1

SASE Introduction

Recently coined by Gartner, Secure Access Service Edge (SASE) has been dominating Information Technology projects for both cost savings and needed pervasive security. This book provides a comprehensive foundational level understanding of what SASE is, how to leverage SASE for success, how to learn through each evolution, where to find more information, and what the future of integrated secure access solutions looks like.

We will begin this by introducing the concept of SASE for those who are still trying to clarify what SASE is or what it is not. In this chapter, we will cover how the market is defining SASE, what the actual market is for SASE, why we need to embrace SASE, and how to present SASE to your organization in a comprehensive manner.

In this chapter, we're going to cover the following main topics:

• Define SASE-what SASE is and what SASE is not
• Market SASE-a market evaluation of SASE
• Value SASE-value proposition, SASE services
• Embrace SASE-embracing the idea of a SASE framework
• Present SASE-presenting the idea of SASE and clearing the hype cycle

Define SASE

SASE is pronounced sassy. Andrew Lerner at Gartner coined the phrase in a blog post on December 23, 2019. That post can be found at https://blogs.gartner.com/andrew-lerner/2019/12/23/say-hello-sase-secure-access-service-edge/. He explains that Software-Defined Wide Area Network (SD-WAN) needed a security package. SD-WAN effectively replaces router-based WAN solutions in a next-generation software based package.

The SD-WAN solution varies from vendor to vendor but incorporates secure data forwarding with policies that leverage application specifications to guarantee the best handling of traffic for each application. This improves the User Experience (UX) as well as the network's resilience.

We now refer to SASE as a framework. SASE leverages multiple security services into a framework approach. Not all services offered as SASE solutions are required to be compliant, but adherence to a comprehensive security framework approach is expected. Currently, there is no SASE certification; instead, most of the SASE hype comes from intense competition through effective marketing.

The idea of SASE was not far from what security consultants were already doing by integrating multiple security solutions into a stack that ensured a comprehensive, layered, secure access solution. This approach is something I was already doing for my customers in ensuring Next-Generation Firewall (NGFW), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), and other necessary security solutions were a part of every SD-WAN installation. By calling it a SASE framework, the approach to a comprehensive solution somehow felt more focused than what the industry recognized as just a best security practice.

Commonly, SASE services include SD-WAN, Zero-Trust Network Access (ZTNA), Cloud Access Security Broker (CASB), NGFW, Secure Web Gateway (SWG), unified management, and orchestration. Just what constitutes a real SASE solution varies greatly by source. Several organizations, such as the Metro Ethernet Forum (MEF), are trying to establish neutral industry standards for SASE. These standards will pave the way for a universal understanding, the ability to integrate multiple manufacturers into a solution, and a method for teaching SASE.

Most network communications and security vendors have been working to create a full SASE framework under their brand. Their marketing presents the idea that a full SASE solution from a single vendor is the way to ensure security. Current customer feedback from the Fortune 500 class of NCE link" businesses is that two to three Original Equipment Manufacturer (OEM) vendors will need to be integrated to allow for best-of-breed solutions. This provides an opportunity for a Managed Service Provider (MSP) to give orchestration across multiple platforms to achieve optimal security.

To summarize, SASE is a new, next-generation secure communications services framework that combines many different services to close previous gaps in security. In the next section, we will define the market as it pertains to SASE services and solutions.

Market SASE

In the market today, a few different manufacturers offer self-proclaimed SASE products. The potential list of services across their portfolios that may be a part of a complete SASE service could be in the dozens, depending on their market approach. Calling a service SASE does not make it so, and as there is no SASE certification for solutions at the time of writing this book, no vendor or MSP is exclusively accurate in their marketing of what is or is not SASE. The standards for SASE have not been published at this time.

Gartner started a fire with that simple blog post in 2019. Overnight, every SD-WAN solution in the market offered a path to SASE. The SASE idea itself multiplied the SD-WAN market's potential revenue of over $11 billion United States Dollars (USD) by 2028. The global secure access service edge (SASE) market size is expected to reach $11.29 billion USD by 2028, registering a CAGR of 36.4%, a ResearchAndMarkets report reveals. The source of this quotation can be found at the following link: https://www.helpnetsecurity.com/2021/08/17/sase-market-2028/.

The reality is that an $11 billion-dollar market is only the core SASE product offering for the market. Hardware, software licensing, hosting, maintenance, and support make up the core products, whereas managed services and professional services can multiply the market impact by up to 25 times the core product revenue.

Market Challenge

The market challenge for realizing revenue potential will be primarily impacted negatively by a lack of skilled labor for design, build, and deploy services. This skills gap and the operational expenses preference of most Chief Information Officer/Chief Financial Officer (CIO/CFO) strategies will drive more than 70% of the market to contract SASE as a managed services offering. In the market, there is a trend of up to 78% of SD-WAN contracts leveraging managed services as opposed to utilizing in-house engineering teams. The primary reason for this change is not tied to SASE as CIO and CFO focus has been to rely on technical services as Operating Expense (OPEX) as opposed to Capital Expense (CAPEX). OPEX has been the goal for what is considered by an organization as non-business value cost. Generally, the CIO direction of the largest organizations is to convert operational support staff costs in order to leverage the cost savings on Software Development combined with IT Operations (DevOps) staff costs, which can offer a business Return On Investment (ROI). Support teams are a cost center, whereas the DevOps team can provide the potential to be a profit center to the company.

The complexity of SASE services is driving the need for technology engineering careers to move to a continual learning path. The time has passed where an engineer could rest on traditional education or certification paths. Traditional academic education can provide perspective, historical knowledge, foundational knowledge, and soft skills required for functioning in an organizational environment, whereas industry and manufacturing certifications provide core technical knowledge for functional understanding in a vertical role within an organization. Both educational methods are beneficial for building a foundational understanding of a skill set and both are effective filters when recruiting for a specific role. Unfortunately, neither can move at a market pace, which is today at an average of three DevOps or Software Development combined with Security and IT Operations (DevSecOps) sprint cycles from being out of date and ineffective.

Software development follows a continual improvement path, and so must its practitioners. The goal of the DevOps mentality is to leverage iterative development in a modular fashion as opposed to legacy, ground-up development and Go-To-Market (GTM) practices. DevOps practitioners continually develop, improve, and release. Scrum sprint cycles vary by organization, but an average of 2 weeks can be used as a model to understand the phases of development. New network and security software releases are no...