Compare the SD-WAN Market

Who are the top rated ZTNA Providers & Vendors?

The top rated ZTNA vendors are Palo Alto, Akamai, Zscaler, Perimeter 81, Cato Networks, Cloudflare, Fortinet, Forcepoint, Check Point and Cisco. When Comparing ZTNA vendors you should consider data loss, threat protection, agentless deployment, reporting and SASE offerings.

The best ZTNA vendors are:

What is ZTNA (Zero Trust Network Access)?

Zero Trust is about adding an additional layer of security. It means not fully trusting anything or anyone by default, and instead assuming that everything should be verified before being given access to a resource.

Infographic - Best ZTNA Vendors

Click to download the PDF version of our ZTNA Providers and Vendors Infographic.

Best ZTNA Vendors US - Infographic

Assessments

Take the quiz, create your own personalized SASE Cybersecurity or SD WAN shortlist.

The simplest way for IT decision makers to shortlist Gartner SASE & SD WAN solutions vs your needs.

We've built self assessment quizzes to specifically help IT decision makers create their own unique vendor or managed provider shortlist.

Company Performance

Top-Rated ZTNA Providers and Vendors

Best ZTNA Companies

(based on 2021 rating)
Palo Alto Networks4.54.7
Akamai3.93.9
Zscaler2.84.5
Perimeter 812.54
Cato Networks45
Cloudflare2.84
Fortinet34
Forcepoint2.44.5
Check Point24
Cisco4.23.9

(SD WAN rating : Cybersecurity rating)

Summary

Get the research and data you need in this article: Netify's top 10 ZTNA providers and vendor list.

Enterprises are rethinking the access model for users and applications, ensuring that their business is safe from today’s threats and still providing seamless and reliable access from anywhere. This is where Zero Trust Network Access (ZTNA) comes in. ZTNA is a security model designed to replace legacy models which made the assumption that anything inside a network was safe. This allowed bad actors to have free reign over data and infrastructure on the network should they gain access. Zero Trust intends to limit these issues with granular security steps throughout a network infrastructure. A complete Zero Trust implementation covers network infrastructure, users, workloads and applications. Choosing the right approach to Zero Trust for your company starts with choosing the right vendor. All vendors offer solutions designed specifically for their target demographic so it is imperative to know which is the best option for each organisation’s path to Zero Trust.

Questions to help shortlist solutions

Questions to help shortlist Zero Trust providers and vendors.

  • Is each request verified on a case by case basis? If so, how does this work? 
  • Does the vendor’s solution work with existing identity providers and Multi-Factor Authentication (MFA) solutions?
  • Does the solution use artificial intelligence and/or machine learning to predict potential bad actors or behavioral actions?
  • Can the vendor’s solution be managed from a single portal? Is it hosted in-cloud, on-premises or both?
  • Does the solution integrate with Security Information and Event Management (SIEM) providers?
  • Does the vendor’s solution support Single Sign On (SSO) across all devices, users, departments and geographic locations using an open standard like Security Assertion Markup Language (SAML)?
  • Is the vendor’s solution preventative or for visibility only? Can defensive actions be automated?
  • What support model does the vendor offer? Is it included in subscription fees? Do they recommend professional services?
  • What is the user experience like? Is it simple to implement and operate for users and administrators of all backgrounds?
  • What level of visibility is provided by the vendor’s logs and context? Do they have logging APIs or syslog integration?
  • What options are provided for integrations into the broader cybersecurity ecosystem?
Palo Alto

What is the Palo Alto ZTNA solution?

Palo Alto is a well known industry leader with a broad product base. They are a good choice for large enterprises that have a need for a diverse mix of on-premise and SaaS requirements. Palo Alto also offer developing technologies such as DNS Security which uses Machine Learning and Artificial Intelligence (AI)-supported URL filtering to detect and prevent zero-day web attacks.

Palo Alto ZTNA Solution-1

Resources and Downloadable Content

Request the very latest Palo Alto Networks SD WAN & SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Palo Alto Networks SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Palo Alto Pros & Cons

Pros

  • Palo Alto's solution is comprehensive and includes SaaS Security, Advanced URL Filtering, DNS Security, Cloud Identity Engine and Firewalls powered by Machine Learning that cover all firewall implementation types (including hardware, software and cloud implementations).
  • They are also known for offering a bleeding-edge Cloud Access Security Broker (CASB) that extends the Zero Trust model to SaaS applications. Palo Alto’s Cloud Identity Engine (ICIE) is also an intuitive approach to identity management.

