Top 10 SDP Software in 2024: Based on 4,000+ Reviews

More than 60% of global corporate data is stored in the cloud,¹ and more than 80% of data breach security incidents involved data stored on the cloud in 2023.² Companies need a method for masking Internet-connected infrastructure (servers, routers, etc.) so that external parties and attackers cannot access data stored in the cloud. 

An SDP software can deliver a software-defined perimeter (SDP) by the cloud to determine who gets access to what resources. With SDP software network architects can use microsegmentation to isolate workloads across a virtualized network ensuring that physical network reconfiguration does not influence applications. Thus, applications can operate in secure segments behind a virtual network framework.

This article provides the top 10 SDP software, including an overview of each product, its important specs, and review-based pros and cons.

Top 10 SDP software

Table 1: Feature comparison of the top 10 SDP software

Table 2: The market presence of the top 10 SDP software

*Based on the total number of reviews and average ratings on Gartner, G2, Capterra, and PeerSpot software review platforms as of 4/15/2024. 

Disclaimer: With Tufin (sponsored) placed at the top, other vendors are sorted by the total number of reviews in descending order.

Vendor selection criteria: Considering there are numerous SDP software, the list (above) is narrowed down based on the vendor criteria below.

• Number of reviews: 100+ reviews on Gartner, G2, Capterra, and PeerSpot.
• Average rating: Above 4.0/5 on Gartner, G2, Capterra, and PeerSpot.

1- Tufin

Tufin is a network security software specializing in network security policy management and microsegmentation to enable businesses to manage their network security rules. 

Tufin can assist in simplifying the operation of complex networks containing firewalls and network devices. With cybersecurity risk management and data compliance capabilities, its network security automation may assist enterprises in implementing changes in real-time.

Figure 3: Tufin’s device and vendor support spectrum

Source: Tufin³

Pros

Network segmentation: Users appreciate how their organization’s network segmentation is displayed on the Tufin portal.⁴

Network security policy management: Users argue that Tufin is efficient for centralized network security policy management.⁵

Unified network protection and microsegmentation: Customers indicate that Tufin’s unified network protection and microsegmentation capabilities are efficient in preventing the most common cyber attack vectors. 

Read more: Top 10 microsegmentation tools, top 10 network security policy management solutions.

Cons

Central management for firewalls: Network engineers say that Tufin requires central administration to deliver rules to edge firewalls from vendors like Palo Alto Networks, Fortinet, and Checkpoint.⁶

Read more: Firewall assessment.

Confidential data reports: Some IT consultants conclude that Tufin’s reporting functionality might be improved, noting that confidential data allows one person to examine it, however, they need multiple people to examine the data.⁷

Hardware requirements: Some users expect to see the hardware requirements improved. To operate, the hardware platform must meet extremely high criteria. These high standards are challenging to meet for users. ⁸

Read more: Tufin’s competitors: FireMon alternatives and AlgoSec alternatives.

2- Zscaler Internet Access

Zscaler Internet Access offers  AI-powered security and data protection services to prevent cyberattacks and data loss. Zscaler Internet Access includes the following modules:

• Cloud secure web gateway (SWG): AI-powered analysis and URL filtering ensure a safe and fast browsing experience by preventing ransomware, malware, and other advanced threats.
• Integrated cloud access security broker (CASB): Protects data, prevents attacks, and ensures compliance with SaaS and IaaS settings.
• Cloud data loss prevention (DLP): Secures data using inline inspection such as exact data match (EDM) and optical character recognition.

Key features: 

• Intrusion prevention: Provides threat protection against malware networks, complex attacks, and zero-day vulnerabilities. Cloud and web-based intrusion prevention systems, or IPS tools, integrate with firewalls, data loss prevention (DLP), and cloud access security broker (CASB) modules.
• IoT device network visibility: Provide a picture of all IoT devices, servers, and uncontrolled user devices in the organization.
• URL filtering: Control user access to specific online categories or destinations to prevent dangers and enforce company regulations.
• SSL inspection: Access unrestricted transport layer security (TLS)  network traffic monitoring to detect potential risks (e.g. third-party cyber risk management) and data loss in encrypted traffic.
• DNS security: Detect and transmit suspect command-and-control communications.

