SASE Growth and Ecosystem Report 2022

is Secure Access Service Edge (SASE) just another sexy acronym or is it the real deal? This is something we have been probing for years as SASE evolved out of the software-defined wide-area networking (SD-WAN) market.

There are now at least 20 leading companies targeting the SASE market, which represents a convergence of SD-WAN technology along with cloud-managed network security including functions such as secure web gateway, firewall as a service, and many others.

What's the difference between SASE and SD-WAN, you ask? SD-WAN provides WAN connectivity and management, while SASE extends the functionality to more security applications. SD-WAN was an innovation that enabled managers to more quickly set up and manage enterprise networks -- and most specifically branch and datacenter connectivity -- using secure software overlays that could be orchestrated and managed from the cloud. It was also important that SD-WAN often didn't require specialized hardware, and could be implemented as software on a commercial off the shelf (COTS) box. SASE does the same thing, only adding more security capabilities.

The magic of SD-WAN is the same for SASE -- manage the network using software than can be hosted on premises or in the cloud -- and add security functionality applications when are where they are needed.

SASE Players Proliferate

Just as SD-WAN spawned dozens of vendors (some say more than 50) chasing the new paradigm, SASE has also drawn a lot of interest. Many of the remaining, independent pioneers of the SD-WAN market simply added SASE functionality -- or were acquired by other companies that had complementary SASE portfolios.

Just a few examples: Cisco bought SD-WAN startup in Viptela and parked it alongside SASE offerings in a portfolio approach. VMware bought VeloCloud, also an early startup, and melded it with VMware security and microsegmentation capapbilities. Firewall and enterprise giant Palo Alto Networks bought SD-WAN company CloudGenix. Fortinet developed its own SD-WAN technology. HPE bought Silver Peak and folded it into Aruba networking. Independent SASE companies such as Aryaka Networks, Cato Networks, and Versa Networks have developed their own SASE portfolios and are growing fast and prospering with new security offerings.

What's the Value In SASE?

For end users, it’s probably getting confusing as the SASE-washing escalates to new levels. In this report, we intend to clarify what SASE is, tell you what the leading vendors are doing, and project a future direction for the SASE market. But there is true value to the end users: They have the opportunity to manage more of their networking and security applications under one roof, as networking and security converse under the SASE big top.
Regardless of these semantical debates, SASE has been the right wave of technology for the right time. Although SASE does not apply to one specific cybersecurity or networking technology, it describes a basket of technologies that can be used to integrate solutions to attack multiple security challenges at once. That approach is appealing to organizations looking to build a unified security strategy.

The SASE movement, in our opinion, is part of a larger movement toward consolidating technology tools and integrating them with cloud architectures to gain full visibility, control, and compliance of the cloud infrastructure as a whole. You know longer have to shop for a SWG, next-generation firewall, and advanced threat protection. They can be packaged together, along with SD-WAN.

What's In This SASE Report?

Our third annual SASE Growth and Ecosystem report was compiled as we followed the SASE market throughout the year, tracking trends and changing customer needs. The information is based on our briefings with vendors, discussions with practitioners, and survey data gathered over the past few months.

Special thanks to sponsors: Aryaka Networks and Versa Networks!

This report is entirely free and can be downloaded here.

Highlights

• Cybersecurity spending and SASE have held up well under market stress. Companies are still holding cybersecurity budgets despite some technology spending weakness. Public companies in the SASE space are reporting 30%-60% revenue growth, mostly based on annual recurring revenue (ARR).
• Integration and consolidation of security functions on the SASE platform will remain a strong trend. End users we have surveyed and interviewed are asking for better integration of cloud and network security tools to adapt to end-user mobility, increased cloud applications access, and diverse security threats.
• Technologies for SASE, zero trust, and multicloud networking are converging. SASE represents a movement toward consolidating security and networking, which may in the future merge with emerging markets in multicloud networking, zero trust security, and cloud security.
• Consolidation expected to continue. With many large acquisitions taking place in SASE areas such as cloud access security broker (CASB) and zero trust network access (ZTNA), expect this trend to continue as larger players roll up best-of-breed security functions into their SASE portfolios.
• SASE addressable market now in tens of billions of dollars. With the opportunity to provide integration of many security functions, provide more secure cloud and remote access, and replace traditional virtual private networks (VPNs), the total addressable market for SASE is tens of billions of dollars. SASE also has the potential to address and integrate dozens of other cybersecurity markets.
• Companies mentioned in this report: Akamai, Aryaka Networks, Cato Networks, Check Point Software, Cisco, Citrix, Cloudflare, Elisity, Enea, Forcepoint, Fortinet, Juniper Networks, NetFoundry, Netskope, Palo Alto Networks, Versa Networks, VMware, Zscaler

You can download the report here!