SASE is pretty hot. In fact, it is the #1 most-hyped term in networking*. That said, SASE is more than just a buzzword. Along those lines, we just published a SASE roadmap (paywall) that includes our updated recommendations and thoughts on the topic.
First, I’ll point to our SASE definition here. Definitions are important and to date, SASE means different things to different people. Hopefully that will improve with time, but is not shocking given the newness/hotness of the term.
The issue SASE aims to address is that perimeter-based approaches to securing anywhere, anytime access has resulted in a patchwork of vendors, policies, and consoles creating complexity for security administrators and users. SASE is a pragmatic and compelling model that can be partially or fully implemented today. Here are some of our specific shorter-term recommendations.
- Deploy zero trust network access (ZTNA) to augment or replace legacy VPN for remote users, especially for high-risk use cases.
- Inventory equipment and contracts to implement a multiyear phase out of on-premises perimeter and branch hardware in favor of cloud-based delivery of SASE capabilities.
- Consolidate vendors and cut complexity and costs as contracts renew for secure web gateways (SWGs), cloud access security brokers (CASBs) and VPN. Leverage a converged market that emerges combining these security edge services.
- Actively engage with initiatives for branch office transformation/modernization and MPLS offload in order to integrate cloud-based security edge services into the scope of project planning.
Last but not least, here are some sassy** predictions:
- By 2024, 30% of enterprises will adopt cloud-delivered SWG, CASB, ZTNA and branch office firewall as a service (FWaaS) capabilities from the same vendor, up from less than 5% in 2020.
- By 2025, at least 60% of enterprises will have explicit strategies and timelines for SASE adoption encompassing user, branch and edge access, up from 10% in 2020.
- By 2023, to deliver flexible, cost-effective scalable bandwidth, 30% of enterprise locations will have only internet WAN connectivity, compared with approximately 15% in 2020.
The full research note is here: 2021 Strategic Roadmap for SASE Convergence (author: Neil MacDonald)
Digitalization, work from anywhere and cloud-based computing have accelerated cloud-delivered SASE offerings to enable anywhere, anytime access from any device. Security and risk management leaders should build a migration plan from legacy perimeter and hardware-based offerings to a SASE model.
*This is a composite index, based on a combination of factors including (but not limited to) client interest, social media analysis, google trends, and analyst opinion.
**Pains me every time I say it.