5 SASE Trends to Watch in 2022

Security Access Service Edge (SASE) has been called the “security trend of the decade”. As we enter the second year of the decade, the nuances, payoffs, and strategies around SASE are becoming clearer. SASE is not simply a critical security mechanism. It is emerging as a force in addressing long-standing IT and Security organizational issues and providing the security/productivity balance that companies and users want.

Enterprise Strategy Group (ESG) recently published a wide-ranging SASE survey of 613 IT professionals, and the results show that SASE has evolved greatly from a seemingly aspirational concept a few years ago to a market reality today. Several of the results were not only surprising, they shed a light on what we can expect to see in 2022.

In a recent webinar with ESG’s Sr. Analyst John Grady and members of the Symantec SASE team, identified particularly interesting findings from the research and shared a rich discussion on potential future-looking implications. From this discussion Symantec, as part of Broadcom Software, has identified 5 key SASE trends that emerged in 2021 and may influence how others view SASE in the year ahead.

#1. The evolution of SASE could help pull Network and Security teams out of their silos.

According to the survey, the top SASE challenge that companies experienced or anticipated, was getting cross-functional agreement on a SASE strategy. Another top challenge was getting cross-functional agreement on SASE vendors.

These findings suggest that many IT teams aren’t set up to support broader, cross-domain initiatives. KPIs, goals, and workflows are different among key stakeholders, creating a natural friction. As IT organizations look to be more agile, SASE could become a forcing function that allows teams to work together better, even if they don’t fully merge.

#2. Data Context is a growing part of the SASE conversation.

The ESG research showed that nearly half (48%) of IT professionals said they will begin with the security aspect of SASE in order to better secure remote and hybrid users, support zero trust initiatives, and reduce the attack surface. In contrast, 31% have a network-as-a-service centric approach to improve operational efficiency, and 21% take a fully-converged approach.

For “Security First” SASE adopters, Data Loss Prevention (DLP) was the #2 starting point for SASE after Zero Trust Network Access (ZTNA). At first glance, this might seem surprising. Not long ago, some people did not even include DLP in the SASE conversation. The reason for the change is clear: enterprises need data context, as they look for ways to reduce the risk of sensitive data leaking outside their organization.

The Zero Trust model puts the data at the center. Without context about the data, enterprises can only control user and device access at the resource level. DLP balances security and productivity by providing a critical context for enforcing security policies around sensitive and non-sensitive data. The data context also allows security analysts to prioritize incidents to investigate.

#3. ZTNA is the top SASE need for digital leaders.

Companies are looking to the critical SASE capability of Zero Trust Network Access (ZTNA) to address specific use cases, such as supporting third-party access or reducing the pain and time of merging IT applications following an M&A. And while those use cases remain important, they are being supplanted in importance by VPN replacement.

The ESG study also found that 62% of IT professionals use ZTNA for specific uses but are actively expanding their usage or planning to expand their usage to move away from VPN.

VPNs have created opportunities for both insider and external malicious actors to exploit. Companies are eager to fund technologies that reduce the attack surface as opposed to detecting more threats.

The reasons for VPN replacement can have subtle differences. Enterprises that are well underway in their digital transformation and leveraging public cloud providers and SaaS for their critical workloads tend to continue with the use-case based approach for SASE while they wind down their on-premises legacy infrastructure.

In contrast, companies that are still heavily reliant on on-premises infrastructure for their Line of Business applications would actually prefer to completely transition their DMZ to the cloud, which is the primary rationale for SASE. These companies opt for a VPN replacement approach to solve their operational challenges first, and then evolve into the Zero Trust approach.

#4. Companies want to preserve existing capabilities when adopting SASE -- without sacrificing efficiency.

The top attribute that companies want from a SASE solution is having hybrid options to connect on-premises and cloud solutions together, helping the transition to full cloud over time. While hybrid is not a sexy topic, it reflects the reality that organizations don’t adopt a full Zero Trust and/or SASE strategy overnight.

With the exception of ZTNA and Remote Browser Isolation (RBI), most organizations have existing capabilities in place, so they seek a path that allows them to move forward with SASE without starting from scratch. At the same time, they are unwilling to sacrifice efficiency. This attitude corresponds to our findings in other areas. For example, companies are interested in consolidating platforms, but not at the expense of security.

#5.  Customers want to move to multiple SASE vendors, but not for CASB and ZTNA.

The ESG study also shows that while 60% of companies plan to use one or two vendors for SASE initially, only 38% believe this will be the case when their initiative is complete. To get started on the path to SASE, choosing a limited number of vendors makes sense. However, customers eventually want to select a best-in-breed approach for various critical capabilities. The exception to this is CASB and ZTNA. It’s hard to envision separating the two at any time down the road.

Each solution has requirements for unified traffic steering, whether on managed or unmanaged devices. Uniform DLP policies and threat protection capabilities are also a requirement.

As SASE solutions mature and integration capabilities expand, Symantec anticipates a great number of organizations may begin to demand more. Vendors should focus on their relative strengths. It’s why Broadcom Software partners with Google to deliver the optimal network user experience for Symantec SASE. It allows us to focus on our innovative security solutions. Customers who ultimately want to pursue a broader best-in-breed approach should consider starting with a vendor that’s not only broad in SASE capabilities today, but also has the core components that shouldn’t be separated in the future.

Have questions?  Contact us here and let’s talk!