Forcepoint One combines zero trust and SASE under a single umbrella

A new platform aimed at reducing the need for multiple security vendors to protect an organization’s digital assets was announced Tuesday by Forcepoint. Its Forcepoint One is an all-in-one cloud platform that simplifies enterprise security by integrating zero trust and secure access service edge (SASE) technologies so security teams can manage one set of policies through a single console.

According to Forcepoint, the platform makes it easier for organizations to embrace SASE by putting crucial security services such as secure web gateway, remote browser isolation, content disarm and reconstruction, cloud access security broker and zero trust network access under a single umbrella. The company claims that the platform also eliminates the need for products to block malware and protect sensitive data across business applications and on BYOD devices by supporting integrated advanced threat protection and data loss prevention.

With Forcepoint ONE, the company maintains, security teams can manage a single set of policies across all apps from one cloud-based console, through one endpoint agent, and with agentless support for unmanaged devices.

Platform versus best of breed security products

“Clearly, the old approach of managing 50-plus point products isn’t working when supporting hybrid work environments with 75% of workers remote and billions of unmanaged devices connecting to business resources,” Manny Rivelo, CEO of Forcepoint, said in a news release. “Forcepoint One makes security simple by reinventing the alphabet soup of security functions that people used to assemble individually into a truly cloud-native zero trust platform with one set of policies managed in one place.”

The trend toward consolidation has been going on for some time, notes Charlie Winckless, a senior research director at research and advisory firm Gartner. “I think it will only continue, both in terms of security service edge—like Forcepoint—and other areas—like XDR,” he said. “Traditional point platforms require overlapping work, overlapping reporting, and have overlapping user interfaces. They make the overloaded security team’s work even harder, as they have to work on different areas, especially where they’re so similar—web traffic to a website or web traffic to a SaaS application.”

“This means that we think that platforms, built well, are the wave of the future,” Winckless adds. “Teams can no longer afford to manage tens of best of breed products, and the synergy between components provides better visibility and more actionable security insights.”

Few complete security platforms

While a platform approach to security may be desirable for some organizations, right now there aren’t that many vendors who can offer a single solution that supports all the components of SASE, explains Garrett A. Bekker III, a principal research analyst with 451 Research. “For a lot of companies that want to do SASE, they’re going to have to cobble it together from two or three vendors,” he says.

“To the extent that Forcepoint pulls together a complete platform is an advantage for them, especially when selling to SMBs or companies that don’t have a lot of resources,” Bekker notes. “That’s the advantage of platforms in general. “It’s one throat to choke. It’s one vendor to deal with. It can help you consolidate vendors, which is an ongoing problem with security vendors.”

“The downside to that approach is you’re locked into a single vendor, and you may not be getting best-of-breed in all the product categories, and sometimes the integrations between the different products are more loosely coupled than tightly integrated,” Bekker says.