yīng)(EDR)工具的集成。
F5
F5, based in Seattle, Washington, is a leading data center application delivery controller vendor. It continues to focus on data center and CSP use cases for its firewall module deployment. Clients using F5 or procuring application delivery products for the vendor should consider using the firewall module offered by the vendor. The primary use case for using the vendor’s firewall is vendor consolidation, higher throughput requirements and advanced routing capabilities.
位于華盛頓州西雅圖的F5是一家領(lǐng)先的數(shù)據(jù)中心應(yīng)用程序交付控制器供應(yīng)商。它繼續(xù)專注于數(shù)據(jù)中心和CSP用例的防火墻模塊部署。使用F5或?yàn)楣?yīng)商采購(gòu)應(yīng)用程序交付產(chǎn)品的客戶應(yīng)考慮使用供應(yīng)商提供的防火墻模塊。使用供應(yīng)商防火墻的主要用例是供應(yīng)商整合、更高的吞吐量需求和高級(jí)路由功能。
F5’s Advanced Firewall Manager (AFM) module, as a part of its BIG-IP appliances, is sometimes visible in the vendor’s quotations with other products offered. Gartner comes across existing F5 clients that want to evaluate the firewall capabilities offered by the vendor with other firewall vendors in the market. F5 firewalls have limited visibility in data centers and large enterprise deployment.
F5的高級(jí)防火墻管理器(AFM)模塊作為其BIG-IP設(shè)備的一部分，有時(shí)可以在供應(yīng)商提供的其他產(chǎn)品的報(bào)價(jià)中看到。Gartner遇到過一些現(xiàn)有的F5客戶端，他們希望與市場(chǎng)上的其他防火墻供應(yīng)商一起評(píng)估該供應(yīng)商提供的防火墻功能。F5防火墻在數(shù)據(jù)中心和大型企業(yè)部署中可見性有限。
F5’s security portfolio includes a WAF solution, access policy manager (APM), web fraud protection (WebSafe), and a DDoS mitigation solution, DDoS Hybrid Defender (DHD). Under the Silverline brand, F5 delivers a cloud WAF and DDoS protection. Its firewall product relies on the BIG-IP appliances (21 models, from 5 Gbps up to 320 Gbps) and VIPRION chassis (six models, up to 1.2TB throughput) hardware platforms, running the F5 Traffic Management Operating System (TMOS). F5 also offers 11 virtual appliances (F5 Virtual Editions [VE]) and centralized management (BIG-IQ) for its BIG-IP solutions.
F5的安全組合包括WAF解決方案、訪問策略管理器(APM)、web欺詐保護(hù)(WebSafe)和DDoS緩解解決方案、DDoS混合防御器(DHD)。在Silverline品牌下，F(xiàn)5提供了云WAF和DDoS保護(hù)。其防火墻產(chǎn)品依賴于大ip設(shè)備(21個(gè)型號(hào)，從5 Gbps到320 Gbps)和VIPRION底盤(6個(gè)型號(hào)，最高1.2TB吞吐量)硬件平臺(tái)，運(yùn)行F5流量管理操作系統(tǒng)(TMOS)。F5還為其BIG-IP解決方案提供11個(gè)虛擬設(shè)備(F5虛擬版本[VE])和集中管理(BIG-IQ)。
Recent product news includes multiple enhancements related to routing, traffic inspection and DDoS mitigation.
最近的產(chǎn)品新聞包括與路由、流量檢查和DDoS緩解相關(guān)的多個(gè)增強(qiáng)。
Strengths
? Product Strategy: F5’s software is optimized for data center and ISP infrastructure protection use cases with its highly scalable architecture, native load balancing support and focus on carrier-grade issues such as carrier-grade network address translation (CGNAT) and DDoS capabilities.
? 產(chǎn)品策略:F5的軟件針對(duì)數(shù)據(jù)中心和ISP基礎(chǔ)設(shè)施保護(hù)用例進(jìn)行了優(yōu)化，具有高度可伸縮的體系結(jié)構(gòu)、本地負(fù)載平衡支持，并專注于電信級(jí)問題，如電信級(jí)網(wǎng)絡(luò)地址轉(zhuǎn)換(CGNAT)和DDoS功能。
? Feature: The vendor offers strong load balancing and DDoS mitigation capabilities. This offers clients the ability to consolidate firewall functionality with mature application delivery and security capabilities. However, all the features come as separate products with dedicated subscriptions.