Cons

  • There have been some mobile endpoint and agent update issues and according to confirmed customer feedback, their support model often doesn’t meet customer expectations.
  • Palo Alto offers Panorama for centralized management, but the customer is responsible for deployment and hosting.  Some organizations may prefer this model, but many others would choose a vendor-hosted management portal which many of Palo Alto’s competitors offer.
  • The solution's compatibility with Azure  lacks an SD-WAN hub integration.
  • High cost.
  • Finally, complexity of design can be an issue due to multiple product offerings required by a new organization to achieve a comprehensive solution on the Palo Alto's platform.
Akamai

What is the Akamai ZTNA solution?

Akamai is a leader in Zero Trust platforms with extensive experience in high-performance global content delivery setting them apart from competitors. 

The company  is a good choice for enterprises that host large amounts of sensitive data that has to be accessible 100% of the time from anywhere for customer and employees. Akamai provides excellent protection from downtime and known attacks.

Akamai ZTNA solutions

Resources and Downloadable Content

Request the very latest Akamai ZTNA data sheet PDF directly from your local account team. Please check your junk folder if not received.

Complete your details to arrange a demo of Akamai. You will receive contact requesting available dates and times - please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Akamai Pros & Cons

Pros

  • Akamai’s solution is noted to be simple to deploy, with the ability to sit outside of organizational firewall(s).
  • User Interfaces are intuitive and easy to use and manage for end-users.
  • Akamai has DDoS prevention features that go beyond industry standards, along with network security, workload security and additional API’s for integration and automation.
  • High user confidence due to Akamai's Intelligent Edge Platform which operates with 100% SLA and manages up to 30% of all web traffic globally. 
  • Another key feature offered by the Akamai solution is cloud-based management which is completely accessible by API with logs that can be exported directly to SIEM products.

Cons

  • The completion and execution of Akamai’s roadmap items leaves areas of improvement for features desired by their customers.
  • While the focus on prevention of ransomware is seen as a positive, in total, the hyper-focus detracts from other useful security features like intelligent application execution controls.
Zscaler

What is the Zscaler ZTNA solution?

Zscaler is a cloud native solution that has a large geographic footprint with over 150 data centers around the globe offering reliable and high-performing services close to users no matter where they are. For very large enterprises looking for ease of use and a great user experience with a comprehensive solution that is easy to deploy and scale, Zscaler is a “must consider” solution.

Zscaler ZTNA

Zscaler Pros & Cons

Pros

  • Zscaler's solution removes the need for multiple endpoint agents as their ZTNA is built into its secure web gateway client.
  • The solution is capable of supporting very large organizations, with the ability to take in up to hundreds of thousands of users and endpoints.
  • The Zscaler solution supports common UDP and TCP applications out-of-the box, offering contextual data security and application access.
  • The scalability of the Zscaler solution is above par for the industry and it has strong capabilities for integration with the broader security ecosystem.

Cons

  • The cost of deploying the Zscaler solution is higher than industry standard.
  • Lack of VoIP support for Zscaler Internet Access.
  • Endpoint device security support (compatibility) and security inspections are areas that need some improvement to compete with other pure-play security solutions.
  • Traffic routing issues have also been noted by some customers upon initial deployment, although this isn’t uncommon during SD-WAN or security solution deployment.
Perimeter 81

What is the Perimeter 81 ZTNA solution?

Perimeter 81’s solution is comprehensive and meets a variety of clients’ needs. One of the reasons that enterprises will choose to use Perimeter 81 is  long-term vision and customer success initiatives. Their product develops with client needs in mind, utilizing emerging technologies. 

Perimeter 81 ZTNA

Resources and Downloadable Content

Request the very latest Perimeter 81 SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Perimeter 81 SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Perimeter 81 Pros & Cons

Pros

  • Perimeter 81’s solution allows administrators to view real-time user activity while streaming user audit logs to a SIEM provider, which may be desirable to allow network teams to monitor performance in-platform while the SOC works in their SIEM.
  • Their Zero Trust solution offers granular network segmentation by dividing access by user and application simultaneously with very granular identifiers and an intuitive browser-based application access portal.
  • The solution also supports application access through IPSec or WireGuard.

Cons

  • Logs are streamed to a SIEM and stored there, making them hard to find within the platform. 
  • Connectors and integrations into the broader security ecosystem are not as robust as other solutions available.
  • The complexity of the solution leaves something to be desired when it comes to ease of deployment and user experience enhancements and improvements.
Cato Networks

What is the Cato Networks ZTNA solution?

Cato Networks is an appropriate choice for those organizations with smaller IT teams and no need for on-premises deployments. The vendor offers managed services and is very efficient at bringing on new sites. Early adopters are also interested in Cato Networks as they are one of the first full-SASE platforms available and are entirely cloud-based, offering immediate deployment with little to no customer involvement.  

