SASE and the Electric Vehicle Revolution

When electric cars first began gaining popularity, traditional car companies thought they could easily replicate them and didn’t devote much time to develop a competing product. You could argue some still have their head in the sand, but we’ll reserve that topic for another blog. 

What the traditional car companies were reluctant to realize was that it wasn’t as simple as swapping an electric motor and battery for the internal combustion engine and gas tank. Electric cars were fundamentally different. Driven by software that controlled and optimized every element of the car, these machines had to be re-envisioned from the ground up. The software was not a piece of the car, the car was built around the software. Yes, they were able to re-use some ideas of legacy cars – seats and steering wheels still look the same – but under the hood they are vastly different machines. In order to compete in the future of the car industry, legacy manufacturers are slowly learning that they must throw away large parts of the old playbook.

In a similar way, the security industry is undergoing a monumental shift. The migration of applications to the cloud coupled with the rise of users working outside an organization’s perimeter defenses have forced security vendors to rethink their product strategies.

SASE (secure access service edge) has emerged as the answer to these changes, but also creates some challenges of its own.

As vendors race to cobble together their SASE offerings, they must determine their best path for success by answering questions like “What can be repurposed?” “What has to be scrapped?” and “What new competencies will this require?”  With billions being spent on acquisitions and development, and Gartner predicting that 40% of buyers will seek SASE solutions in the next 3-4 yrs, the stakes are incredibly high.

Speed of innovation will ultimately determine the winners in this race. This poses a significant challenge to legacy security providers whose roots are based in on-premise hardware appliances. Deployments, development processes, timing of updates (and pretty much everything that went into growing those businesses) become obsolete in the move to SASE. 

SASE requires greater agility. From feature development to delivery as a managed service, the ability to be flexible is part of the opportunity and challenge that this new architecture poses. To achieve this cloud-delivered services will be built by agile development processes that focus on end user needs. Improved feature quality and rapid changes supported by DevOps teams are not just nice to haves…they will ultimately decide every vendor’s market share. As new use cases evolve, SASE providers will be able to morph offerings in almost real-time to meet the newest threats and market demands.

This agility requires SASE to be delivered as a subscription-based managed service. Operated by a security operations center (SOC), SASE will support advanced managed detection and response (MDR) capabilities. These management hubs will not only have complete visibility over user and environment activity, but also allow for rapid (or in some cases automated) remediation once trouble is discovered. 

In addition to the enhanced response times, centralized policy management creates simplicity for security teams as policies are defined from a single source of truth and implemented across all security functions, users and locations. 

What underlays all of these capabilities?  Software-defined networking.

The network is the driver of this transformation. Much like the underlying software that electric cars are built upon; the management, delivery and scalability of cloud-delivered security services are being rearchitected on top of the network. Enabled by its integration to the network, security becomes seamless to the user and far more scalable for the provider.  

Leveraging the network and intelligent endpoints, workloads are shifted to optimal locations and updated centrally. No longer are sessions moved to the intelligence, the intelligence can be moved to the session. Inspections can now occur anywhere on the network, resulting in better overall performance and reducing the complexity caused by service chaining.

Like the traditional car companies swapping out electric motors for gas and producing their inferior versions of electric vehicles, some legacy security providers will continue to try to solve these challenges without addressing the fundamental platform-related changes that are actually needed. 

Until these security architectures are rebuilt on top of cloud networking platforms they will continue hitting the same proverbial wall. Some security providers will see this early, make the appropriate moves and ultimately dominate the coming wave of change… others will remain in denial and watch the new players pass them by.