Cato Networks and Netskope joined Palo Alto Networks as “leaders” in Gartner's latest Magic Quadrant ranking of single-vendor secure access service edge (SASE) providers, moves made more significant as the report found client interest in single-vendor secure access service edge (SASE) has more than doubled since last year.

The analyst firm defines single-vendor SASE as solutions that offer multiple converged-network and security-as-a-service capabilities, including SD-WAN, secure web gateway (SWG), cloud access security broker (CASB), network firewall, and zero-trust network access. These offerings use a cloud-centric architecture and are delivered by a single vendor.

Gartner noted Palo Alto Networks’ Prisma SASE platform delivers a unified SASE solution globally, catering predominantly to large enterprises. The company’s strengths lie in its robust security and networking features, extensive customer base, strong financial viability, and customer awareness.

However, Gartner cautioned that the cost of Palo Alto Networks' offerings remains a concern, along with limited support for non-English user interface (UI), documentation and tech support, as well as a less intuitive new Strata Cloud Manager.

Cato's SASE Cloud platform primarily operates in North America, Europe, and Asia. The unified SASE platform has customers of all sizes, with a concentration in midsize enterprises. As an early pioneer in the market, it has a single and straightforward UI with planned innovations, and delivers an above-average customer experience, according to Gartner.

But the firm also pointed out Cato Networks faces challenges with its pricing model, which can be complex and costly. The vendor’s geographic strategy with limited localization of documentation and technical support further hinders its competitive edge. Plus, some of its security capabilities are limited, including software-as-a-service (SaaS) control and visibility, and on-premises firewall.

Netskope is a newcomer to this Magic Quadrant, as it didn’t meet the inclusion criteria for last year’s MQ. The Netskope One SASE platform includes cloud security services, borderless SD-WAN appliances, the Netskope One Client, and NewEdge points of presence (PoPs). Gartner also noted the vendor offers strong customer experience, geographic strategy, and feature breadth and depth for both networking and security.

However, the Netskope platform requires multiple consoles for full functionality, and Netskope’s late market entry means it lacks experience compared to its competitors. Gartner also noted that limited financial information about the company also raises concerns about its long-term viability.

Challengers, visionaries, niche players, and honorable mentions Fortinet and Versa Networks were identified as challengers; Cisco as a visionary; and CloudFlare, Hewlett Packard Enterprise (HPE), and Forcepoint as niche players.

Aryaka, Barracuda, Broadcom/VMware, Check Point, Ericsson/Cradlepoint, iboss, Juniper, SonicWall, Sophos, and Zscaler were bestowed honorable mentions as these vendors did not meet the inclusion criteria as of the research cutoff date.

Single-vendor SASE market trends Gartner predicts that 65% of new SD-WAN purchases by 2027 will be part of a single-vendor SASE offering, a significant rise from the 20% expected this year.

“The market for well-architected single-vendor SASE offerings is dynamic and maturing, and SASE interest among our clients has been growing rapidly,” the report wrote.

Gartner said the client interest in single-vendor SASE has more than doubled compared to last year and it estimates there are more than 10,000 organizations using a vendor’s primary single-vendor SASE offering.

However, many implementations have yet to fully leverage all core features, often focusing on SD-WAN, firewall, and SWG from a SASE vendor, but not CASB or ZTNA.

On the vendor side, multiple SASE vendors now have a single-vendor SASE offering but “few offer the required breadth and depth of functionality with integration across all components, a single management plane, and unified data model and data lake,” Gartner pointed out.

In the next six to 18 months, the single-vendor SASE market is expected to see several new entrants, mandatory generative artificial intelligence (genAI) assistants, and notable price differences based on PoP strategies. SASE vendors will also extend their support for unmanaged devices and expand into adjacent markets such as endpoint security, data security posture management (DSPM), microsegmentation, and network access control.

Gartner also predicts sensitive data discovery and control will become as important as threat intelligence.