Stefan KellerJuly 14, 2021
The number of vendors fighting to dominate the secure access service edge (SASE) category has exploded since Gartner first described SASE in 2019, with dozens loudly touting SASE approaches that integrate networking and security services.
Clearly not all vendors have complete, fully integrated solutions, but the noise they generate makes it harder for customers to identify the appropriate vendors to short-list for evaluation.
Helping to clear up some of the confusion, Gartner’s recent Best Security Practices for SD-WAN report* states that “Gartner believes that there are currently around eight vendors (Palo Alto Networks, Cisco, Versa, Cato, Forcepoint, Citrix, Open Systems and Fortinet) that can deliver SASE solutions with all functions … (i.e., SD-WAN and a set of associated local and cloud- based security services [SWG, FWaaS, ZTNA, CASB]).”
The Gartner report also notes “Using a single vendor with a fully integrated SASE solution offers operational advantage, while a best-of-breed provider requires more time and skills to integrate and manage.” So, knowing how these eight vendors integrated their SASE solutions is another factor that can help customers in their selection process.
"Gartner believes that there are currently around eight vendors (Palo Alto Networks, Cisco, Versa, Cato, Forcepoint, Citrix, Open Systems and Fortinet) that can deliver SASE solutions with all functions . . ."
Best Security Practices for SD-WAN Gartner Report
It’s our opinion – based on our 98% customer retention rate – that a SASE solution developed from the outset with integrated networking and security services and which is centrally managed from a “single pane of glass” should be easier to use. By contrast, while bolting together separately developed networking and security products may indeed yield a SASE architecture, history shows such best-of-breed solutions are inherently more complex and harder to both configure and manage.
The issue of complexity comes up again for customers considering whether to use a managed services provider for SASE or to go the DIY route.
As a managed services provider, it’s not surprising that we believe employing one is the fastest and easiest path for customers to rollout SASE. Having your IT staff alone handle a SASE deployment seems like a riskier proposition based on our experience. Deploying SASE is a complex effort requiring the kind of deep networking and security expertise that few organizations have, which could result in delays, higher costs and avoidable security holes. However, a managed services provider with an integrated NOC/SOC staffed with DevSecOps engineers and security analysts can shield customers from the complexity of SASE, ensure a timely launch and deliver better outcomes.
We are confident in our assumptions because we have been in the SASE space since 2014, when we first rolled out our own integrated network and security stack which included SD-WAN, NGFW, VPN and SWG – before SASE was even a thing. Our 10,000+ fully managed deployments in more than 180 countries are proof that SASE is real and here at Open Systems.