With the increasing adoption of hybrid and public cloud solutions, managed networks, and applications driven by the internet of things, enterprises are finding it challenging to ensure network security and enable seamless access to applications and data. Conventional methods of network security and access control are proving to be inadequate in dealing with the increasing complexities of cyber threats. To this end, the secure access service edge (SASE) has emerged as a transformative approach, offering a comprehensive solution that integrates network and security functions within a unified service delivered through the cloud. SASE ensures that all users and devices are continuously authenticated and authorised before accessing resources, thereby enhancing security and access control.
Both telecom operators and enterprises are turning to SASE to address the challenges posed by evolving network environments. While operators are leveraging SASE to enhance their service offerings as well as deliver secure connectivity and advanced security services to their customers, enterprises are transitioning from traditional network architectures to SASE to improve network agility, security and the user experience. Organisations with distributed workforces, multiple branch offices and cloud-centric strategies are at the forefront of SASE adoption. However, issues such as integration of a unified security architecture into legacy infrastructure, network complexities inherent to SASE, and interoperability concerns are hindering large-scale migration to this framework.
A look at the key components of the SASE framework, advantages of SASE over traditional security solutions, market potential, demand drivers, adoption scenario in India, implementation challenges and the future outlook…
SASE architecture
The SASE model incorporates various components to deliver an integrated and cloud-native approach to network security and access control. A critical component of the SASE architecture is software-defined wide area networking (SD-WAN) that helps enhance network performance and agility by routing traffic over multiple transport links, including multiprotocol label switching (MPLS) and long-term evolution (LTE). It enables organisations to prioritise critical applications, dynamically allocate bandwidth, and optimise network performance. Meanwhile, a secure web gateway (SWG) within the SASE framework provides advanced web security capabilities by inspecting and filtering web traffic, protecting against malware, and enforcing web access policies. It protects users from web-based threats and ensures secure access to the internet.
The other key components of SASE include a cloud access security broker (CASB), zero-trust network access (ZTNA), firewall-as-a-service (FWaaS) and data loss protection (DLP) solutions. CASB provides visibility and control over data accessed and stored in cloud applications, ensuring compliance, preventing data leakage, and protecting against cloud-specific threats. Meanwhile, ZTNA helps shift the traditional perimeter-based security model to a zero-trust approach, where access to resources is granted based on identity, device posture and contextual factors. It also ensures that only authorised users and devices can access resources, regardless of their location.
FWaaS offers network security functions, such as firewalling, intrusion prevention and network segmentation, as a cloud-native service. It provides scalable and elastic security controls that adapt to dynamic network environments. Finally, DLP solutions safeguard against the unauthorised disclosure of sensitive data, whether it occurs intentionally or inadvertently.
Besides these, the SASE architecture incorporates encryption and decryption capabilities to protect data in transit and at rest, by converting sensitive information into an unreadable format, thereby safeguarding it from unauthorised access.
Key benefits and demand drivers
The adoption of SASE offers several potential advantages to enterprises. For one, SASE eliminates the need for multiple standalone security and networking appliances, reducing capital and operational costs associated with hardware procurement, maintenance, and management. It also simplifies network and security architectures by consolidating functions into a unified cloud-delivered service, reducing complexity and enhancing operational efficiency. Moreover, by integrating multiple security functions, SASE enhances the threat detection and response capabilities of enterprises, thereby reducing the risk of cyberattacks, data breaches and unauthorised access. Further, it provides secure access to applications and data regardless of the user’s location or the underlying network infrastructure, ensuring consistent security and performance. SASE also enables organisations to scale network and security services dynamically, supporting changing business requirements and making it easier to adopt new technologies.
Several factors are contributing to an accelerated uptake of SASE. The key among these is the technology’s increasing role in facilitating the shift to remote work and the decentralisation of network resources by providing a cloud-native approach that enables secure access for remote workers and branch offices, regardless of their location. Further, the exponential growth of cloud applications and services has necessitated the adoption of a scalable and flexible network architecture that can support diverse traffic patterns. To this end, SASE is helping enterprises leverage SD-WAN capabilities with cloud-based security services to provide optimal performance and reliability. Moreover, the increasing number of cyber threats and regulatory requirements have increased the demand for advanced security measures. By integrating multiple security functions, such as secure web gateways, zero-trust network access and data loss prevention, into a unified framework, SASE can help organisations enhance their overall security framework.
Market overview
According to industry estimates, the size of the global SASE market is expected to increase from $1.9 billion in 2023 to $5.9 billion by 2028, with a compound annual growth rate (CAGR) of 25 per cent throughout the forecast period. Among the industry segments, the small and medium enterprises (SMEs) sector is expected to exhibit the highest CAGR during this period. This is because several governments are taking measures to safeguard SMEs from cyberattacks and are planning to leverage the SASE architecture for the same.
North America is projected to take the lead in SASE adoption, primarily driven by the United States and Canada, which are significant contributors to the SASE solutions market in this area. Both public and private organisations in this region are actively embracing essential cloud security solutions within the SASE architecture. They are prioritising the protection of consumer identities by implementing key technologies such as SD-WAN, ZTNA, SWG and CASB.
Indian enterprises are also increasingly embracing the use of SASE solutions to mitigate the business and security risks associated with utilising multiple clouds. Through SASE, Indian companies aim to provide a consistent application experience that aligns with evolving business strategies while also reducing the overall cost of network and security operations. As per the 2022 Digital Transformation Survey conducted by the International Data Corporation (IDC), over 54 per cent of large enterprises in India are planning to incorporate SD-Branch and ZTNA as part of their drive towards SASE adoption. The survey findings also indicate that 77.8 per cent of enterprises in the banking, financial services and insurance sector have already implemented software-defined perimeter solutions and policies. Additionally, 52.2 per cent of them are actively considering and investing in SD-Branch components while 54.4 per cent are planning to implement a zero-trust network architecture and invest in relevant security solutions.
Issues and challenges
Despite offering several benefits to enterprises, the adoption of SASE poses several implementation and operational challenges. For one, organisations must carefully evaluate their network architecture, security requirements and migration strategies before implementing SASE. This is because legacy infrastructure, network complexity, and interoperability issues may complicate the transition to SASE. Moreover, organisations must consider the potential impact of implementing SASE on network performance and user experience during the migration process. Further, organisations, especially those with multiple branches, may find it challenging to ensure seamless connectivity and availability of SASE in distributed environments. Other potential challenges stem from the need to ensure consistent security policies across hybrid environments, integrate diverse security solutions and address data sovereignty and compliance requirements.
Emerging opportunities and outlook
By combining security functions into a unified cloud-delivered service, SASE offers a transformative approach to network security and connectivity, bringing significant advantages to enterprises, including cost savings, improved security, simplified operations, and scalable network infrastructure. Going forward, the rising demand for a consolidated network security framework, the growing mobile workforce, the need to comply with data protection laws, and the lack of adequate security tools for handling cloud data surge will drive the adoption of SASE among enterprises, especially SMEs seeking affordable and scalable security solutions. While embracing SASE presents challenges such as increased network complexities and compatibility with the existing infrastructure, its future looks promising with opportunities for innovation. Integration with emerging technologies such as artificial intelligence and machine learning will further enhance SASE’s threat detection and response capabilities.
