I feel we’ve been paying a lot of attention to a tweet that has very little context. On the surface, that tweet of a partial conversation makes it sound like this is about the current state of things. I’d caution against trying to reach conclusions from something presented like this, because there’s a lot that’s left up to one’s imagination.
Going by an e-book published by ZScaler in 2019 (available here), GE began replacing VPN long before Cloudflare or the other vendors even had a zero trust solution.
As a result, we don’t run traditional VPN inside GE anymore. We have a custom-built application, which is built on top of some of the Zscaler connectivity that runs on every device. When you connect to any network anywhere in the world, it determines a) are you on something we control or not and b) does your PC have the level of controls on it that we need to protect our data?
In this context ZScaler was “fast”, able to scale, a stand out, and so on. The conversation makes perfect sense if you were evaluating vendors years ago. There’s a past tense to it.
I’ve held off from posting the above to avoid adding noise, but the whole thing seems to have taken off, so I finally decided to check out the full interview. The executive is employed by GE Healthcare.
Analyst 00:04:28
Okay. Can you share with us what some of the primary tools are and the more important tools and vendors that make up this stack of seven or eight vendors?Expert 00:04:40
Yeah. I have CrowdStrike as the endpoint detection and response vendor. I have Zscaler for the zero-trust network access replacing the VPN aspect of it. It facilitates the work from anywhere. I also have Zscaler for my cloud workload protection standpoint. I have a log system from IBM and Splunk and then I have the routers and switches, etc., for the networking aspect and the security aspect from Gigamon and Cisco. I have, what we call for containers, virtual machines and container security, I have another vendor called Orca.
Ok, so we now know that GE, or at least a part of GE, currently uses CrowdStrike, ZScaler, IBM and Splunk (i.e. no Datadog), Gigamon, Cisco, and Orca.
Analyst 00:05:29
Great. That’s very helpful. Thank you. At least Orca, you must have been responsible for because it might not have existed six years ago.Expert 00:05:43
Yes, absolutely right. When we embarked on zero trust in 2015, I was also one of the principal people involved. I have experience in both onboarding Zscaler and Orca, to be honest.
And there you have it. GE - or part of GE - embarked on this ages ago. After spending all this time trying to modernize their infrastructure they’re not gonna start over and rip out ZS for NET anytime soon.
Analyst 00:22:11
Do you attribute that to anything? The only thing I can think of is Cloudflare is, I believe, architected more for smaller organizations. Although, I think they’re trying very hard to scale up.Expert 00:22:29
You hit the nail on the head. You’re absolutely right.Analyst 00:22:30
Lastly on Cloudflare, I think one thing that people use it for is it has a lot of additional functionality that the others don’t have. Did you observe that? Do you think that’s true and perhaps you just weren’t interested in that functionality?Expert 00:22:55
No. As I said, we were looking at the functionality that would facilitate the zero-trust network access. At that point in time, I don’t think [they] even had that feature in place, to be honest. Their zero trust came up right around 2019 or 2020 timeframe only.
And here’s the needed context, in the follow-up question conveniently left out from the tweeted snippets. Sorry this long post, but it needs to be pointed out that this is about the past. If we’re gonna discuss product maturity, feature parity, performance etc we need to base it on the present and look to the future.
Perhaps this performance thing detracts from all the other highlights released last week? Cloudflare is fast, and that’s hardly surprising. The importance of their comparison is that it was timed with the announcement of Digital Experience Monitoring. From their blog:
According to Gartner®, “by 2026 at least 60% of I&O leaders will use Digital Experience Monitoring (DEM) to measure application, services and endpoint performance from the user’s viewpoint, up from less than 20% in 2021.” The items at the top of our roadmap will be just the beginning to Cloudflare’s approach to bringing our intelligence into your Zero Trust deployments.
Perhaps what we’re most excited about with this product is that users on all Zero Trust plans will be able to get started at no additional cost and then upgrade their plans for more advanced features and usage moving forward
ZScaler has ZIA, ZPA and ZDX (digital experience monitoring). Cloudflare showed that ZS gives you a poor digital experience to begin with, while simultaneously announcing their own offering. They even used ZScaler’s ZDX to measure the performance and told you “You can even see those metrics in Zscaler’s Digital Experience to measure for yourself.”