How the Open Systems service portfolio grew from managed site-to-site VPNs to universal SASE, and why that matters to you.

If we had to sum up 35 years at Open Systems in one line, it’s this: we eliminate risk and hassle, empowering you to accelerate forward with confidence.

That story isn’t told in product lists. It’s told in moments where customers brought us their hardest challenges, and we responded with solutions that not only worked but often anticipated where the industry was heading.

We began by managing networks and security for global enterprises. Today, we’ve evolved into a single, fully‑managed SASE platform that unifies everything under one policy model, one intuitive portal, and round‑the‑clock expert operations. With dedicated technical account managers, our solution focuses on delivering real outcomes—not just adding more tools.

Why this matters now:

• Breaches are still costly, even as the fastest teams pull costs down. IBM’s 2025 study pegs the average breach at USD 4.4M. The teams that cut costs fastest are the ones that identify and contain faster. Speed – and not just more tech – moves the needle. (IBM)
• Teams are underwater. The 2024 ISC2 workforce study counts 5M people in cyber security, but a 4.8M skills gap still yawns. Leaders know that managed outcomes, not DIY integration projects, are how they keep pace. (ISC2)
• Consolidation is strategic, not trendy. Leading analysts expect that by 2025, 65% of enterprises will consolidate SASE to one or two partnered vendors – up from 15% in 2021. Less complexity means more control. (SDxCentral)
• Unified platforms deliver real ROI. Recent Forrester TEI studies report material returns for consolidated SASE/SSE programs (e.g., a 107% three-year ROI for a SASE deployment; vendor-sponsored), and show that stack consolidation is a major driver of business value in SSE programs.

Chapter 1 – The Managed Network Era
Connect First

In the early 2000s, the internet itself was under siege. Self-replicating worms spread so fast they didn’t just infect endpoints—they clogged entire WAN links. To protect our customers, we built the Distributed Network Intrusion Detection System (DNIDS), which didn’t just detect infections but proactively stopped worms before they could bring networks down.

At the same time, customers were struggling with rising MPLS costs and growing web traffic. The request was bold: “Let internet traffic leave locally, not through a central hub.” Within weeks, our engineers made it happen. What later became an SD-WAN standard feature was already in production a decade ahead of its time.

From day one, our promise was clear: we run it so you can move faster. That operating model—with direct Level-3 support, designated consulting, and a unified portal—remains the backbone of Open Systems today.

Chapter 2 – Secure SD-WAN
Converge Networking and Security

Later that same year, another customer brought us a different challenge: operating in regions where connectivity was fragile and bandwidth costs were extreme. Our solution? A routing model that kept satellite lines idle unless the ISP failed—business continuity without breaking the budget.

By 2010, we realized that scalability required a unified approach. We modernized by moving from legacy stacks to zone-based firewalls with automation-friendly APIs, and we standardized everything on Linux. This was a decisive step toward the streamlined platform that still defines us.

A few years later, customers pushed us to prove resilience at scale. That demand drove innovations like SLA reporting, multi-ISP steering, and eventually SD-WAN with built-in security. By the mid-2010s, we were combining path selection, app optimization, and firewalls in one managed service—one portal, one policy model, one team on call.

Value for our customers: fewer vendors to coordinate, fewer things to break, and a better digital experience—on day one and day 1,000.

Chapter 3 – Email and Web Security
Close the Front Doors

As attackers shifted focus to browsers and inboxes, we built the defenses to match. By 2012, even some of the most regulated industries trusted us to run their email security—proof that usability and compliance could coexist.

In 2013, when a major vendor discontinued its web gateway software, we faced a choice: bolt on clunky appliances or build our own. We chose reinvention. The result was Proxy NG, embedding advanced anti-malware in partnership with the open-source community and keeping everything aligned with our unified platform strategy.

From there, we added layers:

• 2018 click-time phishing protection, where suspicious links in emails triggered real-time browser warnings.
• 2018 unified threat intelligence, where blocking one malicious domain automatically enforced it across email, web, and DNS.
• 2019 AI-powered malware detection, spotting unknown threats beyond signature-based approaches.
• 2024 AI-powered email security, detecting anomalies in conversations to stop phishing and BEC (business email compromise) campaigns.

And when third-party providers shut down unexpectedly—whether years ago or during the 2023 URL categorization crisis—we reacted within hours, executing replacements fleet-wide without disruption. Customers never felt the turbulence because a unified, operated platform absorbed the shock.

Chapter 4 – ZTNA and Cloud SWG
Turn Zero Trust Into Reality

Remote access was long tied to costly hardware, until virtualization changed the game. In 2014, we piloted a software-first approach that made our Mobile Entry Point (MEP) globally deployable without new appliances. A user in Asia no longer had to tunnel through Europe—the experience became local, fast, and secure.