? 特性:該供應(yīng)商提供強(qiáng)大的負(fù)載平衡和DDoS緩解功能。這為客戶提供了利用成熟的應(yīng)用程序交付和安全功能來(lái)整合防火墻功能的能力。但是，所有的功能都是單獨(dú)的產(chǎn)品，并且有專門的訂閱。
? Customer Experience: F5’s customers report better-than-average satisfaction with the vendor’s technical support. Customers also report above-average performance of the F5 firewall, and cite performance and throughput as key deciding factors when selecting F5 for their firewall.
? 客戶體驗(yàn):F5的客戶對(duì)供應(yīng)商技術(shù)支持的滿意度高于平均水平。客戶還報(bào)告說(shuō)F5防火墻的性能高于平均水平，并將性能和吞吐量作為選擇F5作為防火墻的關(guān)鍵決定因素。
? Product Strategy (IaaS): F5 partners with multiple public IaaS cloud service providers including Alibaba, AWS, Azure, Google Cloud Platform, IBM and Oracle, making it a desirable shortlist candidate for mutlicloud deployments.
? 產(chǎn)品戰(zhàn)略(IaaS): F5與多個(gè)公共IaaS云服務(wù)提供商合作，包括阿里巴巴、AWS、Azure、谷歌云平臺(tái)、IBM和Oracle，使其成為多云部署的理想候選。
? Product: F5 offers strong TLS decryption in its BIG-IP appliance, as well as a dedicated TLS decryption appliance (SSL Orchestrator). F5 fully supports RFC 8446 TLS 1.3 decryption in TMOS 14.1.0.1 and higher, well ahead of many other firewall vendors, making SSL decryption capabilities stronger than the competitors.
? 產(chǎn)品:F5在其大ip設(shè)備中提供強(qiáng)大的TLS解密，以及專用的TLS解密設(shè)備(SSL編制器)。F5完全支持TMOS 14.1.0.1及更高版本的RFC 8446 TLS 1.3解密，遠(yuǎn)遠(yuǎn)領(lǐng)先于許多其他防火墻廠商，使SSL解密能力強(qiáng)于競(jìng)爭(zhēng)對(duì)手。
? Geographic Presence: F5 is a long-established application delivery vendor with a large, loyal global channel. The vendor also has a direct presence through regional offices worldwide. This makes it a strong global vendor.
? 地理位置:F5是一個(gè)歷史悠久的應(yīng)用程序交付供應(yīng)商，擁有一個(gè)大型的、忠誠(chéng)的全球渠道。該供應(yīng)商還通過全球區(qū)域辦事處直接開展業(yè)務(wù)。這使它成為一個(gè)強(qiáng)大的全球供應(yīng)商。
Cautions
? Sales Execution: F5 rarely appears on Gartner client competitive shortlists for enterprise firewall selection, and often complements other firewalls rather than replacing them. In addition, there has been significant turnover in its sales leadership, impacting reseller relationships over the past year.
? 銷售執(zhí)行:F5很少出現(xiàn)在Gartner客戶端競(jìng)爭(zhēng)企業(yè)防火墻的候選名單上，通常是對(duì)其他防火墻的補(bǔ)充，而不是取代它們。此外，在過去的一年里，其銷售領(lǐng)導(dǎo)層出現(xiàn)了很大的人員流動(dòng)，影響了經(jīng)銷商之間的關(guān)系。
? Customer Experience: F5’s customers generally report satisfaction with its product, but are reluctant to provide unqualified recommendations of it due to a lack of common firewall features, which prevents it from being used in certain use cases such as end-user perimeter firewalls. Surveyed clients have reported more reliance on the vendor’s professional services because of a lack of sufficient product documentation and steep learning curve as product limitations.
