The findings places Cisco, McAfee, Microsoft, Proofpoint and Symantec in the Leader’s quadrant of a Magic Quadrant that consists of 16 vendors in all.
But they are not the only vendors that should be considered and Gartner makes the point that potential investors should consider the market globally before making any decision.
The market, Gartner says, is in a constant state of flux that reflects its maturity and has seen, for example, the inclusion of SilverSky this year, while Google was dropped.
This movement is notbecause of any flaws detected in the products in the 12 months since the last quadrant, but rather because of changes in the vendor outlook which means it no longer fits into the strict criteria that Gartner has drawn up for inclusion in this quadrant.
Google is a case in point. It was dropped this year, because it has withdrawn from the stand-alone SEG market and has migrated its remaining customers in this market to a version of enterprise Gmail, all of who will continue to benefit from SEG services, but this time integrated into the email application itself.
There are also other vendors that didn’t make it into the MQ but which provide strong SEG offerings all the same. In the case of Sendmail, for example, you have a vendor with a very strong, large enterprise offering that does not fit in with Gartner’s technology criteria.
Sendmail has a rather unique product that enables enterprises to plug in the email security applications that they want from other vendors and manage the overall framework once the enterprise has built the security presence it wants using those third-party components collectively.
Other vendors like AppRiver, Axway, Eleven and Spamina focus on a particular geographic or vertical market niche, Gartner says.
SEG MQ Criteria
So what are the criteria for inclusion?To be included in the MQ in the first place, vendors must demonstrate:
- That their solution has its own proprietary capabilities to block unwanted email traffic.
- Email virus scanning
- That their product can provide email encryption on its own, or through third-party add-ons
- The ability to scan outbound email for data breaches
- That is has at least 2000 direct enterprise customers and revenues of at least US$ 10 million for email security products.
On top of that they must also show that thteir business is a viable business now and is likely to be in the future as well as an understanding and vision of the market that will carry it through the next year.
SEG Leader's Quadrant
To be included in the Leader’s Quadrant is tougher again. Vendors must show that they are performing well and have a clear forward-looking strategy that includes building new functionality to carry that strategy through. They also must be able to demonstrate comprehensive email security that gives them a high market share coupled with high customer satisfaction. This year the Leaders include:
At the moment, Cisco dominates the market for on-premises solutions suitable for the mid-to-large enterprise sector. It offers three different deployment options through hardware appliances, managed appliances and virtual appliances. Suitable for companies that are looking for best-of-breed functionality.
Strengths: It is easy to scale and operates from an easy-to-use interface that manages a system offering deep policy control. It scans suspicious URLs through its Outbreak Filters and has also added capabilities to detect low-volume spam attacks.
It has policy-based email encryption and integrates easily with RSA’s Data Loss Prevention (DLP) manager. It also benefits from Cisco’s installed base of network security appliances.
Cautions: Its focus on large enterprises means it doesn’t scale down well for SMBs while the management interface can be confusing for inexperienced users. Its hosted email services only has four data centers in the US and Europe and clients are unable to select where their data should reside. Key management is only available from a US data center.
Now a subsidiary of Intel, McAfee has a wide range of endpoint security products. It consolidated its two on-premises gateway solutions in v7.0 recently. It is a good choice for integrated hybrid solutions that augments the security of mailboxes, and for those looking for an integrated suite of security products.
Strengths: McAfee’s Email Protection native DLP capabilities is one of the strongest and users the abilities of its stand-alone, enterprise-class, content aware DLP offering. Basic encryption methods are easily supported as is the secure transfer of large files.
It has a SaaS offering with a clear, Web-based interface that is easy to use and is hosted in 7 global locations with the possibility of locking messages into specific geographies. Its Content Security Suite bundles secure email, Web and DLP in a combined package.
Cautions: It has not significantly expanded its market share in the enterprise SEG market in recent years and customer satisfaction is lower than average, Gartner says. Several customers also reported the need for improved incident reporting. It only offers hosted mail in one of the 7 geographies it has a data center in.
Having consolidated all its anti-spam capabilities into its SaaS-based Exchange Online, Microsoft’s dominance in the email market makes it’s a strategic provider of SEG solutions. It is also making big strides in expanding and improving the service.
Strengths: It is capable of tighter integration of its SEG functions with Exchange/Outlook than its competitors are.Exchange Online Protection (EOP) mirrors email across multiple data centers for redundancy and supports in-geography email processing for both the US and Europe.
EOP also offers hosted encryption based on Voltage Security technology. Its Active Directory Rights Management services have been added for end-to-end email services with a hosted equivalent on the Azure cloud.
Cautions: It does not have the best functionality on the market and has been slow to offer improvements. Gartner says it expects improvement, however, when it embraces a cloud-first agile development model. EOP does not allow end-user specific black lists. The Exchange Hosted Encryption solution is not integrated with the management console and lacks self-service configuration. As ever with Micrsoft, licensing can be difficult.
In terms of innovation, Proofpoint continues to lead the market with a singular focus on email security issues. It has one of the highest growth rates in the MQ. Its flagship product Proofpoint Enterprise, is available as a hosted service, on-premises, or as virtual (VMware) appliances and software. It can also come as a hybrid combination of these versions.
Strengths: Spam and malware detection have always been a strong point for Proofpoint and is one of the few companies that publishes its effectiveness on a regular basis. It continues to invest in new technology for spam and spear phishing detection.
Its Web-based management console is one of the best in the market with the ability to customize the dashboards for each administrator. DLP features are very strong and include numerous prebuilt policies, dictionaries, number identifiers, and integrated policy-based encryption. It has SaaS data centers in the US, Canada, Germany and the Netherlands.
Cautions: The dedicated focus on email is a weakness as well as a strength. While it continues to define best-of-breed functionality in a mature market, for many customers this can just be overkill.It is still missing an ad hoc reporting capability. It has a corporate focus and price range that makes it unsuitable for small companies.
As one of the largest SEG vendors on the market, Symantec continues to grow faster than the market itself. It has a wide range of offerings that include hardware appliances, SaaS and virtual appliances. The Messaging Gateway (SMG) and the Symantec Email Security cloud service will fit most organizations.
Strengths: It has a very large and sophisticated malware team that has access to a large amount of data from its widespread customer base.It offers complex, content filtering policies while its cloud offering now provides outbound spam scanning for all customers.
It is a leader in the DLP market and uses the same inspection engine in its SEG solution. It has also improved the synchronization of its SMG quarantine management.
Cautions: It has not been aggressive in releasing new product features and the on-premises gateway is the not the most polished solution for very large enterprises. The on-premises solution has also not release any specific advanced targeted threat solutions like time-of-click URL filtering or virtual sandboxing. There is no management interface that can integrate on-premises and service offerings for hybrid deployments.
This is just a brief overview of the main points in the Leaders Quadrant. There is a lot more here and worth a look for those considering investing.
Title image courtesy of Jakub Krechowicz (Shutterstock)