Predictions: 2011 Gartner Magic Quadrant for Data Loss Prevention
Recent trends show an increase in organizations searching for information on the Gartner Magic Quadrant for Data Loss Prevention (DLP). That tells us it’s that time of year again. Time for Gartner’s annual report on Content-Aware Data Loss Prevention, which, according to Gartner’s Magic Quadrant and MarketScopes information page has been slated for release Q2 11. Since Q2 11 has come and gone and we’ve yet to see the released report, I figured I’d make my own predictions on what the good folks at Gartner will have to say about the DLP space for 2011.
Let’s start with the coveted Leaders quadrant which in years past has included quite a varied list of vendors, from Vericept (now Trustwave), Websense, Vontu (now Symantec), RSA, to Reconnex (now McAfee). 2011 is unlikely to bring us any surprises among the current leaders of McAfee, RSA, Symantec and Websense. While Symantec still boasts the most advanced feature-set of any vendor, all of the leaders maintain the basic feature-sets required to keep them in leadership contention.
CA has just recently added some critical DLP fingerpriting functionality features to bring them in line with many of the leaders and visionaries. CA is desperately trying to redirect buyer focus to identity and access management combined with DLP in an effort to provide a unique feature set on which to compete and use for their own customer base. Otherwise, CA has a very average DLP offering.
- Big company name. (Some might consider that a weakness for CA.)
- Cannot compare feature for feature with other big-name DLP vendors.
Code Green Networks
Code Green’s approach stands apart from most of the Leaders, with a simplified, appliance-based architecture that streamlines deployment and reduces the management overhead associated with traditional, multi-server DLP architectures.
Code Green Networks Strengths
- Single appliance architecture.
- Ease of use in deployment, configuration and management.
Code Green Networks Weaknesses
- Limited brand awareness.
- Appliance cost represents a disproportionately high cost in deployments of 250-1000 users.
Fidelis Security Systems
Fidelis has had a DLP identity crisis from day one, calling itself not DLP, but Extrusion Prevention. Not one to be led, Fidelis’ founder has bucked the system at every turn. While I like that style, the company’s insistence on a network-only approach has excluded them from every major commercial opportunity. Instead the company’s focus is APT Protection, which tends to resonate more loudly with federal gov’t than does DLP. In speaking with a marketer at Fidelis last year, we were told that DLP is “just one of our use cases,” and that they are a network security tool. That’s a shame, because they have some interesting DLP technology that will rarely get used as such.
Fidelis Security Systems Strengths
- Multi-Gbps throughput appliance.
- In-line blocking capability.
Fidelis Security Systems Weaknesses
- Lack of commercial focus (for us fans of commercial business).
- No in-house endpoint solution. Instead, weak marketing partnerships with Verdasys, Safend and other now-defunct endpoint DLP players.
McAfee is likely to remain one of four vendors in the Leaders quadrant, although recognized by many as a laggart behind Symantec, RSA and Websense. McAfee DLP provides a multi-appliance solution that is managed through the company’s widely-used ePolicy Orchestrator.
McAfee DLP Strengths
- Big company name.
- Unique network monitoring approach allows for monitoring and categorizing *all* network traffic rather than just policy violations.
McAfee DLP Weaknesses
- Multi-appliance approach can be complex and requires separate appliances for network monitor, prevent, discovery and management.
- Many customers report difficulty in deploying and configuring the solution.
Despite Palisade Systems’ deep DLP roots, the company has struggled to find success. One of very few remaining DLP independent software vendors, Palisade has run through three top executives in as many years. Until very recently, the company claimed a network-only focus and only this year have they released an endpoint component to complement their DLP suite. The appliance-based solution provides web filtering, among other non-DLP features.
Palisade Systems Strengths
- Unique non-DLP feature set desirable for small business or education.
- Aggressive pricing structure.
Palisade Systems Weaknesses
- DLP road map and development resources lag behind many DLP leaders.
- Company’s viability is in question.
RSA is one of the four current Leaders and we predict they will remain. RSA is one of few vendors to leverage their technology through high-profile licensing agreements with Microsoft and Cisco. RSA is one of the most widely-considered solutions among DLP projects. While RSA has made attempts to simplify DLP architecure by leveraging multiple virtual machines on a single server, many customers still complain of deployment complexities.
- Big name player.
- OEM licensing agreements position RSA among non-DLP projects (DRM, email security, etc.).
- Architectural complexity.
- Many customers report problems in deploying and configuring the solution.
Symantec has enjoyed its well-deserved position of leadership since the inception of the Gartner Magic Quadrant for the space in 2006 (then known as “Content Monitoring and Filtering”). Symantec’s acquisition of Vontu, the leading DLP vendor in the space, positioned Symantec squarely in the leaders quadrant from day one. Vontu was already well into the development of its own endpoint agent, making it one of the first to recognize and execute on this need. Since that time, Symantec has taken a leadership role in shaping the DLP space with its innovative features to address the growing market requirements.
Symantec DLP Strengths
- Big name player and market leader.
- Most feature-rich DLP offering.
Symantec DLP Weaknesses
- Multi-server architectural complexity.
- High cost.
Trend Micro’s DLP reach is limited largely to small endpoint deployments. We have never come across an organization giving them serious consideration. They are currently squarely positioned in the niche player quadrant and we could see them slipping further down and to the far left since their DLP vision is very limited.
Trend Micro Strengths
- Convenient for current Trend customers looking to check the DLP box.
Trend Micro Weaknesses
- Very weak DLP feature set.
Trustwave made the most recent acquistion in the DLP space, gobbling up Vericept, one of the early DLP leaders. Along with the DLP acquisition, Trustwave has acquired a number of other under-acheiving technologies. Since that time, however Trustwave has apparently done little to improve the DLP offering and have actually stopped marketing their endpoint DLP agent. We predict Trustwave will be one of few vendors that actually slip in 2011 from its former position of challenger to niche player.
- Trustwave provides a full suite of security services and DLP may be an easy add-on for current Trustwave customers.
- Functionality has regressed with loss of endpoint.
- Trustwave may not be able to reach beyond their limited customer base and expand their DLP marketshare.
Verdasys was an early entry to DLP and one of few who started with an endpoint focus. Unlike other vendors who have branched out to include all three DLP components (network, endpoint, discovery), Verdasys has not and remains largely endpoint focused. Verdasys maintains marketing partnerships with IBM and a technology partnership with Fidelis, though we don’t know how beneficial either of those is.
- Leading endpoint-only DLP solution.
- Limited true DLP capabilities.
- Very expensive endpoint-only solution.
As a DLP Leader, Websense has done a good job marketing its single solution for web security, email security and DLP under the TRITON moniker. The concept appeals to many buyers of DLP, especially current Websense filtering or secure web gateway customers looking to add DLP. Unlike some of the other appliance DLP vendors, the Websense platform uses virtual machines to pull everything into a single appliance/server.
- Single vendor solution for web security, email security and DLP.
- Subscription pricing can become more expensive than traditional perpetual license after a few years – and the subscription remains indefinitely.
- Under the TRITON solution, sharing of server resources for web and email security can have a negative impact on resources needed for critical DLP function.