Exploring the Future of SASE in Networking and Security Infrastructure
Jan 06, 2023

Exploring the Future of SASE in Networking and Security Infrastructure

Dhanasekaran Voimuni
DHANASEKARAN VOIMUNI
SENIOR MANAGER - PROJECTS

In this article, we will delve into the future of SASE in networking and security infrastructure. As organizations increasingly rely on digital technologies to support their operations and connect with customers, the need for effective and agile networking and security infrastructure has never been greater. In recent years, a new infrastructure category called Secure Access Service Edge (SASE) has emerged as a potential solution to the challenges faced by traditional approaches such as Multiprotocol Label Switching (MPLS) and Software-Defined Wide Area Networking (SD-WAN). According to Gartner, at least 40% of organizations will have an official SASE (Secure Access Service Edge) adoption strategy by 2024.

In this blog post, we will examine the benefits and drawbacks of SASE in comparison to these other options. Multiprotocol Label Switching (MPLS) was the go-to solution for dedicated network connectivity in the 1990s and 2000s. It provided predictable performance, low latency and packet loss, and central management, but it was also expensive, capacity-constrained, and slow to provision new links. Many organizations ended up integrating both MPLS and the public Internet into their networking environments, with MPLS serving as the active connection and Internet as a lower quality and less expensive backup. Despite its advantages, MPLS led to complex, costly, and inflexible Wide Area Networks (WANs). Owing to this, operational costs rose as administrators had to manually configure and deploy a variety of routers and appliances to support branch offices and remote workers.

To address the limitations of MPLS and the public Internet, SD-WAN emerged in the 2000s and 2010s. SD-WAN automates the use of multiple links, including MPLS, xDSL, Fiber, Cable, and 4G/5G, to increase overall network capacity, improve agility and speed up site provisioning, and reduce cost per megabit. While SD-WAN offers a more cost-effective and flexible alternative to MPLS, it cannot provide a complete WAN transformation on its own. It lacks the security, cloud readiness, and mobility necessary to support the needs of digital businesses. As a result, IT teams are often left dealing with technological silos built on point products that are loosely integrated and separately managed.

Enter Secure Access Service Edge (SASE) is a new infrastructure category introduced by Gartner in 2019. SASE combines multiple point solutions, such as SD-WAN, next-generation firewalls, secure web gateway, and software-defined perimeter (SDP), into a unified, global cloud-native service. This allows IT teams to provide a holistic, agile, and adaptable service to support the needs of digital businesses. According to Gartner, SASE is transformational because it addresses the "fundamental changes" in network traffic patterns and deployment models brought about by digital transformation. It provides enterprises with a scalable and elastic platform to support their digital business needs now and in the future.

Components of SASE

SASE is not a new technology. It is an emerging delivery mechanism for an array of already existing important technologies in networking and security. Gartner has a great contribution in identifying and naming this trend in the market.

In the case of networking, these are:

  • Software-defined wide area networking (SD-WAN) 
  • 5G/4G mobile connectivity

Meanwhile, in network security, they are:

  • Next-generation firewall (NGFW),
  • Secure Web gateway (SWG), and
  • Cloud access security broker (CASB)

In case of secure remote access, the technology is Zero-trust access (ZTA), which is a cloud proxy-based replacement for virtual private network (VPN) technology that provides both tighter security and more efficient use of bandwidth.

All of these technologies are combined by SASE, which then offers them as a managed service, preferably (but not always) from the cloud. This makes the network itself, which enables the SASE provider to issue service-level agreements to its customers, a further crucial component of SASE.

Challenges for service providers in the growing SASE markets

The SASE concept is being adopted by many suppliers, who are also offering services online. More than a dozen vendors have been identified by Gartner who are creating SASE offerings for the market. The main issues with Secure Access Service Edge (SASE) are centered around standardization and education. Lack of industry standards, client education and migration, incomplete solutions from vendors, and working in a multi-vendor environment are some of the main issues faced by service providers utilizing SASE.

 According to the MEF research (a global industry association of network, cloud, and technology providers accelerating enterprise digital transformation), the SASE markets are performing well and are expected to continue growing in the coming years due to an increase in the rollout of SASE services and features. The MEF has also identified challenges facing both SD-WAN and SASE service providers. For SD-WAN providers, one of the biggest challenges is the complexity of operating a multi-vendor environment, which is made worse by the lack of interoperability and common standards among SD-WAN vendors. SASE providers, on the other hand, are facing challenges related to customer education, customer migration, lack of industry standards, and incomplete SASE vendor solutions. According to a leading service provider, successful implementation of SASE requires organizational change within both customers and service providers.

Conclusion

When comparing SASE to MPLS and SD-WAN, it's clear that SASE offers several advantages. It simplifies and reduces the complexity of traditional network and security architectures, which were often built on a collection of point products and appliances that were difficult to manage and maintain. It is more agile and adaptable to changing business needs, and it is scalable and elastic to support the growth of digital businesses. While SASE is a newer technology category and may require a learning curve for some organizations, it is likely to be worth the investment in the long run.

In summary, SASE is a promising new infrastructure category that offers a more holistic, agile, and scalable solution for the networking and security needs of digital businesses. While it may not be the right fit for every organization, it is worth considering as a potential replacement for MPLS and SD-WAN.

Credits

  • Content concept: Internet
  • General content outline and flow: Author’s courtesy
  • Image source: https://www.firewall.cx/

References

  1. https://www.firewall.cx/general-topics-reviews/sd-wan/1249-secure-access-service-edge-and-sdwan.html/
  2. https://www.mef.net/about-mef/ - Metro Ethernet Forum (MEF)
  3. https://techblog.comsoc.org