SASE essentially brings together wide-area networks and network-focused security services via a cloud-based architecture model. SASE is an enticing proposition – it complements existing SD-WAN structures, eliminates the need for traditional VPNs and consolidates several network security technologies. The flexibility associated with cloud-based architecture and confluence of various capabilities enables SASE providers to pitch it as reducing complexity at a reduced cost to reduce the attack surface.
The issue for potential buyers is deciphering whether SASE is a valuable cloud network security service or a hyped sales campaign. Suppliers have suggested that SASE can offer 30% savings in set-up costs, 10% reduction in annual operating costs and a 50% increase in productivity. These numbers are appealing, but buyers must be aware that SASE implementation still requires significant investment, a shift in organisational approach to network security and a different set of resources to deliver SASE successfully.
As part of selecting an appropriate resourcing model for SASE, organisations need to understand the skills overhead involved in its deployment. They have the option to purchase SASE “as a service”, which provides access to expert knowledge and established good practice. However, while this facilitates quick deployment, third-party providers often lack familiarity with the organisation’s operating environment and culture.
An alternative is to upskill internally, but limited prior exposure to SASE deployments may mean that unforeseen difficulties arise during implementation. Some organisations therefore prefer a hybrid approach, which allows them to leverage external expertise, while developing internal skills with a view to moving to an internal model in the longer term.