Cloudflare is really after Zscaler these days, competing in SASE solution. Can anyone explain how those two SASE solutions have different architecture, and how sticky these architectures are respectively? I know Clouflare's SASE still miss many features but assuming they might catch up later, do they really have better architecture than Zscaler?
Sort By:
Oldest
Chief Information Security Officer in Healthcare and Biotecha year ago
I would say its all about the fitment in your organisation; May be cloudflare's is missing some feature but if you dont need those for next 3yrs just avoid and go for it; Bcoz in next either they will build those feature or you will get a better technology handle your risk. Senior Director, Defense Programs in Softwarea year ago
These architectures are as sticky as you allow them to be. With the right planning, rollout can be smooth. If you’re buying today, buy features delivered today vs a roadmap and plan to re-evaluate in a few years when both are more mature.
Director of Enablementa year ago
Great question, with a very interesting stance. I work for a SASE company (and literally wrote the book on the subject) - so happy to share my thoughts. ZScaler is primarily an SSE player (security service edge), which is effectively SASE without good SD-WAN connectivity. They made their money through being a great SWG, and offering the fun of a proxy service to help secure internet traffic. Business was good, until SASE was coined, and then zScaler started to panic.
Cloudflare is in a similar situation, as moving from primarily being a CDN business to a SASE one is a fantastic leap. This is a much newer offering than zScaler (or the better SASE players out there), but it’s still very much an emergent technology with significant gaps in feature functionality.
If youre only looking at these two vendors for a SASE architecture, I would advise to continue looking further. Gartner recently launched their 2023 Magic Quadrant for single-vendor SASE, and neither Cloudflare or zScaler appears present at any time. This should be a very telling tale.
Both architectures are quite ‘sticky’ once deployed, but like anything, they can be replaced with a little bit of effort
CIO6 months ago
I have read all your comments. Is there new things to consider comparing these two solution in April 2024 ? What would be the best not just in features but also adapted for an smb with very small I/O team?
That said, do your due diligence as you would with any technology solution. It comes down to what problem you are looking to solve - remote access, internet security and so on - and how each vendor solution fits your requirements. Once you short list, make sure to test drive them. Do several POCs. What you will find is each option has strengths, weaknesses and approach the framework of SASE in their own way. But as you do, keep in mind, SASE is a journey... thus my main point, think strategic. It's not a point solution.