Considering a Managed SASE? Be Sure to Look Under the Hood

Enterprise interest in SASE is exploding. The benefits of bringing together networking and security services into a single solution delivered from the cloud are too appealing to pass up. However, not all SASE is created equal. In this article, Palo Alto Networks’ Kumar Ramachandran shares what to look for when evaluating managed SASE solutions.

Kumar Ramachandran

February 21, 2022

5 Min Read
Considering a Managed SASE? Be Sure to Look Under the Hood
(Source: Pixabay)

The Promise of SASE

In 2019, Gartner coined the term Secure Access Service Edge (SASE) to describe the convergence of network with network security services, delivered from the cloud. More recently, the analyst firm has predicted that at least 60% of enterprises will have explicit strategies and timelines for SASE adoption, up from 10% in 2020. Since then, the enterprise need for network transformation has increased rapidly because of three key shifts in the market:

  • A hybrid workforce has become the new normal and a requirement for many organizations, and the traditional hub and spoke architectures with disparate network and security stacks don’t scale for those new norms.

  • Cloud and Digital initiatives drive organizations to invest more in SaaS and other public cloud services.

  • Branch Transformation, driven by new hybrid work and digital transformation initiatives. Organizations are fundamentally changing the branch, leveraging them as collaboration hubs rather than primary places of work. This trend is fueling the demand for WAN transformation from legacy MPLS to SD-WAN and SASE.

A primary value of SASE is derived from the fact that it brings together numerous networking and security services into a single solution that is delivered from the cloud. Rather than managing security and networking policies across many disjointed consoles, a SASE solution would ideally be managed from a single console, with shared elements like threat intelligence, reporting, and high value AI-enabled services.

The SASE Reality: Multi-Vendor Solutions Fall Short

The reality of the SASE vendor landscape today is that most solutions are disjointed or incomplete, requiring customers to make unacceptable trade-offs with security effectiveness or network functionality when moving to a cloud-delivered SASE model. Gaps in security with inconsistent capabilities and policies depending on a user’s physical location increase data breach risk. Additionally, backhauling traffic to a data center for security policy enforcement creates latency and a bad user experience. As a result, the legacy challenges of stitching together a multi-vendor environment remain, and troubleshooting is a nightmare.

Employing SASE by combining multi-vendor solutions puts the benefits of SASE at risk. The enterprise stands to lose those benefits if they choose a disjointed solution, even if the enterprise relies on a partner to stitch it together and manage it. As demand for SASE increases, vendors continue to bake their SASE solutions. Some have done it, but most have missed the mark. 

The Single Vendor Approach to SASE

An effective SASE solution must converge SD-WAN and security into a single, integrated offering that is delivered from the cloud. It must deliver consistent protection with a high-performance experience for all users without compromising security effectiveness or network functionality.

Palo Alto Networks Prisma SASE converges best-of-breed SD-WAN and security into a single offering purpose-built for agile, cloud-enabled organizations. Proven cloud-delivered security services secure all apps used by your hybrid workforce, regardless of whether users are remote, mobile, or working from a branch office. Additionally, Prisma SASE delivers the industry’s only SASE-native Autonomous Digital Experience Management (ADEM), which helps ensure an exceptional experience for all end-users. This means that enterprises will see a more productive workforce, as security and location limitations are no longer a concern.

Why You Might Consider a Manage Service Provider (MSP) with the right SASE solution

Digital transformation has taken the enterprise world by storm. While some companies fully embrace SASE and proactively embark on their journey with a “do it yourself” model, others are reluctant to begin because they believe it is difficult, costly, and disruptive. One option for these organizations is to use an MSP. Engaging an MSP in the journey to SASE can offer benefits in planning, implementing, and operating these solutions.

Leveraging a service provider for a managed SASE solution offers many benefits:

  • Cost reduction, as new solutions often require costly/time-consuming training. A managed service eliminates the time and money spent on training staff.

  • Knowledge and experience. MSPs reduce the need for skilled security professionals, help organizations secure customer data while abiding by government policies and ensure business continuity with minimal downtime.

  • Rapid deployment and problem resolution. MSPs have extensive experience and ample knowledge of potential network and security issues, making them adaptable and flexible. As a result, deployments are fast and more cost-effective.

  • Custom, integrated SASE solution. MSPs can customize the SASE offering to the specific needs of an enterprise and define the required policies that best fit.

When selecting an MSP, organizations should look for partners with a comprehensive SASE solution that enables consistent cloud-delivered security and provides the best user experience. Customers evaluating MSPs should investigate if they will have access to their platform and analytics via a unified dashboard or disparate systems. Performance and visibility can be a differentiator for MSPs that work with an integrated platform from a single vendor vs. solutions that cobble together offerings from multiple vendors. Finally, it is critical that the selection of networking and security services themselves meet an organization’s short and long-term business objectives. One benefit of a single-vendor, cloud-delivered SASE solution is the flexibility of network and security services based on changing business needs.

Key Takeaways

SASE can help organizations modernize their network and security to achieve a new level of cost-efficiency, business agility, and growth. Organizations may enjoy additional benefits such as cost reduction and product expertise by leveraging an MSP to manage their SASE solution. While many MSPs promise SASE, organizations should be mindful of MSPs offering disjointed SASE solutions. When selecting an MSP, organizations must ensure they offer the right deployment and operational services, with the right integrated SASE solution, guaranteeing the best results.

Kumar Ramachandran is Senior Vice President of Products at Palo Alto Networks.

About the Author(s)

Kumar Ramachandran

Kumar Ramachandran serves as Senior Vice President of Products for Secure Access Service Edge (SASE) products at Palo Alto Networks. Kumar co-founded CloudGenix in March 2013 and was its CEO, establishing the SD-WAN category. Prior to founding CloudGenix, Kumar held leadership roles in Product Management and Marketing for the multi-billion dollar branch routing and WAN optimization businesses at Cisco. Prior to Cisco, he managed applications and infrastructure for companies such as Citibank and Providian Financial. Kumar holds an MBA from UC Berkeley Haas School of Business and a Master's in Computer Science from the University of Bombay.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights