Skip to content

While everyone else was playing checkers, Zscaler were playing chess

ZscalerGartner_Banner-v2

This week Gartner released their 2020 magic quadrant for Secure Web Gateways. It was a strange-looking image as for the first time it only had one company in the top right leaders' quadrant - Zscaler.

I don't recall ever seeing a magic quadrant that looks like this as it is very rare that a company is able to split away from the competition in such a way. So how has Zscaler managed this phenomenon? As NZ's premier Zscaler partner, we're going to examine this a little bit more to provide some insight.

Gartners-Magic-Quadrant-for-Secure-Web-Gateways-2020To understand how Zscaler has differentiated itself to this extent in a category that has been around forever, you have to really start at the genesis of Zscaler. When Jay Chaudhry founded the company they had a vision for what network security would need to look like in the cloud era, which amongst other things spells the end of the corporate network as we know it. To achieve this vision Zsclaer would have to sit inline between users on ever-increasing bandwidth Internet connections, and hyperscale cloud providers. It would have to perform like it wasn't there, while performing some of the most demanding security tasks out there. As we have seen with public cloud, there is no comparison between your local cloud company and the hyperscaler's. The same applies here.

The crux of the point is that Zscaler didn't go after an easy problem, they went after a really, really hard problem that is baked so deep into their DNA that you simply can't copy it with a feature release. Did you know that Zscaler stands for "The Zenith of Scalability"? It's a bit of a mouthful, but point taken. At this point, I will draw a comparison to Elon Musk. When Musk founded Telsa it seemed crazy to go after an industry with ridiculously high compliance costs. Plus if you got something wrong, you weren't just throwing away a line of code, you were throwing away a chassis which cost real money. This wasn't your typical silicon valley weightless economy startup, it was high stakes. To the surprise of many, Musk didn't simply put a car on the road, he has gone on to put rockets into space (while Zscaler may not be putting rockets into space, at least one of them is an Aerospace engineer). Zscaler is hard to copy, with some clues as to "why" being found in one of their very first press releases where they announced general availability on August 4, 2008.

The press release states "Jay joined hands with a team of NetScaler engineers led by K. Kailash, scalability guru and former chief architect of NetScaler, where he delivered the highest performing load balancing platform" before going onto say "We are not taking existing web proxies, sticking them in a data centre and calling it an in-the-cloud service". I've been fortunate enough to hear some of the inside story on this, which includes the team doing mathematical backflips to figure out how they could create a highly performant cloud proxy while maintaining a viable business model given the investment that would be required in hardware to process such a quantity of transactions.

For me personally, I first came across Zscaler around 2014 while involved in delivering NZ's largest managed network to 800,000 users. While other proxy technology was running out of legs, the fundamentals of how the Zscaler platform operated differentiated it significantly from others in the market, including the biggest and most well-funded players. It did this while supporting a vision of zero-trust network access because networks aren't about how you connect, they are about who and what you connect. Alas on that occasion it wasn't to be.

Fast forward to the present and Zscaler is the leader in executing the cloud-based zero-trust network vision. In 2019 Gartner released a paper called Secure Access Service Edge (SASE) which starts by stating that the future of network and security is cloud. In a similar vein to the cloud-washing we've seen with service providers claiming their services are cloud, we have seen a similar rush by vendors to claim their products fit the SASE model. Frankly, they don't. 

One of the key things with the SASE model is that cloud-based nodes are distributed close to users, and become onramps for secure connectivity. This is the reason we (The Instillery) have put considerable effort into getting Zscaler nodes established in NZ with the first ZIA node going live towards the end of 2018 and a ZPA node going live late 2020, making NZ part of the 150 data centre footprint that Zscaler operates.

Now that may have been a somewhat exhausting read as the back story, but is core to what Zscaler is today, and why they are feeling a bit lonely in the Gartner SWG leaders quadrant.

With a platform that scales and performs, the groundwork has been well and truly laid for Zscaler to now add not only features but pillars - net new product lines on top of the platform. We have seen Zscaler achieve this through both internal development and acquisition of companies. The acquisition strategy to date has been a good one, picking up small enough pieces that they can be integrated in a manner which both preserves their value while making them intuitive and usable addons. This is tangential to the acquisition strategies that we've seen create "franken-clouds"; stitched together software that never really works well together. 

A quick snapshot of those acquisitions include:

  • Trustpath - a security startup applying machine learning, networking and security to solve security problems facing customers today
  • Appsulate - a web isolation platform that secures SaaS apps from data exfiltration and shields corporate endpoints from web-borne threats.
  • Cloudneeti - a cloud security posture management startup providing configuration management and governance across major cloud platforms
  • Edgewise Networks - network micro-segmentation to significantly improves the security of east-west communication by verifying the identity of application software

Through both internal development and acquisition, we have seen Zscaler release two new pillars over the last two years with Zscaler Digital Experience, the company's foray into digital experience management, and Zscaler Cloud Security Posture Management from the Cloudneeti acquisition. These pillars add to the existing Zscaler Internet Access and Zscaler Private Access products.

The reality is that we are yet to see the best from Zscaler. Their Cloud Connector announced at Zenith Live 2019, is close to being released and will assist companies getting traffic to Zscaler without the need of network appliances. The Edgewise Networks technology has massive scope in the IoT world by giving Zscaler the ability to apply an identity to applications through machine learning.

The final (or maybe first) piece of the puzzle to Zscaler's success is the team they have assembled and kept together for over a decade. It consists of some of the smartest people I've had the pleasure of meeting, but also an incredibly humble group given their success. They certainly fit into the "missionaries not mercenaries" category, with a clear dedication to their mission, not just the mighty dollar.

As a company, we (The Instillery) have a stated commitment to put the best and brightest technology in the hands of Kiwi businesses. For us, this doesn't mean we take a passive position on the partners we back. We have backed Zscaler from almost the inception of The Instillery, and now you know why.