Pros

Endpoint detection and zero-day threat prevention: Reviewers note that Zscaler Internet Access ensures that no attacks reach the endpoint, and efficiently prevents zero-day threats within the Zscaler cloud.⁹

Content scanning and sandbox services: Users appreciated the product’s real-time content scanning and sandbox services.¹⁰

Vulnerability detection: IT business analysts say that Zscaler Internet Access quickly discovers potential vulnerabilities and cyber attacks.¹¹

Read more: Vulnerability testing.

Cons

Performance: Users have experienced sluggish system performance and inconsistent secure sockets layer (SSL) support for some URLs.¹²

Reporting: Some users claim that reporting can take longer to download at times.¹³

Costs: Some customers raise concerns regarding Zscaler Internet Access cost, which they consider relatively high compared to competing options.¹⁴

3- FortiGate SD-WAN

Fortinet’s Secure SD-WAN enables companies to improve security by providing network visibility, analytics, and automation capabilities throughout the network (LAN, WLAN, and WAN, including 4G/5G) to improve zero-trust initiatives.

Its centralized operating system includes SD-WAN, advanced routing, ZTNA application gateway, and NGFW features. 

Additionally, with Fortinet’s Secure SD-WAN companies may segment and prioritize application traffic to minimize attack surfaces and improve performance.

Read more: Network segmentation, microsegmentation, top 10 microsegmentation tools.

Key features:

• Application identification and control: Includes over 5000 application signatures, 3000 industrial signatures, first packet identification, deep packet inspection, and secure sockets layer (SSL) decryption.

• SD-WAN (application-aware traffic control): Includes granular application rules, service-level agreement (SLA) based path selection, dynamic bandwidth measurement, active/active/standby forwarding, and encryption overlay support.

• SD-WAN implementation: Provides deployment options including hub-to-spoke (partial mesh), spoke-to-spoke (full mesh), and multi-WAN transport capability.

• Secure access service edge (SASE): Creates IPSec tunnels (a set of communication rules or protocols) to multiple SD-WAN Hubs to secure distant users and branches accessing confidential applications.

Figure 1: FortiGate SD-WAN centralized management and visibility report

Source: Fortinet¹⁵

Pros

Functional workload management: Users express that Fortinet SD-WAN efficiently keeps thousands of users’ workloads secure while offering important data about vulnerabilities.¹⁶

Adding WAN member interfaces: Some users state that adding wide-area network (WAN) member interfaces to the SD-WAN zone is easy.¹⁷

Easy to use web console: Users indicate that Fortinet SD-WAN is easy to use, the web console allows for a wide range of choices and operational operations.¹⁸

Cons

Logging & reporting: Some users say that interface support has been removed from version 7.0 onwards, which needs additional configuring.¹⁹

Complex setup: Some reviews show that initial configuration and deployment can be complicated and time-consuming.²⁰

Documentation limitations: According to some customers, the offered documentation may not cover all elements completely, resulting in difficulties during setup and troubleshooting.²¹

4- Citrix Workspace Essentials

Citrix Workspace Essentials gives end users, secure, and VPN-less access to SaaS, Web Apps, and data delivered by IT, leveraging single sign-on and multifactor authentication.

Citrix Workspace Essentials offers a cloud-hosted time-based one-time password (TOTP)* solution for enterprises that use Windows Active Directory as their primary identity.

With Citrix Workspace Essentials users may request and install fresh tokens, while administrators can easily enable and disable TOTP multifactor authentication. When two-factor authentication is enabled inside the Citrix Workspace experience, it is applied to all users across all access points.

*TOTP is a simple two-factor authentication method within the Citrix Workspace experience that uses a time-sensitive one-time password issued for the user on their registered device.

