This year marks five years since we were introduced to the concept of SASE (Secure Access Service Edge). Since then, multiple technology companies from across various core disciplines have been jostling to bring their most comprehensive offerings to market.
But as any CISO knows, effectively converging security, networking and operations — all areas that make up a true SASE solution — is no walk in the park.
Getting it right demands a unified, focused approach to optimising both security and operational outcomes while effectively leveraging AI and ML. Moreover, it should ideally be a single-vendor solution.
Gartner recently released the first version of the ‘Magic Quadrant for Single-Vendor SASE’, which replaces the Market Guide for Single-Vendor SASE.
You’ll note some big names in the running, but Palo Alto Networks is undoubtedly the market leader. In fact, it’s the only ‘leader’.
“The company’s go-forward product roadmap and planned innovation investments are well-aligned with emerging enterprise customer needs and have strong potential to shape and drive the market,”
Gartner noted in its report. “Palo Alto Networks has a large and loyal installed base that should help the vendor grow in this market.
“Its operations are geographically diversified, and its SASE customers tend to be enterprises across all verticals. We expect the vendor to make future investments in this market focused on improving operational efficiency via AI and conversational interfaces.”
“Its primary offering in this market is Prisma SASE, which is a unified SASE platform,”
So what defines this magic quadrant?
According to Gartner’s definition, single-vendor Secure Access Service Edge (SASE) offerings should deliver multiple converged-network and security-as-a-service capabilities, including software-defined WAN, secure web gateway, cloud access security broker, network firewalling and Zero Trust network access. These should be supported by a cloud-centric architecture and be delivered by one vendor.
SASE supports branch office, remote worker and on-premises general internet security, private application access and cloud service consumption use cases.
Standard capabilities include:
- Secure web access via proxy
- In-line SaaS access controls
- Identity, context- and policy-based secure remote access to private applications
- A branch appliance that supports dynamic traffic steering out of multiple physical, locally attached WAN interfaces, with steering based on applications (not IPs/ports).
- Firewalling services
Optional capabilities include:
- Security capabilities such as remote browser isolation, network sandboxing, DNS protection, API-based access to SaaS for data context and configuration information, web applications and API protection
- Advanced network functionality, including enhanced internet and/or private backbone transport, content delivery networks, external DNS services, cloud onramps (simplified and automated integration with public cloud networking services), or branch routing.
Crystal balling the ‘magic quadrant’
How this quadrant will look after its first 12 months is anyone’s guess, however, Gartner is predicting a lot of change in the space this year as major vendors seek to position themselves to be part of SASE’s extraordinary growth story.
For instance, Gartner analysts predicts that by 2025, there will be a more than 50 percent increase in the number of vendors with generally available single-vendor SASE offerings, compared to mid-2023.
A year after Gartner forecasts 60 percent of new SD-WAN purchases will be part of a single-vendor SASE offering, up from 15 percent in 2023.
Palo Alto Networks is also the only vendor to be recognised as a Leader in SD-WAN, SSE and Single-Vendor SASE.