Secure Access Service Edge continues to garner significant attention. However, the reality of most enterprise implementations does not always align with its technical definition.
SASE is the convergence of networking and security functionality in a unified, cloud-delivered platform, typically from a single vendor. Most enterprises have made significant investments across a variety of tools and vendors, however, many of which are deployed on premises.
Does this mean these organizations must immediately shift to the cloud and align with a single vendor to get started with SASE? Of course not. But it does shape the expectations practitioners have in regard to the initiative.
Specifically, Enterprise Strategy Group (ESG) found the following in its SASE Trends report:
- Almost half (48%) of organizations will focus on the security aspect of SASE first -- for example, beginning to shift security controls to the cloud, converging multiple controls or adding new security capabilities.
- Nearly a third (31%) will prioritize the network side of SASE to start, such as implementing or expanding the use of SD-WAN, WAN optimization, digital experience management or other capabilities.
And when it comes to using SASE vendors, the report revealed the following results:
- 14% of organizations expect to use a single vendor for SASE when their project is complete;
- 24% anticipate using two vendors; and
- 57% expect to use three or more vendors.
Lastly, 27% of respondents said hybrid options are a critical attribute of a SASE platform in order to connect on-premises and cloud products to help transition to fully cloud-delivered SASE over time.
These views may shift as vendors prove their ability to deliver a wide range of effective services and users become more comfortable with SASE. Still, the data shows the mindset with which network and security professionals are going into projects today.
How to get started with SASE
With that in mind, use the following steps to plan for SASE adoption and develop a realistic project roadmap.
1. Prioritize the business problems to be addressed
Is there a focus on improving support for remote and hybrid work? Augmenting a zero-trust initiative? Modernizing secure application access? Optimizing global connectivity and simplifying office provisioning? By understanding the most pressing needs of the organization, IT teams can decide whether a security, network or fully converged path makes the most sense. Then, they can begin to build out the technical requirements of their SASE project.
2. Identify other initiatives on the horizon
SASE does not operate in a silo. It is increasingly connected with zero trust to operationalize the strategy. Securing IoT deployments is also becoming more closely associated with SASE. Understanding what types of broader security or IT projects are ongoing or under consideration can inform SASE planning and ensure technical requirements are not short-sighted.
This exercise requires cross-functional collaboration, which is also critical for SASE success. Engage with stakeholders across other parts of the IT organization and lines of business to improve overall alignment and help the strategy.
3. Assess currently deployed tools and diagnose the most critical gaps
Many parts of SASE are redundant with tools enterprises already have in place. Secure web gateways (SWG) and cloud access security brokers are established technologies and broadly adopted. The complexity of migrating existing policies to a new cloud-delivered tool may lead organizations to conclude that a SASE project should initially focus on adding missing capabilities. This may include zero-trust network access (ZTNA), which is a common starting point for SASE projects, or remote browser isolation to prevent unknown threats and protect high-risk users.
4. Select key attributes critical to short- and long-term success
Attributes that support the initial SASE use cases are most critical. It is also important to keep a longer-term view. For SWG, hybrid options may be important for on-premises and cloud-delivered deployments initially, but the initiative will expand over time and shift more heavily toward the cloud. Similarly, an organization's ZTNA needs may require an agent-based approach to start but expect an agentless plan for third-party use cases over time. Overall, the focus should be on flexibility.
5. Evaluate vendors
After completing the previous steps, vendor evaluations can begin. Look for vendors that can help now and in the future. Few, if any, vendors currently offer a comprehensive SASE platform. Focus on vendors that act as a trusted advisor and help you understand how they approach SASE, as well as what they do and don't provide. This makes the process easier and leads to a better relationship and results.
Overall, implementing a SASE architecture can help increase operational efficiency, create a more consistent UX and improve security. But it does require planning. These steps should be viewed as a starting point and can help any organization begin to develop a roadmap to tackle SASE.
ESG is a division of TechTarget.