Figure 2: Access to SaaS and on-premises web apps

Source: Citrix²²

Pros

Virtual environments: Some users state that the product is a valuable tool for businesses transitioning to remote employment since it efficiently generates virtual environments on devices and transforms them into business computers.²³

Easy to use VPN connectivity: Cloud consultants note that the product easily enables them to block customers who follow a policy that prohibits direct VPN connectivity for security reasons.²⁴

Service dashboard: Users appreciate the service dashboard and the Workspace Environment Manager service.²⁵

Cons

User interface: Citrix Workspace Essentials may enhance its web-based interface. The web-based platform requires modifications to increase usability.²⁶

Sluggish performance: The software can be sluggish and laggy.²⁷

Windows 11 compatibility: Some IT engineers observed the current compatibility issue with the latest version of Windows 11. While the client supports Windows 11, it appears that the Citrix Workspace Essentials is only compatible with Windows 10, which does not include the latest version.²⁸

5- Absolute Secure Access

Absolute Secure Access (previously NetMotion by Absolute) is one of the company’s major product lines, acquired in July 2021. The product line offers network connectivity, allowing users to connect to important resources in the public cloud, private data centers, and on-premises environments. These tools enable customers to migrate from a traditional VPN to a zero-trust strategy.

Absolute ZTNA (zero-trust network access) product offers a software-defined perimeter by establishing a context-based, logical access barrier around an application or collection of apps, regardless of where they are hosted. It protects apps from the Internet, keeping them inaccessible to unauthorized users. 

Pros 

Initial setup: Reviewers note that the setup is simple, and customer support is available if needed.²⁹

Customization: Users claim that the product is highly flexible and customizable.³⁰

Reporting: Users appreciate the reporting capabilities of Absolute Secure Access.³¹

Cons

Deployment: Customers express that the deployment is not smooth. Some of them encountered a problem where some batches of machines purchased with the absolute license did not appear on the site.³²

Troubleshooting logs: Some reviews emphasize that troubleshooting logs may be easier to understand since it has an out-of-date UI.³³

Disconnecting clients: Some IT professionals highlight that when anything fails with the VPN service, it is difficult for users to disconnect the client. This also causes an increase in login sessions.³⁴

6-Citrix Secure Workspace Access

Citrix Secure Workspace Access enables users to secure their work environment from unauthorized access while also offering data governance and data protection controls for apps accessible through Citrix Workspace.

Citrix Secure Workspace Access offers a zero-trust solution for delivering secure access to business internal web apps, SaaS, and virtual applications. This enables the integration of traditional security products such as VPN, single sign-on, and browser isolation technologies.

Figure depicts how Citrix Workspace integrates point solutions such as VPNs, SSO, and reverse proxy solutions.

Figure 4: Citrix Secure Workspace Access’s zero-trust architecture

Source: Citrux³⁵

Pros

Virtual machine connections: Users appreciated the product’s workspace where they may have their virtual machine connected to a VPN, ensuring no data transfers to external networks.³⁶

Easy-to-use workspace: Users appreciate the fact that the workspace is accessible and simple to use via a specific URL or link.³⁷

Data cleaning and filtering: Users note that Citrix Secure Workspace Access provides efficient cleaning and filtering options while extracting data from the customer’s computer.³⁸

Cons

Learning curve: Reviewers assert that the product is difficult to understand.³⁹

Disconnections: Data analysts claim that the product sometimes disconnects in the middle of work.⁴⁰

Automated notifications: Users expect to get automated notifications about updates, functions, or troubleshooting cases.⁴¹

7- GoodAccess

GoodAccess is a cloud VPN with zero-trust limitations on access built specifically for small and medium-sized businesses. It links remote employees, apps, data centers, clouds, and offices over a single virtual network. The platform is cloud-based.

Key features:

• A dedicated VPN gateway with a dedicated IP address for the team in 35+ locations across the world.
• Whitelisting: one static IP shared by 100+ team members.
• Mobile and desktop applications for Windows, macOS, iOS, Android, and Chrome OS.
• Identity-based access controls (e.g. role-based access control (RBAC).
• Two-factor authentication, and a threat filter for internet security.

