The enterprise endpoint protection platform (EPP) is an integrated solution that emerged in the 2006 time frame composed of previously separate capabilities. These include:

  • Anti-malware
  • Personal firewalls
  • Host-based intrusion prevention
  • Port and device control

EPP solutions also will often include:

  • Vulnerability assessment
  • Application control (see Note 1) and application sandboxing
  • Mobile device management (MDM)
  • Memory protection
  • Behavioral monitoring
  • Endpoint detection and remediation technology (see “Market Guide for Endpoint Detection and Response Solutions”)
  • Full-disk and file encryption, also known as mobile data protection
  • Endpoint data loss prevention (DLP)

These products and features are typically centrally managed and ideally integrated by shared policies. Not all products in this analysis provide the same collection of features. Here, we focus primarily on anti-malware effectiveness and performance, management capability, protection for non-Windows platforms (such as VMware, Macintosh, Linux, Microsoft Exchange and Microsoft SharePoint), MDM capability, application control, vulnerability assessment, as well as emerging detection and response capabilities. See the Completeness of Vision section for more information.

DLP, MDM and vulnerability assessment are also evaluated in their own Magic Quadrant or MarketScope analyses (see the Gartner Recommended Reading section). In the longer term, portions of these markets will be subsumed by the EPP market, just as the personal firewall, host intrusion prevention, device control and anti-spyware markets have been subsumed by the EPP market in the past. EPP suites are a logical place for the convergence of these functions. In a recent Gartner survey, 1 40% of organizations said they already use a single vendor for several of these functions, or are actively consolidating products. In particular, mobile data protection is the leading complement to EPP, and purchasing decisions for the two products are increasingly made together. For most organizations, selecting a mobile data protection system from their incumbent EPP vendors will meet their requirements. Application control and the features of vulnerability analysis are also rapidly integrating into EPP suites. Currently, MDM is largely a separate purchase for more demanding large enterprise buyers; however, small and midsize businesses (SMBs) are likely to be satisfied with EPP MDM capabilities.

The total EPP revenue of the Magic Quadrant participants at year-end 2013 was slightly more than $3 billion. However, most growth came from accounting issues versus real revenue growth. As a result, the market is up only 2% from 2012, even as the number of reported seat licenses sold increased by 6%. Essentially, this means that the license revenue per seat declined slightly. At the same time, EPP suites continue to grow in functionality. Consequently, some EPP revenue is inflow from other markets. We anticipate that growth will continue to be in the low single digits in 2014.