MEF CTO Pascal Menezes recently sat down with Craig Connors, Vice President and General Manager for the SASE business at VMware and member of MEF’s Technology Advisory Board, to discuss the SASE (Secure Access Service Edge) market. Craig shares his perspective on what’s driving SASE, its benefits, and how best to eliminate confusion in the market.
Pascal Menezes: What are the market drivers for SASE services?
Craig Connors: It's an interesting question. SASE is a misunderstood term coined in August 2019, before the pandemic. Post-pandemic, SASE became synonymous with remote work, but the evolution of the SASE market was not just about remote work. It was about this proliferation of distributed devices, whether it's workers in and out of the office or Internet of Things (IoT) devices or connected cars, or all these different types of remote access devices, as well as the movement of applications from centralized locations, like the data center and cloud to the edge. So now we have devices moving from a central place to being spread all over. SASE is all about how to securely connect all of those users and devices with all those applications that are now running at the edge, in the cloud, in the data center, and at all of these different locations.
Pascal Menezes: There’s confusion in the market – can you help us define SASE and SSE?
Craig Connors: What’s interesting about SASE is that even though remote work isn't the original core use case, it’s a use case that rapidly accelerated the market. I was involved early on with SD-WAN and watched it take six or seven years to develop, whereas overnight, SASE caught fire because of this rapid shift to work from home. At the same time, I think this led to people co-opting the term SASE for things that it wasn't originally intended for.
More recently, the term Security Service Edge (SSE), which decouples the security capabilities of SASE from SD-WAN, was introduced, and it was a first attempt to designate what services are on the networking side and what services are on the security side. SSE and SD-WAN are really the two core pieces of the SASE puzzle. While the market is maturing rapidly, vendors are either security vendors coming to the networking side, or like in VMware's case, networking vendors branching into the security side. SSE gave users a clear delineation of the networking vendors and the security vendors and how they're coming together longer term.
Pascal Menezes: What’s the end game for SASE? What benefits do SASE services provide to the Enterprise?
Craig Connors: The ideal end state of SASE is the single pane of glass—a single vendor solution. The space is still maturing, and I think that's why you see this separation between the networking team with SD-WAN and the cybersecurity team with SSE, but ultimately SASE is the final destination. Before then, the opportunity exists for service providers to deliver fully managed SASE services to customers as if it's a single vendor solution—an easy button, if you will. Maybe it's several vendors under the hood, but from the customer's perspective, it's a single service provider offering this holistic solution. Service providers have a distinct advantage there.
Organizations are rethinking their approach to networking and security and starting to think about insourcing versus outsourcing. It might be the first time an enterprise is willing to consider having a service provider deliver that part of the portfolio.
Pascal Menezes: What's next for SASE, and how do we eliminate confusion in the market?
Craig Connors: There are a few things. First, the world is going cloud-native and shifting to a platform approach, where an application developer defines the requirements, and the platform is intelligent enough to deliver secure access from everywhere to that application without the application developers having to get involved.
Next, the leading use cases we see for digital transformation at the edge today are in healthcare, manufacturing, and retail, historically not very innovative verticals. These types of use cases are going to continue to emerge, whether it's connected cars, factories of the future, and fully immersive, interactive retail. Also, 75 percent of businesses worldwide are small to medium businesses that are not technical and don't have extensive tech support. However, they need secure connectivity to the cloud with guaranteed performance, which managed services can provide.
These are the dynamics and use cases driving the need for SASE and edge services. As these markets evolve as an efficient way to manage enterprise networking and security for cloud, new digital transformation workflows and legacy IT application support, standardized services, and policy definitions will be key. MEF’s upcoming standards for SASE (MEF 117) and Zero Trust (MEF 118) services, along with its existing SD-WAN standard (MEF 70.1), will become a blueprint for secure network standardization and full automation capabilities for enterprises to leverage for simplified services.
(Editor’s note: This article is part of our regular series of articles from the industry experts at MEF.)
Contributors to this article include:
Pascal Menezes is Chief Technology Officer at MEF
MEF CTO Pascal Menezes is focused on SD-WAN, SASE, cloud scale architectures, real-time media networks, Software Defined Networks (SDN), Network Function Virtualization (NFV), and Lifecycle Service Orchestration (LSO). He is a former Principal from Microsoft Skype for Business Global Carrier Group, where he spent close to 10 years working on many real-time media and network technologies. Pascal has worked on five startups with multiple successes, has received numerous industry global thought leadership awards, presented extensively in numerous events worldwide, and currently serves on the Capacity Media Editorial Board. Pascal holds 30+ patents and patents pending and has co-authored many standards in the IETF, MEF, and Broadband Forum (MPLS). See his collection of Network Computing articles here.
Craig Connors is Vice President and General Manager for the SASE Business at VMware
Craig Connors is currently VP and GM for the SASE Business at VMware. Prior to being named GM, Craig served as VP and CTO for VMware's Service Provider and Edge Business Unit. Previously, Craig served as the CTO for SD-WAN and SASE at VMware. Prior to being named CTO, Craig served as the Chief Architect for VMware SD-WAN, both before and after VMware's acquisition of VeloCloud. He came to VeloCloud from Cisco Systems, where he worked in the Corporate Development Technology Group's Advanced Development Team. Prior to Cisco, Craig spent time as a Principal Engineer and Software Development Manager for Talari Networks. His programming work prior to Talari Networks was centered in the online gaming space, which is what led him to networking. Craig is a veteran of the United States Army and holds a BS in Computer Science from North Carolina State University.