Indian telecommunications providers are reorganising their enterprise portfolios around secure access service edge (SASE). This is more than just a technical upgrade; it is a strategic shift to capture the growing demand for converged networking and security in a cloud-first environment. Telcos are now providing security services alongside transport, access and managed operations. The trajectory is clear – security services are becoming integral to connectivity, and a single, service-wrapped solution that reduces tool sprawl while meeting strict governance and performance expectations now makes strong commercial sense.
Early-stage integration
Operators are testing the waters by rolling out SASE through pilots and phased integrations, ensuring service stability while testing performance, security and operations. On the platform side, demand is strong as enterprises increasingly seek integrated security, a trend Indian telcos are leveraging to strengthen their enterprise services. The near-term approach is clear – run proofs of concept in select segments or regions, track metrics such as latency, inspection throughput, policy roll-out time and operational effort, and then expand gradually as the offer is revised. The shift from multiprotocol label switching (MPLS)-centric architectures towards cloud-delivered SASE is under way, with a focus on minimising risk for existing large and regulated customers.
Partnerships are becoming the norm
Telcos, global security vendors and systems integrators are working together to ensure smooth implementation. Airtel has successfully tied its connectivity with security vendors Fortinet and Zscaler to deliver managed next-generation firewall and security service edge (SSE) services linked to its internet leased line base. Meanwhile, Tata Communications has collaborated with Versa Networks on a unified hosted SASE that combines software-defined wide area network (SD-WAN) and SSE together in a single-pass model, aiming to reduce the total cost of ownership compared to stitching point tools. On the systems integrator (SI) side, HCLTech launched a managed SSE service on Cisco Secure Access in June 2025. This co-managed design suits regulated and multi-country customers that need full life cycle management and can be bundled or white-labelled by telcos.
SD-WAN as a strategic entry point
For most Indian operators, SD-WAN is the entry product and the operating base for SASE. It solves immediate problems of performance and cost, and prepares the network for integrated security. Commercially, it allows telcos to build on their core strengths and avoid risky “big bang” shifts. For instance, Airtel Business is expanding SD-WAN as a step towards a unified networking and security platform rather than an SD-WAN overlay with add-ons. Vodafone Idea Limited (Vi) Business offers hybrid SD-WAN. In late 2024, it launched an artificial intelligence (AI)-powered, “Make in India” SD-WAN with Infinity Labs for cost-sensitive mid-market buyers. Meanwhile, JioBusiness sells managed SD-WAN and has run large national deployments, including Indian Oil Corporation Limited retail outlets, demonstrating its ability to handle scale.
MSMEs and the mid-market
Telcos are targeting micro, small and medium enterprises (MSMEs) and mid-market firms that are digitising rapidly but with limited budgets and small security teams. Subscription pricing and simple deployment lower the entry barrier while cloud delivery eliminates the need for heavy on-premises installations. Additionally, this model aligns with the Digital India goals, offering enterprise-grade control as a service for lean IT teams.
Two factors make this market attractive: it is price-sensitive and resource-constrained, yet subject to strict compliance requirements. For instance, Airtel positions its “Secure Internet” to simplify security for smaller firms on internet leased line (ILL) circuits. Meanwhile, Vi’s 2025 MSME study shows a clear majority plan to increase cybersecurity spending, with the operator Vi reaching over 160,000 MSMEs through its “Ready for Next” programme. These trends point to steady demand for packaged connectivity plus security as firms formalise operations and adopt more software-as-a-service (SaaS).
What is driving telco roadmaps?
Regulation remains a key driver of adoption. The Digital Personal Data Protection (DPDP) Rules, currently under consultation, aim to tighten compliance requirements around consent, user notices and breach response. The Indian Computer Emergency Response Team (CERT-In) still requires six-hour incident reporting and 180-day log retention. Managed SASE, with centralised logs, data loss prevention (DLP) and zero-trust access, aligns well with these requirements and makes audits easier.
Data residency is another driver. In August 2025, Airtel’s digital arm, Xtelify, launched “Airtel Cloud”, a sovereign, India- built platform that targets cost optimisation and domestic data residency. This provides carriers with a native platform for hosting SASE control planes, logs and analytics within India. Other security vendors are also bringing India-hosted use cases online. Check Point’s Harmony SASE was launched in India in June 2025. This strengthens the case for local inspection and cuts latency for policy enforcement.
The third driver is the increase in AI adoption and encrypted traffic. India is now one of the leading sources of AI and machine learning transactions. Many organisations block a large share of AI traffic for governance and that increases the need for inline transport layer security (TLS) decryption, cloud access security broker (CASB), zero trust network access (ZTNA) and content control, which SASE and SSE combine in one policy fabric.