Pros

VPN service: Reviews testify that GoodAccess’s VPN service ensures secure connections without losing speed.⁴²

Gateway customization: Users appreciate the ability to set up several gateways to customize the service to their unique requirements.⁴³

User interface: Customers state that the user-friendly interface makes it easy to manage VPN settings and user access.⁴⁴

Cons

Network risk analysis and notifications: Users expect to see the capability to comprehend networking risks or get notifications if someone who is not allowed has access to the system.⁴⁵

Pricing: Some users find the pricing expensive for the limited offerings.⁴⁶

User access indicators: CRM managers say that GoodAccess may provide a link to show facts such as who connected directly to the app.⁴⁷

8- Symantec Secure Access Cloud

Symantec Secure Access Cloud is a software-as-a-service (SaaS) solution designed by Broadcom that helps organizations build secure and granular access control of any business resource, whether hosted on-premises or in the cloud. It leverages zero trust architecture to provide point-to-point communication without the usage of agents or appliances.

Key features:

• Provides secure access service edge (SASE) security access to applications.
• Prevents network surface attacks by hiding programs from unauthorized users and restricting authorized users to approved applications.
• Integrates ZTNA with any identity provider and reauthorizes user access and activity in real-time using a context-based least privilege approach. 
• Enforces network security policy management practices for data governance and monitoring, including in-line inspection for compliance and malware protection. 

Figure 5: Symantec Secure Access Cloud advantages and differentiators

Source: Broadcom⁴⁸

Pros

Ease-of-use: IT engineers conclude that it is simple to test and use Symantec Secure Access Clouds functionality since it can run automatically without any glitches.⁴⁹

Use of virtual environments: IT help desk users say that the program provides quick and efficient operation of virtual environments to carry out web activities and projects.⁵⁰

Reports: Developers appreciate the fact that the program provides a full report of the most vulnerable points.⁵¹

Cons

Usability: Some IT engineers address that the program is not so simple to use.⁵²

Report duplications: Customers note that when the program is updated it duplicates its reports which takes up unnecessary space on the system.⁵³

Customer support for crashes: Developers note that the program may crash, and they cannot find a helpline that could help them with their issues.⁵⁴

9- Ivanti Connect Secure

Ivanti Connect Secure offers a secure sockets layer (SSL) VPN solution for remote and mobile users to access corporate resources from any web-enabled devices.

Pros

User interface: Reviewers claim that Ivanti Connect Secure offers a simple user interface for remote and site access.⁵⁵

Reliability of the VPN connection: Users consider the product to be a reliable mobile VPN network provider.⁵⁶

Host checker: Users appreciate the host checker, which thoroughly evaluates the machine’s security posture before granting access.⁵⁷

Cons

Whitelisting IP addresses: It’s difficult to approve or whitelist IP addresses for allowed access. Sometimes it disconnects for no apparent reason.⁵⁸

Reporting: Customers believe that more detailed and automatic reporting capabilities can be enhanced.⁵⁹

Mac OS compatibility: Soe users argue that compatibility on the Mac OS should be enhanced.⁶⁰

10- Perimeter 81

Perimeter 81 is a cloud-based network security and software-defined perimeter (SDP) technology that enables safe access to resources in the data centers,  cloud, and on-premises settings. It provides enterprises with a single framework for managing and securing their network systems, independent of location or resource type.  

Pros

Ease-of-use: Customers say that the user interface (UI) is user-friendly and its loading page is quick.⁶¹

Customer support: Several users say the Perimeter 81 support team is highly responsive whenever difficulties or concerns arise.⁶²

Site-to-site tunnels: With numerous geographical access points and specialized IP addresses, the team may create site-to-site VPNs with precise IP constraints.⁶³

“Plug-and-play Wireguard“ to decrease manual configuration: The plug-and-play wireguard site-to-site connector feature is appreciated by users; since it allows them to execute a script and have their whole network linked to Perimeter 81 without any manual configuration.⁶⁴

Cons

Service gateways: Some product managers experience service gateways or interruptions across all of the locations.⁶⁵

Dashboard customization: Some customers think that the software currently lacks relevant dashboards.⁶⁶

Reporting and analytics: Some IT desk specialists argue that Perimeter 81 might improve its reporting and analytics capabilities to give more precise information about network activity.⁶⁷

Further reading

• Top 10 Microsegmentation Tools
• Intrusion Prevention: How does it work? & 3 Methods
• Role-based access control (RBAC)  
• Network Segmentation: 6 Benefits & 8 Best Practices
• 80+ Network Security Statistics
• Network Security Policy Management Solutions (NSPM)
• Cybersecurity Risk Management

AIMultiple can assist your organization in finding the right vendor. 

