Alex - stock.adobe.com
If you've followed the Secure Access Service Edge market from the beginning, you've probably experienced whiplash over the last four years.
At first, pundits were all in on network and security convergence and a fully converged SASE approach. After a time, the reality of this undertaking set in, and the creators of SASE gave us security service edge (SSE), splitting the security side of SASE out from software-defined WAN. As I've said on many occasions, this made my job easier, since I'd been describing this type of approach from the beginning. But I digress. Finally, over the last year, we've been introduced to single-vendor SASE, seemingly coming full circle in just four years.
For many enterprise organizations, the idea of single-vendor or two-vendor SASE is difficult to comprehend. These companies might have as many as a dozen different network and security tools, and the idea of consolidating them down to one or even two seems impossible. In the midmarket space, however, it's a more realistic scenario.
Recent research from TechTarget's Enterprise Strategy Group -- "2023 SASE Series: SSE Leads the Way Toward SASE," published in August 2023 -- seems to bear this out. Among those surveyed, only 11% of enterprises with 1,000 or more employees believed their organizations would use one or two vendors for SASE when the project was fully implemented, compared to 32% of small and midsize organizations with between 100 and 999 employees.
Companies are interested in single-vendor SASE, but…
The disconnect on single-vendor SASE is that organizations are incredibly interested in the benefits the approach would provide. As key reasons for their interest in SASE and SSE, research respondents cited better integration of controls for more efficient management and better protection; better integration with data security tools for risk reduction; and consolidating vendors for cost savings and ease of procurement.
So, why the expectation of a multivendor approach? In short, many feel stuck. Recent deployments, the cost of changing vendors and the belief that multiple vendors are needed to get the functionality they need are all reasons security professionals cited for multivendor SASE. As a market, I think this foreshadows an upcoming shift over the next two years, where larger organizations will begin the process of convergence in earnest.
For this to happen, though, security teams should begin assessing the tools they expect will form the foundation of their organization's SASE strategy and the vendors they see as strategic partners for this journey now. We're already seeing SASE and SSE swap outs, but it will only become more difficult to do so over time. Security leaders should start the process of gaming out a single-vendor SASE approach now, even if it seems difficult to imagine.
Enterprise Strategy Group is a division of TechTarget. Its analysts have business relationships with technology vendors.