Getty Images

Tip

SASE reality check: What should organizations expect?

Enterprises interested in SASE must grapple with challenges and misinformation about the tool. Businesses should discern SASE's true benefits before adoption.

Secure access service edge has been touted as one of the most important new technologies in networking. But there's a difference between hype and reality. SASE combines networking and security functions into a single framework. The approach enables network teams to simplify architecture and management and, ultimately, improve performance across enterprise networks.

However, despite the promise of SASE, experts debate whether it fully lives up to expectations or if it's an overhyped concept exaggerated by proponents. As enterprises navigate SASE adoption, they face this debate about its capabilities. Unclear vendor language, confusion about deployment options and cross-functional differences between teams obscure how the architecture can truly support enterprises.

Experts provide a reality check on SASE and what businesses can expect from deployment. Organizations can decide if SASE is right for their business once they evaluate the factors involved in implementation and understand the expected benefits from the architecture.

What draws organizations to SASE?

Organizations that have adopted SASE prefer the convenience of a single management console from the same vendor, said Roy Chua, founder and principal at AvidThink.

AvidThink, an independent analyst and advisory firm, tracks the evolution of the SASE market from both the networking and security fronts. This includes the evolution of enterprise WAN networks into virtual customer premises equipment, software-defined WAN (SD-WAN) and SASE, as well as the subcategorization of security service edge (SSE).

SASE is especially beneficial for companies with multiple remote locations, such as businesses in the retail, insurance and healthcare sectors, Chua said. Organizations often invest in SASE to revamp their WAN connectivity and remote branch firewalls. Some eased into SD-WAN first, while later users realized many SD-WAN vendors were promoting SASE.

"They bought into the foundational architecture -- not necessarily licensing every capability yet but looking to add those over time," Chua said.

The biggest benefits of SASE

One of the biggest benefits of SASE is the integration of networking and security.

When Verizon released its SASE product in June 2021, its interest in SASE was a natural evolution from its managed services portfolio that already included networking and security products, said Beth Cohen, product strategist at Verizon Business Group.

Cohen said the consolidation of networking and security should have happened years ago.

"Our customers were asking to integrate their SSE services with their SD-WAN networks, which essentially is SASE before SASE even had a name," she said. "Investing in developing an integrated product was the obvious next step."

SASE also helps organizations secure cloud-based applications and gives IT teams a better understanding of how networking and security need to work together for complex global networks.

Additional SASE benefits include the following:

  • Faster troubleshooting.
  • Improved visibility.
  • Lower operational costs.

SASE reality check: Challenges and misinformation

Although SASE has promise, challenges and misinformation surround how to adopt the technology. Network professionals can become overwhelmed as they examine new technologies to address business problems. It can be difficult to sift through the amount of information on capabilities vendors claim are part of their product packages.

"It's hard to wade through all the conflicting literature and messages that the vendors -- and, to a lesser extent, service providers -- are pushing," Chua said.

He added that many vendors also participate in what he called "checkbox-gaming," when they claim their technologies can provide several capabilities but, in reality, offer minimal capabilities. Many vendors check boxes for certain network security features, such as cloud access security brokers, dynamic load balancing and zero-trust network access.

But, according to Chua, when one digs into the product, it becomes apparent that the feature isn't as comprehensive as advertised. Instead, the capability provides just enough functionality for the vendor to check the box on a prospective user's request for proposal.

For example, many SASE vendors affirm the technology supports remote office connectivity. In reality, Chua said most SASE platforms can only effectively support branch office connectivity, as connectivity in home offices and on mobile devices is often inconsistent.

Some of the biggest challenges of adopting SASE are organizational, Cohen said. Networking and security teams don't typically report to the same leader, which means each group tends to make separate decisions.

It's difficult for these distinct groups to work together to procure, deploy and manage converged platforms, Chua said. Teams have to modify current processes and share ownership, which is often a challenge.

On the market side, Cohen said Verizon found that vendors often have agendas that are out of alignment with what customers want from products. Several vendors push single-vendor SASE platforms, but many customers are interested in multivendor platforms, Cohen said. She said she also doesn't expect interest in multivendor SASE to dwindle anytime soon.

Tips for SASE consideration

When organizations consider SASE adoption, Chua said he recommends the following steps:

  1. Inventory the organization's needs.
  2. Understand the gap that needs to close.
  3. Force SASE vendors to address issues in an understandable manner.

"If you need help [with DIY] due to time constraints or expertise gaps, find a trusted partner you can work with," Chua said.

SASE's market continues to rapidly evolve, which makes it difficult for buyers to know when and how to pick the right vendor, Cohen said. She added that organizations should find a SASE platform within their budget that supports business requirements -- and be willing to change if the vendor doesn't meet their needs.

Chua said he'd like to see the market drive toward simplification -- less technology and acronym-speak -- and instead focus on business and security problems.

"We've been on a path of complexifying for the last few years. I'd like to see us embark on a path to simplify," he said.

David Weldon is a business and technology writer in the Boston area who covers topics related to data management, information security, healthcare technology, educational technology and workforce management.

Dig Deeper on Network security