? 客戶體驗(yàn):F5的客戶通常對(duì)其產(chǎn)品表示滿意，但不愿提供不合格的建議，因?yàn)槿狈νㄓ玫姆阑饓δ?，這阻止了它在某些用例中被使用，比如終端用戶周邊的防火墻。被調(diào)查的客戶報(bào)告更多地依賴于供應(yīng)商的專業(yè)服務(wù)，因?yàn)槿狈ψ銐虻漠a(chǎn)品文檔和陡峭的學(xué)習(xí)曲線作為產(chǎn)品的局限性。
? Product: The F5 firewall lacks advanced threat detection features such as anti-malware and sandboxing, native or third-party endpoint security integration, and support for SD-WAN, which are commonly provided by vendors competing in the enterprise firewall market.
? 產(chǎn)品:F5防火墻缺乏先進(jìn)的威脅檢測(cè)功能，如反惡意軟件和沙箱、本地或第三方端點(diǎn)安全集成，以及對(duì)SD-WAN的支持，這些功能通常由企業(yè)防火墻市場(chǎng)上的競(jìng)爭(zhēng)廠商提供。
? Product Strategy: F5 does not offer a set of low-end appliances, a multitenant FWaaS option, NAC integration or cloud-based management consoles, and tends to focus its products on carrier-grade networks and large enterprise internal data center use cases. Unlike other vendors in the market, the network team is most likely to manage F5 due to its integration with the application delivery controller and, therefore, may not be managed or considered by security teams for firewall use cases.
? 產(chǎn)品策略:F5不提供一組低端設(shè)備、多租戶FWaaS選項(xiàng)、NAC集成或基于云的管理控制臺(tái)，其產(chǎn)品往往集中于電信級(jí)網(wǎng)絡(luò)和大型企業(yè)內(nèi)部數(shù)據(jù)中心用例。與市場(chǎng)上的其他供應(yīng)商不同，網(wǎng)絡(luò)團(tuán)隊(duì)最有可能管理F5，因?yàn)樗c應(yīng)用程序交付控制器集成，因此，對(duì)于防火墻用例，安全團(tuán)隊(duì)可能不會(huì)管理或考慮F5。
? Market Responsiveness: F5 includes an IDPS feature based on a limited number of SNORT signatures. Gartner advises that customers looking for high-security, network-based intrusion prevention solutions augment the F5 IDPS because it is not as robust or mature as other offerings seen in the network firewall market today.
? 市場(chǎng)響應(yīng)性:F5包含一個(gè)基于有限數(shù)量的SNORT簽名的IDPS特性。Gartner建議，尋求高安全性、基于網(wǎng)絡(luò)的*防御解決方案的客戶會(huì)增加F5的IDPS，因?yàn)樗幌衲壳熬W(wǎng)絡(luò)防火墻市場(chǎng)上看到的其他產(chǎn)品那樣健壯或成熟。
Forcepoint準(zhǔn)能科技
Forcepoint is a security vendor headquartered in Austin, Texas. Its firewalls continue to be visible primarily in distributed office use cases where clients are looking for mature SD-WAN, and centralized management capabilities. Gartner sees good potential in the firewall to meet other use cases, but sees a delay in market responsiveness and a lack of focus to expand the customer base beyond distributed office use cases by Forcepoint.
Forcepoint是一家總部位于德克薩斯州奧斯汀的安全供應(yīng)商。它的防火墻仍然主要出現(xiàn)在分布式辦公用例中，在這些用例中，客戶正在尋找成熟的SD-WAN、和集中式管理功能。Gartner認(rèn)為防火墻具有滿足其他用例的良好潛力，但它認(rèn)為市場(chǎng)響應(yīng)能力較差，并且缺乏通過Forcepoint將客戶基礎(chǔ)擴(kuò)展到分布式辦公用例之外的重點(diǎn)。
The vendor offers a firewall (Forcepoint NGFW), web and email security gateways (Forcepoint Web Security and Forcepoint Email Security), data loss prevention (Forcepoint DLP), an insider threat solution (Forcepoint Insider Threat), a cloud access security broker (Forcepoint CASB), and user and entity behavior analytics (Forcepoint UEBA). It also offers government-specific security solutions.
供應(yīng)商提供防火墻(Forcepoint NGFW)、web和電子郵件安全網(wǎng)關(guān)(Forcepoint web安全和Forcepoint電子郵件安全)、數(shù)據(jù)丟失預(yù)防(Forcepoint DLP)、內(nèi)部威脅解決方案(Forcepoint內(nèi)部威脅)、云訪問安全代理(Forcepoint CASB)和用戶和實(shí)體行為分析(Forcepoint UEBA)。它還提供針對(duì)政府的安全解決方案。
Virtual Forcepoint firewalls offer support for Azure and AWS, where they are available, as pay as you go as well.