Cato Networks ZTNA

Resources and Downloadable Content

Request the very latest Cato Networks SD WAN & SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Cato Networks SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Cato Networks Pros & Cons

Pros

  • Cato Networks’ solution incorporates Zero Trust, Secure SD-WAN and Firewall as a Service into their SASE offering which exceeds customer expectations in most cases.
  • The vendor's global private backbone allows for easy deployment and secure, optimized performance on a cloud-native solution.
  • Cato focus on combining SASE and ZTNA together as a superior solution while offering managed services for those who don’t have the internal resources to dedicate to managing SD-WAN and ZTNA policies.

Cons

  • Cato Networks doesn’t offer an on-premise solution and has no integration with 3rd party monitoring platforms.
  • Customer and technical support offerings could use improvement according to some customer feedback and their SSO integration is still in a partially complete state.
  • Their default SLA is sub-par for the industry and professional services contracts are required to ensure higher SLAs.
Cloudflare

What is the Cloudflare ZTNA solution?

Cloudflare's Zero Trust solution is high performing, comprehensive and complex, when compared to the other solutions on the market. It is suitable for clients with technical expertise and a robust IT team who is capable of deploying and managing complex solutions. Those with the capability to implement API integrations will benefit from the Cloudflare solution, as they make it a good infrastructure solution for DevOps teams. 

Cloudflare ZTNA

Cloudflare Pros & Cons

Pros

    • Cloudflare’s solution differentiates itself from the competition with their innovative approach to privately routing to IP subnets or individual hosts without VPN whilst enforcing ZTNA policies.
    • The company also offer Firewall as a Service, Cloud Access Security Broker (CASB), DNS resolution and filtering, HTTP/S inspection and filtering and a Secure Web Gateway.
    • They also offer a transparent pricing model and strong integration capabilities with multiple identity providers as well as the broader cybersecurity ecosystem. 

Cons

  • The complexity of implementing Cloudflare solutions lends to difficulty of deployment noted by some.
  • Customer feedback also notes a lack of device security support (in other words, compatibility with mobile endpoint devices like smart phones).
  • While Cloudflare's DNS filtering performance is second to none, it could be more feature-rich with Artificial Intelligence and/or Machine Learning capabilities such as their competitors.
  • Complex implementation and low expectations for handholding by support teams mean that the solution requires a more technically-savvy implementation team for the customer.
Fortinet

What is the Fortinet ZTNA solution?

Fortinet is an affordable solution for organizations who wish to simplify their network security stack without the need for brand new innovations. Fortinet’s product line is a comprehensive solution that allows the integration and addition of more products to increase feature sets not available in the core functionality provided by Fortinet out-of-the-box.

Fortinet ZTNA Use

Resources and Downloadable Content

Request the very latest Fortinet SD WAN & SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Fortinet SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Fortinet Pros & Cons

Pros

  • The Fortinet solution feature set excels in  areas of per-session access granted based on a verified user identity and device risk profile to better detect malicious actions or users.
  • Remote traffic is tunneled to the ZTNA application proxy point, providing more security and better performance than traditional VPNs.
  • Offers strong SSO services, certificate management and guest control.
  • Fortinet's use of MAC address-based policies helps manage Zero Trust access more efficiently than vendors who default to IP-based policies.

Cons

  • Fortinet’s remote access solution still utilizes VPN, despite features which allow it to operate with more control and performance than traditional VPN solutions.
  • It has been noted that Fortinet and Fortigaurd’s firmwares could use more compatibility testing as there are many occasions where upgrades have gone wrong and rollbacks may have been needed.
  • The solution lacks artificial intelligence and machine learning abilities for intrusion detection at firewall level.
  • Customer feedback indicates that Fortinet's customer support response times are subpar compared to other industry leaders.
  • Fortinet's  interfaces for traffic logging and web filtering abilities are not very intuitive for the end-user. 
  • The FortiSIEM solution only provides marginal improvement over log analysis capabilities within the firewalls, but they do offer 3rd party SIEM integrations.
Forcepoint

What is the Forcepoint ZTNA solution?

Forcepoint is a leading Zero Trust platform focused on observability and data security. The solution is a good choice for organizations that require a deeper knowledge of what data users and applications are accessing and what they are using that data for. Context related to user and application actions is a driving factor in organizations that choose Forcepoint as they are industry leaders in this area.

Forcepoint_ZTNA

Resources and Downloadable Content

Request the very latest Forcepoint SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Forcepoint SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Forcepoint Pros & Cons

Pros

  • Forcepoint’s solution stands out with its intelligent analytics focused on user behaviors and the observability of potential threats or bad actors. The solution allows administrators to see all user behavior and associated context. 
  • Forcepoint is true a Zero Trust platform - not a suite of products that work together to provide ZTNA, which makes scaling to larger organizations more manageable.