External links

• 1. ”Share of corporate data stored in the cloud in organizations worldwide from 2015 to 2022“. Statista. September 28, 2023. Retrieved April 15, 2024.
• 2. ”Cost of a Data Breach Report 2023“. IBM. 2023. Retrieved April 15, 2024.
• 3. ”Network security orchestration with Tufin Orchestration Suite“. Tufin. 2024. Retrieved April 16, 2024.
• 4. ”Tufin Reviews“. G2. October 12, 2022. Retrieved April 16, 2024.
• 5. ”Tufin Reviews“. G2. October 12, 2022. Retrieved April 16, 2024.
• 6. ”Tufin Reviews“. G2. April 14, 2024. Retrieved April 16, 2024.
• 7. ”Tufin Reviews“. PeerSpot. January 26, 2023. Retrieved April 16, 2024.
• 8. ”Tufin Reviews“. PeerSpot. October 7, 2022. Retrieved April 16, 2024.
• 9. ”Zscaler Internet Access Reviews“. Capterra. May 15, 2022. Retrieved April 15, 2024.
• 10. ”Zscaler Internet Access Reviews“. Gartner. October 13, 2023. Retrieved April 15, 2024.
• 11. ”Zscaler Internet Access Reviews“. Gartner. February 21, 2022. Retrieved April 15, 2024.
• 12. ”Zscaler Internet Acces Reviews“. G2. January 22, 2024. Retrieved April 15, 2024.
• 13. ”Zscaler Internet Acces Reviews“. Gartner. January 25, 2024. Retrieved April 15, 2024.
• 14. ”Zscaler Internet Acces Reviews“. G2. November 19, 2023. Retrieved April 15, 2024.
• 15. ”Fortinet“. Fortinet. 2024. Retrieved April 15, 2024.
• 16. ”Fortinet SD-WAN Reviews“. G2. December 12, 2023. Retrieved April 15, 2024.
• 17. ”Fortinet SD-WAN Reviews“. G2.October 02, 2021. Retrieved April 15, 2024.
• 18. ”Fortinet SD-WAN Reviews“. G2. July 10, 2023. Retrieved April 15, 2024.
• 19. ”Fortinet SD-WAN Reviews“. Gartner. December 27, 2023. Retrieved April 15, 2024.
• 20. ”Fortinet SD-WAN Reviews“. Gartner. December 13, 2023. Retrieved April 15, 2024.
• 21. ”Fortinet SD-WAN Reviews“. Gartner. December 13, 2023. Retrieved April 15, 2024.
• 22. ”Citrix Workspace Essentials“. Citrix. 2024. Retrieved April 15, 2024.
• 23. ”Citrix workspace Essentials Reviews“. G2. September 2, 2022. Retrieved April 15, 2024.
• 24. ”Citrix workspace Essentials Reviews“. PeerSpot. February 13, 2024. Retrieved April 15, 2024.
• 25. ”Citrix workspace Essentials Reviews“. PeerSpot. July 19, 2022. Retrieved April 15, 2024.
• 26. ”Citrix workspace Essentials Reviews“. G2. October 12, 2023. Retrieved April 15, 2024.
• 27. ”Citrix workspace Essentials Reviews“. G2. September 2, 2022. Retrieved April 15, 2024.
• 28. ”Citrix workspace Essentials Reviews“. PeerSpot. February 7, 2023. Retrieved April 15, 2024.
• 29. ”Absolute Secure Access Reviews“. G2. February 14, 2024. Retrieved April 15, 2024.
• 30. ”Absolute Secure Access Reviews“. G2. February 14, 2024. Retrieved April 15, 2024.
• 31. ”Absolute Secure Access Reviews“. Gartner. October 25, 2023. Retrieved April 16, 2024.
• 32. ”Absolute Secure Access Reviews“. Gartner. October 25, 2023. Retrieved April 16, 2024.
• 33. ”Absolute Secure Access Reviews“. Gartner. October 18, 2023. Retrieved April 16, 2024.
• 34. ”Absolute Secure Access Reviews“. Gartner. October 18, 2023. Retrieved April 16, 2024.