Virtual Forcepoint防火墻提供了對(duì)Azure和AWS的支持，只要你愿意，隨時(shí)都可以使用它們。
Forcepoint’s recent news includes the introduction of five new compact desktop models. Other updates include support for new, compact desktop models (33x and 5x series), and feature enhancements for SD-WAN and networking. Support for auto-scaling and management for its visual firewalls with virtualized environments (AWS, Azure, VMware, etc.) is available.
Forcepoint的最新消息包括推出五款新的小型臺(tái)式電腦。其他更新包括對(duì)新的、緊湊的桌面模型(33x和5x系列)的支持，以及對(duì)SD-WAN和網(wǎng)絡(luò)的功能增強(qiáng)。支持使用虛擬環(huán)境(AWS、Azure、VMware等)自動(dòng)擴(kuò)展和管理其可視化防火墻。
Strengths
? Market Execution: The majority of the installed base for Forcepoint firewalls with mature and SD-WAN capabilities is in distributed office use cases. Even the vendor is keen to focus on this use case by continually introducing more enhancements for and SD-WAN.
? 市場(chǎng)執(zhí)行:具有成熟和SD-WAN功能的Forcepoint防火墻的安裝基礎(chǔ)主要是在分布式辦公用例中。甚至供應(yīng)商也熱衷于關(guān)注這個(gè)用例，不斷地為和SD-WAN引入更多的增強(qiáng)功能。
? Product: Security Management Center (SMC), which is the vendor’s centralized management offering, is very intuitive and easy to use. SMC is available as a management appliance, management appliance ISO image and software.
? 產(chǎn)品:安全管理中心(SMC)，是供應(yīng)商的集中管理產(chǎn)品，非常直觀，易于使用。SMC是一種可用的管理設(shè)備，管理設(shè)備ISO映像和軟件。
? It offers features such as drag and drop, which is very smooth. SMC provides granular administrator access control. Administrator roles can be defined, and mapped with select NGFWs, access control lists and Domains. There is also an administrator privilege for approving pending changes with features such as drag and drop. Surveyed clients have also highly rated SMC and scored it higher in ease of management.
? 它提供了拖放等功能，非常平滑。SMC提供細(xì)粒度的管理員訪問控制。管理員角色可以通過選擇NGFWs、訪問控制列表和域來(lái)定義和映射。管理員還可以使用拖放等特性批準(zhǔn)掛起的更改。接受調(diào)查的客戶也對(duì)SMC給予了很高的評(píng)價(jià)，并在管理便利性方面給予了更高的分?jǐn)?shù)。
? Feature (IDPS): The vendor has a legacy reputation of mature IDPS offers. Forcepoint utilizes threat intelligence from McAfee GTI and the Lastline reputation service, in addition to Forcepoint TI. Forcepoint firewalls offers best-of-breed firewall clustering capabilities, with a mature load balancing capability between different appliance models and running different firmware. Surveyed clients have also highly rated the firewall clustering capabilities, which are easy to manage and failover is transparent to the network.
? 特性(IDPS):該供應(yīng)商擁有成熟IDPS產(chǎn)品的傳統(tǒng)聲譽(yù)。Forcepoint利用來(lái)自McAfee GTI和Lastline聲譽(yù)服務(wù)的威脅情報(bào)，此外還有Forcepoint TI。Forcepoint防火墻提供了最好的防火墻集群功能，在不同的設(shè)備模型和運(yùn)行不同的固件之間具有成熟的負(fù)載平衡功能。被調(diào)查的客戶還高度評(píng)價(jià)了防火墻的集群功能，這些功能易于管理，而且故障轉(zhuǎn)移對(duì)網(wǎng)絡(luò)是透明的。
? Automation: Forcepoint offers cloud provisioning tools and automated scripts for DevOps use cases. The vendor offers public GitHub project SMC Python and SMC integration for Ansible.
? 自動(dòng)化:Forcepoint為DevOps用例提供云供應(yīng)工具和自動(dòng)化腳本。供應(yīng)商為Ansible提供公共GitHub項(xiàng)目SMC Python和SMC集成。
? Feature (): Forcepoint firewalls offer easy-to-configure templates. The vendor has a large installed base of multiple branch office use cases. The UI offers easy-to-monitor-and-manage multiple tunnels.
