and as far as I can tell it offers just about no proactive endpoint protection.
Neither does Palo Alto. Their end point product has, according to expert report, very little adoption.
There is no world in which their product replaces firewalls, “next gen” or otherwise
It has done so for GE and Siemens and multiple other very large organizations. Replaced them, replaced them all.
How does that jive with your comment above? Is there something different with the networks of everyone else?
If you invest in cutting edge tech, it’s not a virtue to not understand it.
We are not investing in cutting edge tech, we are investing in businesses. If you want to invest in cutting edge tech there are many hardware companies out there doing some real cool stuff, but they are not great businesses.
A combination of PANW and CRWD would be equally effective and not require me to give 3rd party access to cleartext traffic.
You do realize that a PANW appliance does not inspect all SSL traffic that may be embedded. You do understand that Zscaler does. You do realize that PANW appliances create multiple targets of vulnerability. You do realize that Zscaler’s security creates no target of vulnerability to attack other than Zscaler’s servers themselves.
You do realize that a PANW appliance to inspect all SSL traffic like Zscaler does requires a bolt on cloud solution. That once you activate it the processing speed dramatically slows data delivery and thus dramatically affects user experience negatively.
I mean, these are basic things about Zscaler vs NGFWs and Palo Alto. I could go on for quite sometime.
One I brought up yesterday is that Zscaler automatically load balances dynamically without the customer even knowing it. You do know that Palo Alto, whether with their appliances or their single-tenant Prisma Access cloud software (that only works on edge cases - and even then has multiple short comings and costs) requires not only manual load balancing if you expect a demand surge, but also the IP and all the other addressing and proxieying Diddley doo has to be re-assigned both to increase the bandwidth and then again when you reset it back to normal bandwidth.
I don’t have to understand the how to look up an IP table to understand these product attributes. To understand cost for value. To understand examples that show tremendous increase in security vs firewalls. To understand user experience.
At the same time, I understand customer obstinance. Yourself, obviously someone who technical expertise, cannot see beyond the status quo technologies to look to new solutions. That is nearly a technical definition of a disruptive technology. It upsets the status quo and those who work in it.
That is an issue Zscaler has to overcome. To date Zscaler has done so many times. Zscaler penetration, as you brought up, is not a small integration. They are averaging more than $200k, $300k, or was it $400k per global 2000 customer. That 20% of the Global 2000 that went with Zscaler as a customer have not started out small.
Zscaler does have a growth/sales problem as Zscaler is more reliant on getting new customers as an aspect of growth than say a company like Alteryx is. But I am tired of saying this. I think we get the by now.
The above, product attributes (and I don’t have to understand the techy tech tech stuff as to how it is done), are true and accurate. It is just that those who work in the industry work with NGFWs and FWs and they assume any new technology that says it can do x, y, z, that the old technology cannot do it is simply a sales pitch.
The reason why Zscaler has been so successful to date is because what they are selling is not just (1) a sales pitch, and (2) they are the only company in the world capable of providing capabilities like this on an enterprise scale.
Does it make for “cutting edge” tech? I don’t know, don’t care, it does make for a platform that no one has been able, or even really tried to replicate. There are also more than 200 patents and 10 years of operating experience behind it.
Is it disruptive from a cost/value perspective? Yes. Is it disruptive from a capability perspective? Yes.
Is Palo Alto, as an example, doing anything close to what Zscaler is doing? No. Is their Prisma Access problem just like Zscaler, as it works in the cloud and all you know? No.
Will Zscaler be a great investment? No one can say, now can we. It is the business case that will tell us that in the end. The capabilities of the product are what they are and Zscaler is of course adding capabilities all the time and improving the core offering all the time.
And yeah, again, it does displace fire walls and NG fire walls. It has for years, and will do more so into the future.