• 35. ”Announcing Citrix Secure Workspace Access for zero trust“. Citrux. January 19, 2021. Retrieved April 16, 2024.
• 36. ”Citrix Secure Workspace Access Reviews“. G2. October 9, 2023. Retrieved April 16, 2024.
• 37. ”Citrix Secure Workspace Access Reviews“. Capterra. November 16, 2023. Retrieved April 16, 2024.
• 38. ”Citrix Secure Workspace Access Reviews“. G2. October 13, 2023. Retrieved April 16, 2024.
• 39. ”Citrix Secure Workspace Access Reviews“. Gartner. June 25, 2023. Retrieved April 16, 2024.
• 40. ”Citrix Secure Workspace Access Reviews“. G2. October 13, 2023. Retrieved April 16, 2024.
• 41. ”Citrix Secure Workspace Access Reviews“. G2. August 2, 2023. Retrieved April 16, 2024.
• 42. ”GoodAccess Reviews“. Capterra. August 14, 2023. Retrieved April 16, 2024.
• 43. ”GoodAccess Reviews“. Capterra. August 14, 2023. Retrieved April 16, 2024.
• 44. ”GoodAccess Reviews“. G2. December 27, 2023. Retrieved April 16, 2024.
• 45. ”GoodAccess Reviews“. PeerSpot. August 17, 2023. Retrieved April 16, 2024.
• 46. ”GoodAccess Reviews“. Capterra. January 22, 2024. Retrieved April 16, 2024.
• 47. ”GoodAccess Reviews“. Capterra. December 22, 2023. Retrieved April 16, 2024.
• 48. ”Symantec Secure Access Cloud | Zero Trust“. Broadcom. June 2020. Retrieved April 16, 2024.
• 49. ”Symantec Secure Access Cloud Reviews“. G2. July 18, 2023. Retrieved April 16, 2024.
• 50. ”Symantec Secure Access Cloud Reviews“. G2. July 25, 2023. Retrieved April 16, 2024.
• 51. ”Symantec Secure Access Cloud Reviews“. G2. July 19, 2023. Retrieved April 16, 2024.
• 52. ”Symantec Secure Access Cloud Reviews“. G2. July 26, 2023. Retrieved April 16, 2024.
• 53. ”Symantec Secure Access Cloud Reviews“. G2. July 25, 2023. Retrieved April 16, 2024.
• 54. ”Symantec Secure Access Cloud Reviews“. G2. July 19, 2023. Retrieved April 16, 2024.
• 55. “Ivanti Connect Secure Reviews“. Gartner. March 30, 2024. Retrieved April 16, 2024.
• 56. “Ivanti Connect Secure Reviews“. Gartner. January 5, 2023. Retrieved April 16, 2024.
• 57. “Ivanti Connect Secure Reviews“. PeerSpot. April 27, 2023. Retrieved April 16, 2024.
• 58. “Ivanti Connect Secure Reviews“. Gartner. December 18, 2023. Retrieved April 16, 2024.
• 59. “Ivanti Connect Secure Reviews“. PeerSpot. July 2, 2022. Retrieved April 16, 2024.
• 60. “Ivanti Connect Secure Reviews“. Gartner. January 5, 2023. Retrieved April 16, 2024.
• 61. “Perimeter 81 Reviews“. Gartner. December 12, 2023. Retrieved April 16, 2024.
• 62. “Perimeter 81 Reviews“. Gartner. November 12, 2021. Retrieved April 16, 2024.
• 63. “Perimeter 81 Reviews“. PeerSpot. November 1, 2022. Retrieved April 16, 2024.
• 64. “Perimeter 81 Reviews“. PeerSpot. November 1, 2022. Retrieved April 16, 2024.
• 65. “Perimeter 81 Reviews“. Gartner. November 25, 2023. Retrieved April 16, 2024.
• 66. “Perimeter 81 Reviews“. PeerSpot. November 1, 2022. Retrieved April 16, 2024.
• 67. “Perimeter 81 Reviews“. PeerSpot. October 9, 2023. Retrieved April 16, 2024.