SASE adoption is being driven by network performance and security (Image Credit: AI generated by Ian Murphy using Microsoft Designer)The adoption of Secure Access Service Edge (SASE) is being driven by network performance and security, according to a new report from Xalient. The report is titled “Why SASE is the Blueprint for Future-Proofing Your Network in 2025 and Beyond” (registration required). It draws on research conducted by Opinion Matters who talked to 700 people in the UK, US and Benelux at companies with more than 2,000 employees.

SASE adoption has begun to pick up. Recent Gartner research shows that 39% of its customers have adopted SASE. By 2025, that number is projected to reach 60%. But as adoption grows, so do questions about how best to implement it. Should you go single vendor or multi-vendor? What delivers the best security? What is easiest to manage?

To get a better understanding of the report, Enterprise Times talked with Stephen Amstutz, Director of Innovation at Xalient.

Single vendor or multi-vendor SASE?

The changing face of enterprise computing has created a problem for our traditional security models. Those models assumed that most workers were office-based and the threat came from outside. Today, that has changed. For the past four years, there has been an explosion of employees working from home. Additionally, there is an acceptance that once an attacker is inside the network, it is too easy for them to move laterally.

Organisations have adopted a range of new tools to deal with new threats. The challenge for many of them has been how to integrate those tools. Some have opted for the large security platform vendor solutions. Others have gone for best-of-breed solutions and used APIs to integrate them.

However, according to the report, 90% of respondents say new cybersecurity threats take advantage of gaps in their networking. It shows a disconnect between the tools organisations use and how they are integrated. It raises the question of whether SASE will solve that integration challenge.

Stephen Amstutz, Director of Innovation, Xalient (Image Credit: Xalient)
Stephen Amstutz, Director of Innovation, Xalient

Amstutz replied, “The report reflected the reality that’s out there, especially around the Do we go single vendor? Do we go multi-vendor? It was very unclear in the response and there was no right answer. A lot of that comes from the single vendor. Solutions have been put together through acquisitions, and that magical integration isn’t as magical as people would have hoped.”

That integration issue is exposed in the response to another question. 25% claimed a single vendor has more tightly integrated components. Yet, 27% said a multi-vendor solution means more vendor integrations and a wider spread of capabilities, giving enhanced security. The question is, therefore, what do companies want, more integrations or tighter integrations?

The blame game, policies and controls

Unsurprisingly, this report continued to show that the blame game is strong irrespective of how you do SASE. The report showed that 44% blamed attacks in the last 12 months on remote or hybrid workers. Additionally, 39% blamed it on a roaming worker while 40% blamed a branch or subsidiary office.

While Amstutz says one solution is greater education, it alone cannot solve all the problems. Better technical controls, policies, and processes must also be in place.

Policies need to adapt to the business

One major cause of risk, irrespective of worker location or office, is the ability to implement and enforce coherent policies. In the report, 45% of respondents faced policy enforcement challenges. What wasn’t clear was how many of those attacks resulted from that failed policy enforcement.

Amstutz commented, “In the past, policies were usually static and would allow a network to connect to a network. Now they’re a lot more dynamic. Where is that user? What should they be able to access from home? What should they be able to access from the office? Do we need extra controls if they’re accessing something confidential from home?

“Having the policy dynamically adapt to have appropriate security for that user’s posture requires more work. It requires more thought to design that, and that’s what the biggest challenge is.”

Policy was also an issue when choosing single or multi-vendor solutions. Those with a single-vendor SASE solution said it was harder to enforce policies (47%) and deliver consistent performance. By comparison, only 42% of those with a multi-vendor solution had the same problem.

One solution to making policies more adaptive might be to look at the lesson from software development. Over the last decade, low-code and no-code solutions have increased the amount of software used. To keep policies in line with new code, it has started to extract processes and policies from software rather than set them before writing the software.

Amstutz agrees that security is about a decade behind software development in this area. However, he also believes that DevSecOps and NetSecOps will help close that gap and says it is a matter of maturity.

Controls continue to be a major problem

Effective policies are just one part of the solution. Organisations also need the right controls in place to enforce those policies. 25% of those with a multi-vendor solution felt it gave them better security controls. However, 28% said better controls don’t always represent the best value.

Single-vendor solutions also have problems with control. 26% said that it’s hard to get the security controls they need in the right way. An identical number said that controls in a single-vendor solution are not as effective as in a multi-vendor solution.

What is not given is why. It seems counter-intuitive that a single-vendor solution is harder to set and enforce controls than a multi-vendor solution. Controls are often dependent on the tightness of the integration, and respondents said that a single vendor results in tighter integration.

A need for better identity systems

Identity is a major problem for organisations. An increasing number of breaches come from stolen or compromised credentials. Adding to that problem is that users continue to have privileged access to data and systems that are not relevant to their role. This is a problem that has been around for decades and something that multiple technologies have failed to resolve.

Further compounding the identity problem is the rise in non-human identities. Over 95% of all identities in a large enterprise are machine or software accounts. Many of these have default or non-changing passwords. They use passwords because there is little to no alternative way to identify them.

Amstutz pointed out that one of the technologies in SASE is Zero Trust Network Access (ZTNA). He commented, “I don’t agree it should be called Network Access because you’re not accessing a network; you’re accessing a resource. But, if you take that component of SASE, it is the identity system that determines if you can access the resource.”

The challenge for many organisations is, therefore, how do you improve that identity? Amstutz says this it is all about the identity solutions you use. To that end, Xalient acquired two identity specialists last year.

Amstutz said, “We think that the identity-aware approach, or the identity-centric approach to the merging of networking and security, is really, really important. We focus a lot of time, especially in our advisory engagements, around that.”

However, this raises another challenge. Those identity solutions are not part of most SASE solutions. It means that organisations will have to integrate third-party systems with SASE to improve identity. Importantly, the report does make it clear that any SASE deployment requires an Identity and Access Management (IAM) solution as a foundation.

What is important when choosing a SASE solution?

The report has two sections at the end that look at getting the right SASE solutions and Xalient’s recommendations. Irrespective of single or multi-vendor it lists six things SASE brings. They are:

  1. Scalability and flexibility
  2. Enhanced security
  3. Hybrid dispersed workforce
  4. Cost consolidation and optimization
  5. Future-proofing
  6. Performance matters to stay competitive

It also recommends that organisations take a careful project approach to deploying SASE. It should not just be a technology that is acquired in a hurry and dropped in to solve a perceived problem. There are five separate recommendations for getting started with SASE:

  • Scope your project
  • Make the right design decisions
  • Test and validate
  • Implement SASE across your organisation
  • Power continuous improvement and perform lifecycle management

Enterprise Times: What does this mean?

Organisations are spending vast sums of money on cybersecurity. Yet, the number of security breaches continues to climb year-on-year. It means that something needs to change. SASE is the latest approach that the security industry sees as a way to make organisations more secure. The belief is that rather than the reactive approach of the past, SASE will adapt and provide a more robust approach to security.

But as with all change, how you get there and what decisions you make will have an impact on what you achieve. That is why Xalient commissioned this report. Those who responded have already started their SASE journey, so they have valuable lessons to share. If the report had done some qualitative research, more of those might have been exposed.

What the report does show is that there is no clear option as to single or multi-vendor SASE. Both have advantages and disadvantages and much will still come down to individual organisations and what they want. It will also depend on how an organisation seeks to implement SASE. Do they do it themselves, or do they go through a partner? For multi-vendor solutions, a partner seems to be the preferred approach.

Whichever route companies take, this report will provide some numbers organisations need to look at before making any decisions.

LEAVE A REPLY

Please enter your comment!
Please enter your name here