The Roadmap to Secure Access Service Edge (SASE)

Expressway, the effect of car headlights. Low-poly construction of fine lines. Blue background.

For MSSPs, Secure Access Service Edge (SASE) offers new opportunities to help their customers reduce complexity while providing work-from-anywhere (WFA) employees with secure, reliable, and authenticated access to critical corporate assets, applications, and resources.

Author: Michael O’Brien, regional VP – strategic routes to market, Fortinet.
Author: Michael O’Brien, regional VP – strategic routes to market, Fortinet.

SASE is designed to help organizations secure their distributed networks. By combining cloud-delivered security from the enterprise to the edge and SD-WAN, SASE converges networking and security to provide consistent and secure access to critical resources. Security and networking must continue to converge to allow organizations to adapt to today’s rapid pace of new priorities and evolving business needs.

The SASE Journey

Confusion continues to surround SASE, and it is important for partners to understand that SASE is an architecture, not a specific product offering. Partners should take a long-term view, and work to understand the components of a SASE roadmap.

Setting up a SASE architecture is valuable because it eliminates bottlenecks and security gaps in the network while increasing flexibility and visibility, the best of all worlds. It can dramatically improve productivity.

With SASE, there aren’t “out of the box” solutions, so to offer SASE to your customers, you need to work with a vendor that has the needed building blocks. Some SASE solutions operate as isolated standalone products on private networks that don’t work with other technologies across the organization and offer limited features. Any SASE solution should support secure internet access, secure private access, secure SaaS access, cloud-based management, and provide simple onboarding and flexible consumption.

Why ZTNA, SD-WAN, and a Cybersecurity Mesh Architecture Matter

Many SASE providers are “cloud-first” organizations and include zero trust network access (ZTNA) as part of their SASE solution or as part of a cloud-hosted service. However, if your customers have hybrid networks, that architecture may not work. These organizations need to work with a vendor that supports cloud-based services and hybrid networks by converging networking and security so everything is consistent whether the security is delivered as an appliance, virtual machine, cloud-delivered service, or container.

The right application of ZTNA makes sure that users and systems only have access to the application resources to which they are specifically entitled, no matter where they are installed or the network path needed to access them.

ZTNA that can extend across the entire infrastructure must reside on a secure platform with Secure SD-WAN for quick and secure access between legacy networks and cloud provided services. SD-WAN is the core of SASE solutions extending the same access and security to remote and mobile workers.

To guarantee that every connection is completely and consistently secured, inspected, and monitored across every network segment, end-to-end, ZTNA should be integrated into a cybersecurity mesh architecture, which offers scalable protection as users switch between work environments.

Defining the SASE Roadmap

Because SASE is top of mind for your customers, as a service provider you can differentiate yourself by offering a SASE roadmap. SASE shouldn’t be just another box to check. You need to carefully consider which vendor has the best approach so you can successfully offer SASE to your customers with offers addressing needs today and an eye to the future of SASE and converged networks.

Author Michael O’Brien is regional VP, strategic routes to market, Fortinet. Read more Fortinet blogs hereRegularly contributed guest blogs are part of MSSP Alert’s sponsorship program.