? 特性(): Forcepoint防火墻提供易于配置的模板。該供應(yīng)商擁有一個(gè)龐大的多分支機(jī)構(gòu)用例的安裝基礎(chǔ)。UI提供了易于監(jiān)視和管理的多個(gè)隧道。
? Capability: The vendor offers built-in UEBA capabilities, bringing advanced threat detection capabilities beyond network sandboxing without the need for an additional subscription. The Forcepoint firewall platform collects data from network engines (physical/software/virtual/cloud variants), endpoint intelligence agents and via Syslog feeds from other third-party solutions deployed within an organization.
? 功能:該供應(yīng)商提供內(nèi)置的UEBA功能，帶來(lái)了超越網(wǎng)絡(luò)沙箱的高級(jí)威脅檢測(cè)功能，不需要額外的訂閱。Forcepoint防火墻平臺(tái)從網(wǎng)絡(luò)引擎(物理/軟件/虛擬/云變體)、端點(diǎn)情報(bào)代理和組織內(nèi)部署的其他第三方解決方案的Syslog提要收集數(shù)據(jù)。
Cautions
? Market Execution: Forcepoint sells multiple product lines, out of which Web Security, its SWG product, seems to be the primary product where most R&D work is focused. Gartner finds that the vendor focuses less on its firewall product line as a result, keeping it confined to distributed office use cases. While Gartner thinks that Forcepoint has good experience and a good R&D team, the firewall has the potential to be one of the industry leaders if the vendor focused more toward this product line.
? 市場(chǎng)執(zhí)行:Forcepoint銷售多個(gè)產(chǎn)品線，其中其SWG產(chǎn)品Web Security似乎是大多數(shù)研發(fā)工作重點(diǎn)關(guān)注的主要產(chǎn)品。Gartner發(fā)現(xiàn)，供應(yīng)商因此較少關(guān)注其防火墻產(chǎn)品線，從而將其限制在分布式辦公用例中。雖然Gartner認(rèn)為Forcepoint有良好的經(jīng)驗(yàn)和良好的研發(fā)團(tuán)隊(duì)，但如果供應(yīng)商更關(guān)注這個(gè)產(chǎn)品線，防火墻有潛力成為行業(yè)領(lǐng)導(dǎo)者之一。
? Marketing: Forcepoint lacks strong marketing of its firewall products; as a result, it does not have much visibility on client shortlists. Despite the firewall offering mature threat detection capabilities, the marketing team markets its SD-WAN and capabilities most of the time, resulting in a lack of awareness within the end-user base.
? 營(yíng)銷:Forcepoint防火墻產(chǎn)品營(yíng)銷力度不夠;因此，它在客戶入圍名單上的可見度不高。盡管防火墻提供了成熟的威脅檢測(cè)功能，但營(yíng)銷團(tuán)隊(duì)大部分時(shí)間都在推銷其SD-WAN和功能，導(dǎo)致終端用戶缺乏意識(shí)。
? Offering: The vendor lacks EDR client integration capabilities. It also lacks firewall integration with third-party EDR clients.
? 產(chǎn)品:該供應(yīng)商缺乏EDR客戶端集成功能。它也缺乏與第三方EDR客戶端的防火墻集成。
? Product Strategy: Despite having a strong client base and a focus on distributed office use cases, the vendor does not offer a cloud-based management portal, as offered by most competitors. The vendor also lacks FWaaS, despite offering multiple other cloud-based product lines.
? 產(chǎn)品策略:盡管擁有強(qiáng)大的客戶基礎(chǔ)和對(duì)分布式辦公用例的關(guān)注，但是該供應(yīng)商并沒有像大多數(shù)競(jìng)爭(zhēng)對(duì)手那樣提供基于云的管理門戶。該供應(yīng)商還缺乏FWaaS，盡管提供了多個(gè)其他基于云的產(chǎn)品線。
? Customer Feedback: Surveyed clients have reported that the vendor’s Level 1 support is not competent enough to deal with common support issues and escalates them further, creating longer escalation cycles.