Current deployments
Three deployment patterns are emerging. First, a managed SSE overlay on existing ILL and MPLS infrastructure. Telcos add secure web gateways, CASB with DLP, ZTNA and cloud firewalls to current circuits. Airtel’s Fortinet-powered “Secure Internet” and its Zscaler-backed “Secure Digital Internet” are examples. This route delivers quick wins with minimal disruption. The second is hosted SASE, typically a single-vendor and telco-operated model. For instance, Tata Communications brings SD-WAN and SSE together in its own network with one policy plane and one service-level agreement (SLA). This suits multi-site enterprises seeking a single accountable provider and a predictable operating model. The third is a co-engineered path from SD-WAN to SASE for the mid-market. Vi’s Hybrid SD-WAN with Infinity Labs is built for MSMEs that start with transport resilience and AI-assisted security and then add ZTNA and cloud firewall as identity and policy needs mature.
Testing SASE deployments
As more plans turn into execution, chief information officers (CIOs) often seek independent proof. Indian telcos are answering with recognised checks and certifications. The MEF offers a standards-based SASE programme, covering SD-WAN, SSE and zero trust. Vendors such as Fortinet and Versa have completed full MEF SASE certification to give telcos third-party proof to cite in requests for proposal (RFPs) and SLAs while setting common expectations for features and performance.
CyberRatings also conducted SSE threat protection tests in 2024 and 2025 and published product-specific reviews, including SD-WAN performance under loss and jitter. Telcos use these results in proofs of concept and due diligence, as well as to address buyer concerns about TLS 1.3 decryption, evasion handling and malware catch rates. Locally, Indian telcos ensure their SASE services comply with the standards set by the National Centre for Communication Security and adhere to the Indian Telecom Security Assurance Requirements for all network equipment. This matters when SD-WAN devices operate at branch sites but are controlled by a central SASE policy plane.
Opportunities and risks
For MSME and mid-market customers, Airtel and Vi attach clean pipes and essential SSE controls to ILL, 4G and 5G. For distributed enterprises looking to consolidate tools, Tata’s hosted SASE- and SI-operated SSE such as HCLTech’s Cisco-based service provide outcome-based SLAs on latency, availability and decryption at scale. This helps CIOs achieve measurable improvements. At the last mile, Jio AirFiber is scaling fixed wireless access (FWA) to millions of locations. SASE is a natural add-on for secure access to SaaS and private apps, especially in Tier II and Tier III markets where fixed connectivity remains inconsistent.
However, the lack of a skilled workforce and the burden of old integrations inside customer networks pose key challenges. Many enterprises still run a mix of branch firewalls, virtual private network concentrators and cloud proxies. Telcos that deliver one policy, identity-based access, and a single searchable log will have an edge. This approach aligns with the broader shift towards security outsourcing and the focus on reducing platform sprawl in 2025. Another risk is practical data residency. While India-hosted SSE and SASE and the rise of sovereign clouds are welcome developments, telcos still need to prove that logs, keys and incident workflows remain within the country and meet DPDP and CERT-In timelines. These operational details will determine whether large customers will send sensitive traffic to cloud inspection at scale.
The way forward
Indian telcos are making a steady but strong shift to SASE. The road-map is clear: start with SD-WAN, package the offer through partnerships, focus on MSMEs and mid-market enterprises, and back commitments with certification and independent tests. Compliance, data residency and AI-driven risk are the key drivers of this change.
Moving ahead, three shifts are likely over the next 12-18 months. First, telcos are expected to consolidate on fewer vendor stacks. Many will choose one or two anchor platforms and prefer a single-vendor SASE to cut integration and support costs, making migrations more attractive.
Second, in-country control planes and logs will become the default. Sovereign cloud launches and more vendor points of presence in India will make local processing and logging the norm. This will make DPDP compliance easier and reduce inspection latency for remote and branch users.
Third, SD-WAN-led conversions will happen at scale. As MPLS refreshes and as FWA and 5G expand, telcos will attach SASE to transport upgrades. Connectivity-only accounts will shift to security subscriptions backed by outcome SLAs. The projection that about two-thirds of SD-WAN purchases (as per Gartner estimates) will come through SASE by 2027 should begin to reflect in Indian deal structures and procurement, with more single-platform RFPs and tighter, SLA-based statements of work.
Ultimately, SASE adoption is redefining the role of Indian telcos from connectivity providers to strategic partners in digital transformation.
