If you are an analyst, jargon and buzzwords can get you in some trouble. For example, when I decided to jump on the SASE (Secure Access Services Edge) train in 2020, a few people grumbled behind the scenes. Is Raynovich selling out to the Gartner propaganda? Let me explain why that matters and also why we jumped on the SASE train—and why we think it has legs.
First: The marketing debate. We live in an industry awash with marketing buzzwords, which ebb and subside like the tides in Nova Scotia. SASE, which describes the convergence of security technologies at the "enterprise edge"—which I would define as where enterprises connect to the cloud using a network—was a sensitive topic out of the gate because it was put forth in 2019 by industry research giant Gartner, which often influences the marketing direction of entire technology sectors. I don't need to tell you there are many people that either love or hate Gartner.
RELATED: Cochran—Who needs to SASE!
I'm pragmatic. In the end, should I care if Gartner started it or if people will continue to talk and use the technology aspect? Just because Gartner invented a term or concept, doesn't mean it should be dismissed out of hand. Some leadership teams, including CEOs, CMOs, and Chief Information Security Officers (known in the industry as "CXOs") will buy into the Gartner trend because they think it will be useful to their marketing and product efforts, while others will dismiss the trend because they think it's just marketing nonsense.
What really matters in the end is whether the buzzwords describe technology trends based in reality. Whatever you want to call it, SASE and the Secure Edge most certainly have a basis in technical reality. Let me be one of the few analysts outside of Gartner to give them credit for discovering this trend and helping to define it.
SASE and integration
CXOs, and especially Chief Information Security Officers (CISOs), are overwhelmed with security tools and alert overload. They are having trouble choosing how to invest in their underlying security and networking technology, let alone staff it and maintain it in an effective way so the don't get compromised.
We are reading about high-profile security breaches, including a high-profile attack on many of the largest agencies of the U.S. federal government. Security technologies can be embedded at several layers —hardware endpoint, networking, or application—but the network is a fundamental starting point and crucial to security. It's where all the application data flows. With the recent failures, it is clear that many of these cybersecurity platforms are not working very well as an integrated whole.
The answer really only lies in two things; automation and integration. There are too many security tools that produce too much data and alerts, which can't possibly be processed by humans and need to be serviced by artificial intelligence (AI) and automation. And as a whole, managers want fewer tools, so they need to be integrated.
Security does need to be better integrated into the network fabric, and that is where SASE comes it. SASE is not so much about new technology as it is about using strategic and rigorous integration of existing technologies, as Futuriom detailed in our first Secure Edge and SASE Report.
Integrating the network security stack
Networks are fundamental to connecting to applications. Although they are only one part of the security vector (as opposed to applications or endpoints), they are a good place to focus on integrated security—and the network edge is going to provide fertile ground for this security trend.
The key cybersecurity technologies that fall under the SASE umbrella include Secure Web Gateways (SWGs), Cloud Access Security Brokers (CASBs), Cloud based firewalls (FWaaS), and Zero Trust Network Access (ZTNA), also known as Software Defined Perimeter (SDP) services.
Futuriom believes that the SASE trend will drive these technologies to merge under a common policy management and security umbrella to support secure connectivity. A key element of the Secure Edge and SASE will be to deliver these functions using a combination of network cloud-based services. This is what end users want and they will eventually get it.
This will drive consolidation and M&A in the cybersecurity networking marketplace. Bundling and integrating security functionality benefits both the end users and the industry. The analogy I would use is, do you still hunt around for a best-of-breed office application or does your company just use Office365? The latter is more popular.
I believe that the companies that follow the SASE model of pursuing integration will thrive, while those who think that best-of-breed standalone network security apps risk being left as islands. Some networking giants such as Cisco have been aware of this trend and have been pursuing it for years, for only modest gains. That's because Cisco has been focused on linking security to its own hardware and software platforms—rather than focusing on driving it through the cloud.
The most important component of this integration will involve taking discrete functions, such as SWG, CASB, FWaaS, and ZTNA, integrating them natively into the networking infrastructure, and then implementing them as a cloud-based service.
Recently a new crop of cloud security players such as Cloudflare and Zscaler have popped up, delivering some of these functions with great success from the cloud. Imagine if all of these functions can be delivered as an integrated package from the cloud?
The cloud part of the picture is important, which is why SASE has developed as an outgrowth of software-defined wide-area networking (SD-WAN) products and services. SD-WAN simplified the management of enterprise WANs by implementing network services from the cloud, and SASE will do the same by delivering value-added security service from the cloud and integrating them with the network.
Now, that's the big picture. If you ask me to the drill down to the details, it gets very complicated, as the number of security providers operating in these areas reaches into the hundreds of thousands.
As mentioned, for a start, however, I would take a look at the trend of offering cloud-based SWG, FWaaS and CASB solutions from the likes of Akamai, Cloudflare, Zscaler and others. But SD-WAN and traditional security vendors are pivoting in this direction to add increased cloud security functionality through either partnership or acquisition.
Some of the vendors in this area to watch include Aryaka Networks, Bitglass, Cato Networks, Check Point Software, Cisco, Citrix, Forcepoint, Fortinet, HPE, Palo Alto Networks, NetFoundry, Netskope, Versa Networks, and VMware. Yes, I probably left many out. There are dozens and dozens. (Sorry, I will get you next time).
The positioning, partnerships and M&A between all of these suppliers is likely to continue at a frantic pace in 2021 as we drive toward better integrated security platforms.
It's not time to get off the SASE train–it's time to get on it and talk about how it will deliver end users much-needed integrated security to find the perpetual attacks from the bad guys.
R. Scott Raynovich is the founder and chief analyst of Futuriom. For two decades, he has been covering a wide range of technology as an editor, analyst, and publisher. Most recently, he was VP of research at SDxCentral.com, which acquired his previous technology website, Rayno Report, in 2015. Prior to that, he was the editor in chief of Light Reading, where he worked for nine years. Raynovich has also served as investment editor at Red Herring, where he started the New York bureau and helped build the original Redherring.com website. He has won several industry awards, including an Editor & Publisher award for Best Business Blog, and his analysis has been featured by prominent media outlets including NPR, CNBC, The Wall Street Journal, and the San Jose Mercury News. He can be reached at [email protected]; follow him @rayno.
Industry Voices are opinion columns written by outside contributors—often industry experts or analysts—who are invited to the conversation by FierceTelecom staff. They do not represent the opinions of FierceTelecom.