? 客戶反饋:接受調(diào)查的客戶報(bào)告稱，供應(yīng)商的一級(jí)支持不足以處理常見的支持問題，并將其進(jìn)一步升級(jí)，從而形成更長(zhǎng)的上升周期。
Fortinet 飛塔
Fortinet is a network and security player, headquartered in Sunnyvale, California. This year, Fortinet firewalls continue to be visible in distributed office deals where integrated SD-WAN is the primary selection criterion. They are also seen as replacing dedicated routers and act as an edge appliance with firewalls. Fortinet is also a favorable firewall shortlist for customers that cite pricing as an important selection criterion. The vendor offers a range of firewall models to meet multiple firewall deployment use cases. It also offers support for bare metal and virtual firewalls for Alibaba Cloud, AWS, Azure, Google Cloud Platform, IBM Cloud and Oracle OCI IaaS platforms.
Fortinet是一家網(wǎng)絡(luò)和安全公司，總部位于加州森尼韋爾。今年，在集成SD-WAN為主要選擇標(biāo)準(zhǔn)的分布式辦公協(xié)議中，F(xiàn)ortinet防火墻繼續(xù)可見。它們也被視為替代專用路由器，并充當(dāng)防火墻的邊緣設(shè)備。對(duì)于那些將價(jià)格作為重要選擇標(biāo)準(zhǔn)的客戶來(lái)說(shuō)，F(xiàn)ortinet也是一個(gè)不錯(cuò)的防火墻候選名單。該供應(yīng)商提供了一系列防火墻模型，以滿足多個(gè)防火墻部署用例。它還為阿里巴巴提供裸金屬和虛擬防火墻支持
The other products in Fortinet’s portfolio cover network security, endpoint security, security information and event management (SIEM), NAC, wireless access points and switches. FortiGate firewalls are still the vendor’s most popular and best-selling product.
Fortinet的其他產(chǎn)品包括網(wǎng)絡(luò)安全、端點(diǎn)安全、安全信息和事件管理(SIEM)、NAC、無(wú)線接入點(diǎn)和交換機(jī)。FortiGate防火墻仍然是該供應(yīng)商最受歡迎和最暢銷的產(chǎn)品。
In 2018 and 2019, Fortinet introduced new FortiGate models 6000F, 3600E, 3400E, 600E and 400E Series. It also had two major firmware releases with enhancements for the FortiGate firewall, new SD-WAN ASIC, virtual security processors, and centralized management and reporting software. It continues to work toward integration through APIs and security fabric.
在2018年和2019年，F(xiàn)ortinet推出了新的防御模型6000F、3600E、3400E、600E和400E系列。它還發(fā)布了兩個(gè)主要的固件版本，其中增強(qiáng)了防御防火墻、新的SD-WAN ASIC、虛擬安全處理器以及集中管理和報(bào)告軟件。它繼續(xù)通過api和安全結(jié)構(gòu)進(jìn)行集成。
Strengths
? SD-WAN: Fortinet offers integrated SD-WAN capabilities within its E-Series firewalls, which makes it a favorable shortlist candidate for distributed enterprise use cases. It comes with capabilities like application-based routing, especially for SaaS applications like Office 365 that are easy to configure. The vendor also offers features such as multipath automated failover for specific applications based on health performance, latency, jitter and packet loss, which enhance the performance of the applications.
? SD-WAN: Fortinet在其e系列防火墻中提供了集成的SD-WAN功能，這使它成為分布式企業(yè)用例的理想候選。它具有基于應(yīng)用程序的路由等功能，特別是對(duì)于易于配置的SaaS應(yīng)用程序(如Office 365)。該供應(yīng)商還提供基于健康性能、延遲、抖動(dòng)和包丟失的特定應(yīng)用程序的多路徑自動(dòng)故障轉(zhuǎn)移等特性，這些特性增強(qiáng)了應(yīng)用程序的性能。
? SSL Decryption: This year, Fortinet introduced support for TLS 1.3 in the FortiOS 6.2 release. This feature enhances existing deeper inspection capabilities for the Web Filter profile with flow-based inspection mode enabled and for the SSL/SSH Inspection profile.
