Secure Access Service Edge (SASE), one of IT security's newest and increasingly common tech terms, encompasses a market poised to grow by more than a factor of five between 2020 and 2025 as organizations seek to support and secure cloud computing, market analysts report.
SASE, a name coined by Gartner, describes a technology trend in which networking and security functionalities come together in a single product to protect organizations from SaaS- and Web-based threats. For companies still using VPNs and remote access tools to give employees secure access to the cloud, SASE wants to serve as their core network and security infrastructure.
From a networking perspective, SASE delivers functionality seen in most software-defined wide area networking (SD-WAN) platforms: WAN link management, network-layer visibility and path monitoring, multipath application steering and failover, and quality of service. On the security side, capabilities include next-gen firewall functionality, secure Web gateway, cloud access security broker (CASB) for SaaS access management, and access control (zero trust or VPN).
It's worth noting SASE doesn't introduce any new technologies. It simply takes existing security and networking tools, brings them together, and packages them as a cloud-delivered offering.
This concept is appealing to organizations and certainly relevant during a time when many employees access corporate applications and data from home. It scales beyond the capabilities of VPNs, which often have problems with availability and performance when used at scale.
"The idea is that data and users can be located essentially anywhere, and this is making the way that we deliver and secure data different than the old models," says Chris DePuy, founder and analyst with 650 Group, explaining the heightened demand for technology products like SASE.
"We've now put consumers' computers or, at the very least, consumers' networks in the path of where corporate data is going," DePuy adds. "This has really changed reality for companies."
The SASE market is relatively new, and there's "tremendous opportunity" for new vendors to break in, he says. Right now the biggest players include Cisco, Cloudflare, Fortinet, HPE Aruba, Palo Alto Networks, Versa, and Zscaler. 650 Group ranks vendors based on their SD-WAN and firewall-as-a-service (FWaaS) capabilities, which it considers the primary components of SASE.
Each of these companies has undergone growth in the market due to revenue generated by one or both of these technologies, 650 Group analysts report. ZScaler, which reportedly gets most of its revenue from FWaaS, has been growing rapidly. Cisco has notable SD-WAN revenue but comparatively little FWaaS revenue. Versa Networks has significantly expanded its product lineup.
Some companies' growth is fueled by acquisitions of other players in the space. HPE recently acquired SD-WAN provider Silver Peak. Juniper Networks, which has "relatively small" SD-WAN revenue, analysts say, is expected to grow in the market due to its acquisition of Mist Systems.
"It's kind of hard to find a big player in SD-WAN and firewall-as-a-service simultaneously," DePuy says.
While there are some companies that have security and networking in their portfolios, it's less common to see organizations with equal strength in both. Analysts expect businesses will play from their strengths: Those with a strong presence in SD-WAN will seek to upgrade users to FWaaS; those strong in FWaaS will seek to boost SD-WAN functionality.
Organizations adding to their portfolios in this way, and further developing their SASE offerings, will likely appeal to existing customers curious about the technology, he continues. If your business is already buying from an SD-WAN vendor and that vendor partners with a FWaaS company or develops the tech themselves, it's easier and more cost-effective to stick with them.
This trend would address a key challenge businesses face in adopting SASE: It's difficult to go to a single vendor and get a full SASE system that works in conjunction with your existing security and networking systems, DePuy says. Over the next few years, the security and networking industries will need to address the common hurdle of SASE implementation. At the same time, he believes more organizations will continue to enter the SASE market.
"As time marches forward, more and more companies will be able to deliver all the features that make up SASE," says DePuy, adding that not all SD-WAN players, or FWaaS players, currently have a broad enough portfolio to be included in the definition of SASE. Those who are competitive in either of these spaces are "particularly well-positioned" to see further growth.
650 Group analysts anticipate the security and networking industries will continue to merge over the next couple of years, and the growth of SASE is one component in the broader trend.