Picking Your Way Through The SASE Minefield

After the best part of two decades of gradual change in the world of the networking infrastructure, WiFi and mobile notwithstanding, the past few years have seen more upheaval than at any time since Ethernet – soon to celebrate its 40th birthday – came on the scene.

As I’ve discussed in recent blog posts, the dominance of cloud-based services – in a way that bears no resemblance to the impact of previous forms out outsourcing – has changed both the cloudscape and the IT landscape in a major way and almost certainly forever. And, yes, I appreciate that mainframe computers – and probably the occasional abacus – are still in operation, but… Which is all the more reason why SASE – introduced as a concept by in 2019 by Gartner – is having the most significant impact of any recent analyst-based “invention”. What the “SysSecOps” brigade singularly failed to achieve, the SASE crowd are making up for. And it’s all in the “cloud”.

SASE is defined as a converged, cloud-native, elastic and global architecture designed to form the foundations of the next generation set of networking and security capabilities. Morphing the worlds of both networking and security meant lots of potential players, some clearly more relevant and valid than others, again as is always the case. As a result, SASE has been widely embraced by vendors in both camps, with some consolidation in terms of security and networking vendors acquiring or partnering to offer both worlds to the customer. Not that this alone validates them as a SASE vendor however. As noted in the previous blog, SASE was created as a genuinely disruptive technology redirection; in that it fundamentally changes the basic landscape of IT – the architecture and infrastructure thereof. Until this point, the focus has been largely on core and edge, especially with regards to security solutions, but being cloud-centric fundamentally changes this positioning.

And it’s important to understand just how rapidly the SASE market is expanding; Gartner’s own 2020 hype cycle for SAAS report highlights this growth and how you now have a widespread number of entrants, from global cloud giants such as zScaler, to open source alternatives such as Open Systems and kind of day one SASE specialists (with special foresight!), such as Cato Networks, who I’ve refenced before on these pages. So where do you start in terms of identifying the right SASE solution and vendor? Well, as ever, there is no “one size fits all” solution as every company has different requirements and a different starting point in transformation journey. There are a few guidelines worth noting, however, that should short-cut some of the decision-making and potential evaluation process cycle, such as:

  • Does the SASE provider have a credible, global, scalable, and converged, cloud service that is proven to serve significant enterprise networks traffic loads?
  • What visibility does the SASE service have? Can it see Internet, WAN, mobile, and cloud traffic from any source to any destination?
  • What capabilities can be applied to that traffic? Is it just security, or does it expand to optimising and accelerating traffic from any source to any destination?
  • How is it all managed? Is there truly a single view for all networking, security, remote access, and cloud integration capabilities, or does it require multiple monitoring points?

As I noted previously, for many vendors, the new “in the middle” positioning for SASE deployment is very new – and uncomfortable ground. Often it is defined as the area of compromise, but in this instance it is the complete opposite. If SASE is defining how that middle-centric infrastructure is the way to go, then simply make sure that any strategy is based around the right tools – i.e. vendors – in the first place and that’s in the middle.

All of the aforementioned vendors in this blog have useful background info on their sites, so I recommend you take a look for a knowledge boost! For example:




Data Center
Data Management