? SSL解密:今年，F(xiàn)ortinet在FortiOS 6.2版本中引入了對(duì)TLS 1.3的支持。該特性通過啟用基于流的檢查模式增強(qiáng)了Web篩選器概要文件和SSL/SSH檢查概要文件現(xiàn)有的更深層次的檢查功能。
? Integration: Fortinet continues to extend integration capabilities using security fabric and APIs with AWS, Azure, Google Cloud Platform and Alibaba, and develops tools to offer automation. Some of the capabilities include security fabric integration using AWS Lambda, and automatically updating dynamic addresses for AWS using Fabric Connectors. The vendor also offers playbooks for integration of Ansible and Terraform modules.
? 集成:Fortinet繼續(xù)使用安全架構(gòu)和api與AWS、Azure、谷歌云平臺(tái)和阿里巴巴進(jìn)行集成，并開發(fā)提供自動(dòng)化的工具。一些功能包括使用AWS Lambda的安全fabric集成，以及使用fabric連接器為AWS自動(dòng)更新動(dòng)態(tài)地址。供應(yīng)商還提供了Ansible和Terraform模塊集成劇本。
? Geographic Presence: FortiGate firewalls continue to be visible on Gartner client firewall shortlists in different regions, competing with regional players. Regional players have also citied Fortinet as one of the top three competitors for them locally.
? 地理位置:在不同地區(qū)的Gartner客戶端防火墻候選名單上，加強(qiáng)防火墻仍然可見，與地區(qū)玩家競(jìng)爭(zhēng)。區(qū)域玩家也認(rèn)為Fortinet是他們?cè)诋?dāng)?shù)氐娜蟾?jìng)爭(zhēng)對(duì)手之一。
? Sales Execution: Fortinet works closely with many MSSPs globally that are offering Fortinet firewalls as hosted services to their clients. The vendor has specific licensing models for its VM-Series appliances specific to MSSPs. FortiManager and FortiAnalyzer also offer multiple multitenancy features that can be extended using APIs.
? 銷售執(zhí)行:Fortinet與全球許多mssp密切合作，為其客戶提供Fortinet防火墻托管服務(wù)。供應(yīng)商為其特定于mssp的vm系列設(shè)備提供特定的許可模型。FortiManager和FortiAnalyzer還提供了多種可以使用api擴(kuò)展的多租戶特性。
? Licensing: While the majority of Gartner clients generally complain about complex licensing by most enterprise-grade firewall vendors, Fortinet has maintained its simpler licensing by offering bundle-based licensing, which is easier to understand and renew for end users.
? 授權(quán)許可:盡管Gartner的大多數(shù)客戶通常抱怨大多數(shù)企業(yè)級(jí)防火墻供應(yīng)商提供的復(fù)雜授權(quán)許可，但Fortinet通過提供基于捆綁的授權(quán)許可來(lái)保持其更簡(jiǎn)單的授權(quán)許可，這對(duì)終端用戶來(lái)說(shuō)更容易理解和更新。
Cautions
? Visibility: Despite support for multiple cloud IaaS platforms, FortiGate is not visible on Gartner client shortlists as a preferred firewall on IaaS platforms, compared to prominent competitors that have more visibility in this use case.
? 可見性:盡管支持多種云IaaS平臺(tái)，但在Gartner客戶端候選名單上，F(xiàn)ortiGate作為IaaS平臺(tái)上的首選防火墻是不可見的，相比之下，在這個(gè)用例中，一些著名的競(jìng)爭(zhēng)對(duì)手有更多的可見性。
? Product: Although Fortinet offers security fabric and API integration capabilities for integration of its products, it lacks mature direct integration capabilities of its firewalls with other security products in the portfolio for threat correlation.
? 產(chǎn)品:雖然Fortinet提供了用于集成其產(chǎn)品的安全結(jié)構(gòu)和API集成功能，但它缺乏將其防火墻與投資組合中的其他安全產(chǎn)品進(jìn)行直接集成以進(jìn)行威脅關(guān)聯(lián)的成熟功能。
? The vendor offers basic visibility into infected hosts and their vulnerabilities through FortiClient as a dashboard widget, but lacks mature direct threat correlation capabilities with FortiGate. FortiManager and FortiManager Cloud lack the management controls of FortiWeb, FortiSIEM and FortiCASB.
? 該供應(yīng)商通過FortiClient作為一個(gè)儀表板小部件提供受感染主機(jī)