That shift proved invaluable when the pandemic hit. Practically overnight, customers had to onboard thousands of remote users. Because of our software-first model, we could spin up new entry points globally in days. We even offered short-term contracts so customers could scale safely without long-term commitments in a time of uncertainty.

By 2021, we launched ZTNA to deliver risk-based, app-level access with a better user experience. In 2023, Cloud SWG joined the platform to enforce policy consistently everywhere. We paired it with comprehensive SD-WAN traffic analytics, visualizing network bandwidth usage and application traffic centrally on one map in our Customer Portal, so NetOps and SecOps share the same source of truth.

That same year, the industry was rocked when a major URL categorization provider went bankrupt. This moment served as proof for our model: We stabilized services overnight and fully replaced the solution across all production systems in months. Customers experienced no disruption—proof of the resilience baked into our operated platform.

Value for our customers: faster, safer access without latency gymnastics—and shared analytics that shortened the path from signal to action.

Chapter 5 – AI-Driven Defense and Modern Integration

In 2019, we launched AI-powered malware detection, years before it became an industry buzzword. Our sandbox engine learned to spot unknown malware—not just signatures—delivering proactive defense that kept customers ahead of emerging threats.

As email threats became stealthier, we reinvented our protection with AI-powered email security, analyzing conversation patterns to detect anomalies like phishing and BEC before users fell victim.

We also rethought log access. With the Logs API built on Microsoft Event Hub, customers gained modern, scalable ways to consume data, integrate with SIEMs, and automate response.

And in 2025, we launched our Cloud Access Security Broker (CASB)—giving customers the visibility and control needed to finally tame the SaaS universe.

Chapter 6 – Scaling Security
Managed Universal SASE

We’ve recently launched our Managed Universal SSE, having the story come full circle: SWG, ZTNA, CASB, and FWaaS unified behind one lightweight agent, one policy plane, and 24×7 operations. While we’ve long provided SSE on-prem, the same controls now run seamlessly in cloud-heavy and hybrid architectures. As the leading managed, universal ZTNA – and full SASE – provider, we’re built for enterprises with complex, mixed environments: on-prem machines including IT/OT and legacy systems, alongside modern remote users and cloud workloads. Highlights include automatic ZTNA sign-in with lockout protection, geo-aware web policy, SaaS ACLs via fixed egress IPs, adaptive CASB, streaming network analytics, and NDR with IPS-backed blocking – all focused on less friction for users, stronger control for security, and faster time-to-value for your team.

Under the hood, we scaled the backbone that carries it all – connectivity backbone and routing core to 1,000+ sites, as well as tunnels to external entities – so global rollouts stay boring (in the best way).

Proof points we’re proud of:

3M+ users, 10,000+ deployments, services in 180+ countries, 97% enterprise retention. Customers cite 10× performance and 25% cost reduction after network transformations – because we engineer and operate as one.

What you can buy today (outcomes, not parts):

• Connect with confidence: Global Connectivity Services with last-mile connectivity including 24×7 Line Operations Services and a Mobile Connectivity Kit for emergencies, hybrid and connectivity-provider-agnostic SD-WAN as well as Partner Connect for third party VPN connections, and multi-cloud interconnect, all operated for you.
• Protect by default: NGFW, Cloud SWG and DNS filtering, CASB, ZTNA, and Email Security, as well as advanced threat protection and sandboxing, unified under one policy model.
• See, detect and decide faster: network & threat/risk analytics in one portal plus Logs APIs, as well as NDR for threat detection on lateral movement.

Where the story goes next:

Three pragmatic plays to start today…

1. Start where risk meets friction. If identity-driven access is clunky, move VPN to ZTNA and pair it with Cloud SWG. Customers see immediate UX and risk wins.
2. Consolidate to operate. Replace chained point tools with our managed SD-WAN + SSE core. This aligns to Gartner’s consolidation trajectory and supports the ROI patterns Forrester documents in SASE/SSE programs. (SDxCentral)
3. Measure what matters. Track mean time to detect/contain and user experience scores – two levers IBM links to lower breach cost. Our analytics make both visible. (IBM)

The Right Complements, Not Bloat: Selective Services, Maximum Impact

We never aimed to check every box. Instead, we’ve added services only where they deliver outsized value. In the early 2000s, a CIO challenged us with “local exit.” In 2025, enterprises challenge us with Zero Trust and hybrid everything.

The pattern is the same: listen to what slows you down, ship releases that remove it, and run the outcome for you.

Ready when you are: If your goals are lower risk, calmer operations, and a better user experience, tell us where you want to start. We’ll map it to a step-by-step transformation plan for universal SASE—built and operated for the real world.