The enterprise
endpoint protection platform (EPP) market is a composite that is primarily made
up of collections of products. These include:
- Anti-malware
- Anti-spyware
- Personal firewalls
- Host-based intrusion
prevention
- Port and device control
EPP solutions also
will often include:
- Full-disk and file
encryption, also known as mobile data protection
- Endpoint data loss
prevention (DLP)
- Vulnerability assessment
- Application control (see
Note 1)
- Mobile device management (MDM)
These products and
features are typically centrally managed and ideally integrated by shared
policies. Not all products in this analysis provide the same collection of
features. In this analysis, we focused primarily on anti-malware effectiveness
and performance, management capability, protection for non-Windows platforms
(such as VMware, Macintosh, Linux, Microsoft Exchange and Microsoft
SharePoint), MDM capability, application control, and vulnerability assessment.
See the Completeness of Vision section below for more information.
DLP, MDM and
vulnerability assessment are also evaluated in their own Magic Quadrant or
MarketScope analyses (see the Gartner Recommended Reading section). In the
longer term, portions of these markets will be subsumed by the EPP market, just
as the personal firewall, host intrusion prevention, device control and
anti-spyware markets have been subsumed by the EPP market in the past. EPP
suites are a logical place for the convergence of these functions. In a recent
Gartner survey,1 40% of
organizations said they already use a single vendor for several of these
functions, or are actively consolidating products. In particular, mobile data
protection is the leading complement to EPP, and purchasing decisions for the
two products are increasingly made together. For most organizations, selecting
a mobile data protection system from their incumbent EPP vendors will meet
their requirements. Application control and the features of vulnerability
analysis are also rapidly integrating into EPP suites. Currently, MDM is
largely a separate purchase for more demanding large enterprise buyers;
however, small or midsize businesses (SMBs) are likely to be satisfied with EPP
MDM capabilities.
The total EPP
revenue of the Magic Quadrant participants at year-end 2012 was slightly more
than $2.8 billion — essentially flat from 2011 — even as the number of reported
seat licenses sold increased by 8%. Essentially, this means that the license
revenue per seat was declining slightly. At the same time, EPP suites continue
to grow in functionality. Consequently, some EPP revenue is inflow from other
markets. We anticipate that growth will continue to be in the low single digits
in 2014.
- See more at: http://blogs.antivirussales.ca/en/blog/gartner-magic-quadrant-for-endpoint-protection-platforms/#sthash.xEnJBPcV.dpuf
F-Secure
F-Secure, a veteran of the anti-malware industry for more than
20 years, has a very good track record for malware testing results. Its
Completeness of Vision score is tempered by the slow development of advanced
capabilities, such as dashboards, security state assessments, application
control, MDM and virtualization protection. F-Secure is a good choice for
organizations in supported geographies that weight malware protection heavily.
Strengths
- F-Secure has
consistently good malware test results and performance tests. It provides
cloud-based look-ups and a file reputation feature, which considers file
metadata (such as prevalence, source and age) before allowing files to
execute. We particularly like the sandbox environment, which tests unknown
applications in a sandbox for malicious behavior.
- Software Updater
provides automatic or manual updating of outdated software, including more
than 2,800 versions of the most well-known endpoint and server
applications.
- F-Secure recently
released its Security for Virtual and Cloud Environments solution, which
provides agent-based security that is optimized for virtual environments.
- The vendor offers
one of the better rootkit detection and removal tools.
- F-Secure client
agents are lightweight with minimal performance impact.
- It provides basic
device control functionality.
- F-Secure has mobile
clients for Android, BlackBerry, Symbian and Windows Mobile, as well as a
cloud-based MDM capability that is primarily aimed at SMBs. It also offers
protection for a broad range of Linux variants and Mac platforms.
Cautions
- F-Secure has very
little presence or brand recognition in markets outside Northern Europe.
It has a minor market share, despite its long-term presence in the market,
and it is growing much slower than the overall market.
- While F-Secure has
a healthy focus on malware detection effectiveness, it has not invested in
more advanced protection techniques, such as security state assessments or
application control.
- At the time of this
writing, F-Secure Security for Virtual and Cloud Environments is very new
and does not provide centralized ageless security.
- Although F-Secure
develops its own signatures and behavioral detection techniques for
advanced threats, its solution relies heavily on Bitdefender for the majority
of anti-malware signatures. Business disruptions at Bitdefender could
impact F-Secure customers.
- F-Secure's
management interface is showing its age. It does not support any type of
graphical dashboard, nor does it provide security state or asset information
beyond anti-malware status. Autodiscovery of new, unmanaged agents and
Active Directory syncing are partly a manual process and can't be
scheduled, although automation exists for importing new agents and
removing inactive agents. The reporting capability is very basic and does
not allow for ad hoc reporting.
- MDM and Mac device
protection are not integrated into the endpoint management console.
- Mac clients are not
managed in the same console as Windows clients.
- F-Secure does not
provide any protection for SharePoint servers (this was due in 1H13, but
has been postponed).
- See more at:
http://blogs.antivirussales.ca/en/blog/gartner-magic-quadrant-for-endpoint-protection-platforms/#sthash.xEnJBPcV.dpuf