Why Aryaka's Unified SASE Is Important


By: R. Scott Raynovich

Aryaka has launched an upgraded product and services architecture, as well as a big vision that should serve new CEO Shailesh Shukla well.

With its launch of Unified secure access service edge (SASE) as-a-service, Aryaka says it’s now positioned itself as the only provider with a unified single-pass architecture; global private network backbone; and security, observability, and application performance capabilities -- all in a single platform delivered as a service.

Aryaka's Unifed SASE as-a-service delivers three things:

  • Aryaka OnePass Architecture: enables distributed policy enforcement through a distributed data plane, unified control plane, and single management pane.
  • Zero Trust WAN: provides zero-trust security across Aryaka's global private network backbone operating in more than 100 countries.
  • Comprehensive Networking, Security and Observability Services: includes Aryaka SmartSecure next-generation firewall (NGFW) with secure web gateway (SWG), anti-malware and intrusion prevention system (IPS).
  • Flexible Delivery: includes customer choice of delivery (Aryaka or third-party) and implementation (managed, co-managed or self-managed).

SASE Competition Heats Up

This is a timely announcement that points to the enormous activity in the crowded and active SASE market. Dozens of vendors ranging from Cisco to Palo Alto Networks and startups such as Cato Networks and Versa Networks are plying the market with SASE products and services. It also confirms the trend toward integration we recently outlined in our SASE Ecosystem Growth report.

Aryaka's moves embrace two strong trends: the move to unified security and network platforms (so-called platformization), as well the introduction of a single-pass architecture to consolidate how network traffic is observed and secured.

Competitors are likely to quibble about how many acronyms are needed to be called SASE. For example, cloud access security broker (CASB) services and data loss prevention (DLP) are included in many platforms, including that of Aryaka Networks' closest competitor, Cato. But Aryaka says it already includes a basic CASB service and it has plans for a full-service CASB and DLP this year. And it's got most of the popular checkboxes, including firewall as-a-service (FWaaS), SWG, and IPS. It also points out that by owning the network, it provides full observability of all network activity.

Aryaka naturally differentiates itself by being the only SASE vendor that is also a full-fledged managed service provider. Unlike most SASE platform providers, Aryaka operates a layer 2 and layer 3 private backbone, so it maintains control of all the packets in its network. Other security service competitors, such as Zscaler and Cloudflare, provide network and security services, but they operate as cloud services that don’t provide managed private network services for customers.

The single-pass and single-vendor debate is likely to heat up, as recently pointed to by the Palo Alto strategy shift to move toward pushing a SASE and security services platform.

Single-Vendor SASE Is Expanding

Overall, the move shows that the industry's “single-vendor SASE” movement is gaining momentum. Some SASE vendors, such as Versa Networks, have also been boosting this message – saying that security needs to be embedded in the network itself.

With its new launch of Unified SASE as-a-service, Aryaka adds to several trends in the industry, including an integration of security services such as zero trust, firewalling, and SASE – as well as a move to single-pass architecture. In a single-pass architecture, the security services are embedded in the network, rather than requiring traffic to be sent to cloud services for inspection.

“We do three things – network services, security services, and observability,” said Renuka Nadkarni, chief product officer at Aryaka, in an interview with Futuriom last week. “Current solutions all compromise on some aspects of performance, security, flexibility and agility, creating risk and user experience gaps.”

Nadkarni also referenced the recent move by Palo Alto Networks to “platformize” as ratification of the trend. She says Aryaka's new architecture gives the company complete control and visibility of all traffic.

“Observability is a byproduct of our network. We know when the customers have ransomware attacks. Their sites were talking to each other, and we can see the abnormal traffic.”

Klaus Schwegler, senior director of product marketing at Aryaka, says Aryaka now has the only full SASE networking platform.

“Current solutions are point solutions that are stitched together. Some of them have a bad end-user experience. They also have operational complexity," he said.

Partner Opportunity for Global Networks

Aryaka also cites its flexible business model as an independent service provider as an opportunity to partner with many agents, value-added resellers, and managed service providers (MSPs).

The company has a strong heritage in supporting enterprises with a strong global presence by providing NaaS around the world. The addition of single-pass SASE will be attractive to companies looking to expand quickly and support remote offices with secure networking without having to build it themselves.

Aryaka’s launch is a strong move to become the go-to service provider that can offer managed networking as well as SASE at the same time. The company says it’s currently engaged with 40 customers for the new platform.

Futuriom Take: Aryaka’s Unified SASE is now positioned as a networking services growth platform for new CEO Shukla, who recently said he wants to take the company to $1 billion.