Cons

  • Forcepoint's solution lacks in automation capabilities as it is focused on analytics and behavior that requires analysts and admins to take action on.
  • The future of Forcepoint’s Zero Trust platform is uncertain due to major changes in leadership and a lack of an industry-compatible roadmap.
  • Traditional Zero Trust core features like gateways, device and endpoint security are lackluster and sufficient at best, while bleeding-edge technology and artificial intelligence are key differentiators.
Check Point

What is the Check Point ZTNA solution?

Check Point is one of the largest global network cybersecurity vendors and has a significant chunk of market share. Organizations looking for a well-rounded solution with innovative approaches to Zero Trust including seamless integration, full automation and reliable core features that are constantly undergoing improvement will get the most out of Check Point solutions.

Check Point ZTNA_Use

Check Point Pros & Cons

Pros

  • Check Point’s solution is comprehensive with features such as IPSec VPN tunnels, anti-spam and email security, application control, URL filtering, SSL connection management and mobile access support.
  • The solution is well-rounded and targets all key areas of Zero Trust models (including networks, people, devices, data and workload security) and allows for full automation and seamless integration to the cybersecurity ecosystem.
  • Advanced threat protection against zero-day attacks and their easy to use and deploy solution is commendable.

Cons

  • The Check Point solution lacks in reporting and visibility into threat origin and impact, although customers can make up for this with SIEM and threat intelligence integrations.
  • The solution usually requires a high level of technical ability to deploy, especially when implementing some of the more advanced features that the Check Point solution offers.
  • Customer feedback indicates that technical support pushes for professional services for complex issues and leaves some users feeling under-supported.
Cisco

What is the Cisco ZTNA solution?

Cisco’s solutions for ZTNA can be a good choice for any organization that is already operating a Cisco environment. These organizations will already be familiar with the level of expertise required to properly design, deploy and manage Cisco products and will gain the most from Cisco’s offering.

Cisco_ZTNA

Resources and Downloadable Content

Request the very latest Cisco Meraki SD WAN & SASE data sheet PDF directly from your local account team. Please check your junk folder if not received.

Book a demo of the Cisco Meraki SD WAN and SASE security capability over Zoom or Teams. Learn about their management portal, deployment, SLA and support. You will receive an email asking for times/dates, please check your junk folder if not received.

Request your local in-country sales contact. You will receive details as soon as possible - please check your junk folder if not received.

Cisco Pros & Cons

Pros

  • The Cisco portfolio has a suite of offerings to comprise a Zero Trust solution that stands out in the market.
  • Cisco's Zero Trust solution includes integrated analytics, automated decision making, segmentation controls across whole infrastructures and seamless integration with Cisco’s identity management and multi-factor authentication products while adding improved user-interfaces in central management tools for administrators.
  • Cisco's solutions offer cloud or on-premise as well as hybrid deployments.

Cons

  • Cisco AnyConnect VPN requires integration with another solution like Duo Secure Access  to get closer to providing true ZTNA for remote users.
  • While Cisco has made several acquisitions to expand their security portfolio, solutions that comprised primarily of Cisco’s core enterprise network products require specific knowledge that apply to only Cisco products, and this can be difficult to implement and integrate if the organization is not already a Cisco user. 
IT Decision Makers Report

Download the the complete guide to the top 10 SD WAN solutions.

In this 98 page guide, you'll learn about the leading SD WAN providers and solutions which fit the needs of most businesses. Find out how each solutions meets specific business needs.

Checklist

SD WAN Buyers Checklist

Download our most popular IT decision makers SD WAN checklist. At-a-glance data covering all of the key points you need to understand when buying SD WAN.

Global SD WAN Providers Mindmap Checklist-1

Please provide the following information to request the IT decision makers SD WAN checklist.

Get the checklist

Briefings

Get real advice. Learn about the top 10 vendors and managed providers vs your needs in our free 30 minute Zoom session.

Join us via Zoom to where one of our research team will walk you through 10 top/best vendors and managed providers. We'll talk about your needs and map which Gartner leading solutions, niche players and startups match your requirements.

Netify free vendor Zoom advice briefing-1

Complete your details to learn more about The Netify vendor and managed service provider briefing.

Register interest

Marketplace

There are no results matching your selection.

Company Performance

Cybersecurity Rating

Palo Alto Networks4.7
Akamai3.9
Zscaler4.5
Perimeter 814
Cato Networks5
Cloudflare4
Fortinet4
Forcepoint4.5
Check Point4
Cisco3.9
Resources and Downloadable Content

IT decision makers are challenged to research the SD WAN and SASE security market. Netify vendor and service provider briefings offer clarity with actionable, objective insight into the top 10 Gartner rated solutions. Our research data is backed by proprietary data to help you make better decisions.