Gartner Magic Quadrant: Intrusion Detection, Prevention Systems 2018 for MSSPs
Welcome to page two of two, featuring the Visionaries and Niche Player quadrants. Also, we share the Gartner Magic Quadrant graphic below.
Gartner Magic Quadrant: Intrusion Detection & Prevention Systems 2018 Visionaries
Vectra Networks is the only company in the Visionaries quadrant. Here are the details.
- Gartner Says: Vectra Networks has shipped its Cognito product since 2014 and is a leading example of using advanced analytics (like UEBA) for network IDS use cases. It focuses on detection of threats that have bypassed traditional controls and on detecting lateral movement of threats on the inside of an organization’s network. … Vectra’s approach is innovative as it directly addresses some key issues in security operations today. … This solution excels at the ability to roll up numerous numbers of alerts to create a single incident to investigate that describes a chain of related activities, rather than isolated alerts that an analyst then has to piece together. Second, adversary dwell time today is far too long for organizations, and having different means to detect malicious or unwanted activity is a key value proposition for Vectra. This is especially true for detecting the lateral movement of threats on a network that have already evaded other security controls. While an IDS in terms of deployment, Vectra does have a number of other integrations with existing tools for further response actions. Example categories are firewalls, network access control (NAC), endpoint, ticketing systems and SIEM.
- MSSP Alert Says: Vectra positions its partner program for “channel” partners but certainly mentions recurring revenues and managed security services as part of that overall effort. The company raised $36 million in Series D funding in February 2018, but the news made no mention of accelerated partner or channel investments. A separate growth-related press release in February 2018 celebrated 181 percent annual revenue growth but once again made no mention of partners or MSSPs.
Gartner Magic Quadrant: Intrusion Detection & Prevention Systems 2018 Niche Players
The niche quadrant includes Hillstone Networks and Venustech. Here’s a closer look at each company, sorted alphabetically.
- Gartner Says: Headquartered in Beijing and Santa Clara, California, Hillstone Networks is a network security provider that offers NGFWs along with IDPSs. Hillstone has been shipping IDPS devices since 4Q13. At present, its IDPS customer base is predominantly located in China. The vendor offers a total of 23 IDPS models; however, only five are available to the global market — the S-series models of appliances. … Hillstone does not offer a virtual IDPS model, but it does support on-box virtual instances, including the ability to apply performance constraints on each virtual instance. IDPS signatures are developed internally and obtained from other partners. During the evaluation period, Hillstone introduced several new models. New enhancements introduced in that period include improved antivirus efficacy, HTTPS flood request protection and better IDPS reporting. Additionally it has three new features, Abnormal Behavior Detection (ABD) engine, Advanced Threat Detection (ATD) and a cloud sandbox. ABD is Hillstone’s analytics approach that does network baselining looking for abnormal behavior. The sandbox is also interesting for the IDPS market because it allows for “fuzzy” malware behavior signatures to be used to help convict new iterations of existing families of malware.
- MSSP Alert Says: Hillstone works with MSPs, resellers, systems integrators and distributors to deliver its network security solutions to customers around the globe. The company also offers a channel partner program that provides members with marketing tools, training and certification and other features.
- Gartner Says: Venustech is a security vendor headquartered in Beijing. It was founded in 1996, and has been shipping IDPSs since 2003 and dedicated IPSs since 2007. In addition to its IDPS, Venustech has a range of security product offerings covering SIEM, firewall, UTM, WAF, database compliance and audit (DCAP), vulnerability assessment, application delivery controller, and an endpoint security solution. Venustech has a virtual IPS edition available that supports VMware and OpenStack. It also has support for the Alibaba, Tencent and Huawei clouds as deployment options. Venustech is a good option for its existing clients consuming its other products, and large and midmarket organizations in South East Asia that need to augment existing controls with an IDPS that covers a range of threats.
- MSSP Alert Says: Venustech is best known in China, and the company’s partner program focuses mostly on more traditional distributors and resellers.
Gartner Magic Quadrant: Intrusion Detection & Prevention Systems 2018 Graphic
Here’s a look at the entire Magic Quadrant and all companies within…