In late 2019, Gartner gave birth to a new acronym that has since taken the SD-WAN market by storm–SASE (Secure Access Service Edge). Now, every SD-WAN player is suddenly announcing their SASE solution. These rapid transitions make the market ripe for misstatements and misunderstanding, which trigger more critical questions.
Masergy is fielding lots of them, helping IT professionals and consultants get a handle on what SASE is and what it’s not. In this series of SASE Straight Talk articles, we step through the most common questions we’re hearing from business leaders, providing an in-depth explanation for each.
Ask people what SASE is and you’ll likely get 10 different answers. While the newness of SASE is a factor here, various definitions are also the result of just how dynamic and multifaceted SASE is.
Ultimately, it was Gartner’s foresight that turned into a conceptual framework that is now manifesting into new solution offerings. People talk across these different facets individually without bringing them all together into one view, hence the vast explanations. Security professionals describe it as “a security platform for network services” while network professionals describe it as “a network platform for security services”–so you can see how it’s all in one’s perspective.
For the record, here’s how Gartner defined SASE in their original Hype Cycle for Enterprise Networking report:
“SASE are emerging converged offerings combining WAN capabilities with network security functions (such as secure web gateway, CASB and SDP) to support the needs of digital enterprises … These capabilities are delivered as a service based upon the identity of the entity, real time context and security/compliance policies. Identities can be associated with people, devices, IoT or edge computing locations.”
A vision for network and security convergence: SASE is a concept born under the pretenses that the IT environment has dramatically changed, demanding a new way of addressing the needs of the network and security. These changes include WAN workloads shifting to the cloud, networks plagued by cloud performance issues as well as trends like edge computing, remote workforces, and the fact that security and the network need to work in unison.
Gartner recognizes that the data center is no longer the heart of the IT architecture and companies everywhere are trying to tackle an ocean of network and security capabilities individually. But point solutions and a myriad of different vendors is an approach that lacks intelligent integration, increases IT complexity, and requires a forklift effort. When there must be a better way, SASE arguably represents Gartner’s way of challenging the industry to solve the biggest problems in IT. And it’s working. The industry is already shaping itself accordingly.
A solution offering and a framework for building next-generation IT services: Gartner generally describes SASE as solutions that unify SD-WAN and security into one cloud-based service from a single provider. Thus, SASE acts as a model or framework for building the next generation of IT services, and yet, Gartner hasn’t prescriptively provided a detailed checklist of every last technology required. They only provide five core capability areas. That’s because SASE is still an emerging market in the early stages of development. If you’re like me and you just want the most tangible list of what SASE is, here are the core capabilities and the four primary tenets:
Beyond these capabilities, the market lacks defined feature standardization. So, there are wide variations in product offerings. This makes it all the more important to understand what SASE is not.
It’s not a matter of compliance. People ask, “Is your solution SASE compliant?” But it’s really not a matter of regulatory compliance–no federal laws are associated with SASE. Its loose framework makes it difficult for providers to offer a consistent checkbox list of requirements met. Gartner offers more best practice guidance than hard-lined definitions and laundry lists of technical prerequisites. Thus, it’s more about asking each provider how they interpret and approach SASE.
It’s not just network and security convergence. SASE makes sense to IT professionals who are familiar with the trend of network and security convergence, but it reaches beyond the concept of consolidation to define how converged solutions should look, operate, and what they should value–namely cloud-based services, identity analytics, globally distributed capabilities, and edge flexibility. SASE calls for convergence with a strong emphasis on a cloud-based services model from one provider.
Ready for more? Read all the articles in the SASE Straight Talk series:
Call us now to arrange a consultation (866) 588-5885.
Or arrange for a consultation through our request form.