What lies beyond SASE?

Just when you started to wrap your arms around SD-WAN — poof everything changes. SD-WAN is morphing into Secure Access Service Edge (SASE). But what is all this “sassy business” and where is it headed? In this series of SASE Straight Talk articles, Masergy helps you unpack this new trend.

Gartner’s SASE framework is a vision to change the way IT works for today and tomorrow. Gartner recognizes that the IT environment is getting turned on its head:

• The explosion of cloud-based services, remote workforces, and edge computing are changing WAN traffic patterns, making network data flow in new directions with new destinations that are no longer within the walls of the corporate offices.
• The data center is no longer the epicenter of the network–now it’s all about the WAN edge.
• Today, protecting information is not only about securing networks and connected devices–it’s about securing resources everywhere. Security is no longer solely a perimeter-based or location-based effort–it’s an identity-based effort. After all, your network has now left the premises.

For many, SASE is the answer and the logical next step given today’s shifts. It solves these challenges because it converges a wide web of network and security functions into a single cloud-based service that is also identity focused. But what lies beyond SASE? Does it reach far enough? To find an answer, we have to understand what’s inside the SASE toolbox today and what might be added in the years to come.

Today, Gartner defines SASE as having these five core capabilities: SD-WAN, Secure Web Gateway (SWG), Cloud Access Security Broker (CASB), Zero Trust Network Access (ZTNA) and Firewall as a Service (FWaaS). And these certainly meet the immediate needs of multi-cloud businesses–even the pandemic-related ones:

• SD-WAN, FWaaS, and SWG help with network efficiency, enabling business continuity and remote workers
• ZTNA provides security particularly for remote workers
• CASB is critical for making cloud applications securely accessible from anywhere

But, is that everything companies need today? How can SASE address more business needs of today and tomorrow? When it comes to the future of SASE, here are some of the responses Masergy is hearing.

SASE could take a full coverage approach to security

Critics say SASE doesn’t go far enough with security technologies and services. Here’s how they see SASE expanding in the future.

• AI for security: AI-based analytics for security purposes could be added to the core capability areas, requiring the use of machine learning and behavioral analytics to identify threats and accelerate response efforts.
• Security in depth: Security professionals are quick to mention that SASE providers may only check the box once, when more in depth security is needed today. They argue that under each of the five capability areas, providers should be checking each requirement multiple times. There are no specific requirements, however.
• SOC services: SASE also overlooks explicit requirements for SOC services that address detection and response. It concentrates only on technologies.
• EDR and detect and respond capabilities: Others critics highlight the fact that today’s work-from-home business models require not just CASB but also a solid endpoint security strategy with endpoint detection and response (EDR). The detect-and-response emphasis is missing both from a technology and response services perspective. Zero Trust network access isn’t enough, they claim, because more and more threats are coming from within (from users with trusted credentials).

SASE should also include AI

Critics give SASE credit for incrementally improving the WAN but say it falls short when it comes to an emphasis on AI and AI-powered automation. Claims state that today’s SASE is innovating on the more predictable and existing tools of today like Zero Trust and CASB. In order to be more forward-leaning it should incorporate AI.

That suggestion makes sense for two reasons. AI and SASE share the same goal: reducing the complexity of today’s distributed, hybrid-cloud IT environment. They are both tools for cloud applications, at-home devices, IoT systems, and edge computing. Thus, AI feels as though it’s a complementary next step. When IT teams don’t have to worry about network performance, firewall alerts, and keeping the network and security aligned, they will have the time they need to turn to transformative efforts like AI-based automation.

When AI is added to SASE’s web, autonomous networks become possible. AI and SD-WAN are the perfect pair. SD-WAN’s centralized console gives AI direct access to the data streams it needs to automatically evaluate network performance and make intelligent suggestions on how to improve it. Furthermore, SD-WAN’s centralized orchestrator is the unified control panel where AI can be given permission to act on it’s own recommendations, making configuration changes to optimize performance. This ZK Research report explains more about how AI and SASE are laying the foundation for autonomous networks.

SASE has only just arrived. It’s safe to say that it has room to grow, and it will be a fun ride to see how it changes over time and where it will go next.

Read more articles in the SASE Straight Talk series:

• How do you tease out the differences in SASE solutions?
• Is there more than one way to SASE?
• Can I skip SD-WAN and jump straight to SASE?
• Why are there so many different interpretations of SASE?
• Is SASE real or just a concept?
• What are the benefits of SASE?

Engage in the SASE conversation online. Don’t forget to follow us on Twitter!