Network security has not kept pace with the developments in the tech landscape. Widespread cloud adoption has made perimeter-based solutions obsolete. But enterprises do not have a viable alternative and struggle to address the accelerating threat landscape. SASE, or “Secure Access Service Edge,” the red-hot architectural framework promises a solution. SASE integrates wide area networking (WAN) and security into a single, cloud-based service. But the technology is still evolving. Here are the top SASE trends in 2023 and beyond.

1. The rise of SASE-as-a-service

SASE integrating networking and security enables applying consistent security policies globally. The cloud-native architecture delivers security and networking services from distributed PoPs worldwide. Scalability, flexibility and performance improve.

Its vendors have started to deliver SASE-as-a-service. The as-a-service delivery model allows enterprises to leverage its benefits without capex investments. The enterprise can subscribe to the cloud-based SASE offering and hit the ground running. Capital expenses convert to easily-attributable operational expenses.

These SASE-as-a-service offerings co-opt:

• Secure web gateway (SWG) for traffic, content inspection, and URL filtering. SWG offers effective protection against phishing, ransomware, and other live threats.
• Firewall as a service (FWaaS). Cloud-based next-generation firewalls protect infrastructure across on-premise and Software-as-a-service environments. 
• Cloud access security broker (CASB). CASBs protect against data leakage, shadow IT and unauthorised resource access.
• Domain name system (DNS) security to limit access to malicious domains.

2. The convergence of SASE and Zero Trust. 

The zero trust approach always never trusts any requests and always verifies, regardless of the source or reputation. Zero trust has become a critical component of data-centric cyber security. 

SASE and Zero Trust are complementary, and integrating the two makes the environment more secure. The latest SASE offerings co-opt zero trust network access (ZTNA). ZTNA secures remote access, improves security scalability and reduces complexity.

ZTNA with SASE enables dynamic access control policies to applications, data and services. SASE-enabled ZTNA adapts security controls to the context of the connection. A senior executive could, for instance, have different read-and-write access rights in a coffee shop and at the office. The security controls adapt dynamically to the change of network connection.

3. The rise of AI-powered SASE

The latest SASE offerings co-opt artificial intelligence to thwart sophisticated cyber attacks. Its vendors already have extensive data troves data that AI tools leverage.

Effective network security depends on rapid detection and response. The network security team often has only milliseconds to analyse threats. AI and ML algorithms monitor traffic on such a real-time basis at scale. 

It establishes the rules on how humans and machines act within the network. Machine learning algorithms detect abnormal and suspicious activity. AI classifies malware, blocks unauthorised access attempts, and prevents data breaches in milliseconds. 

AI-powered SASE:

• Analyse network logs. The algorithms analyse data to detect patterns and identify indicators of compromise (IOCs). The deep insights into the asset landscape help tailor security policies based on the unique characteristics and weaknesses of the asset.
• Generate risk scores using time, attack techniques, and server IP geolocation metrics. Risk scoring makes it easy to reduce false positives and identify compromised assets. It also allows security teams to focus on high-priority risks first.
• Analyse and compare text, brand, visual content, and email flows from phishing-associated websites. Such insights block phishing attempts. SASE cloud vendors gather telemetry from thousands of sources. The system detects phishing messages and URLs in milliseconds. The improved visibility brought about by AI identifies previously unseen malicious traffic patterns.
• Keeps track of sensitive data, including who has access to and uses it. When unauthorised users attempt to use sensitive data, the algorithm issues alerts and denies access. 
• Enable ZTNA. Identify endpoints connected to a network and authenticate legitimate clients. 

4. Improving the user experience

Security considerations often impede the user experience (UX). But enterprises can no longer afford to compromise on the UX. The UX has become an important factor in attracting customers and retaining talent. 

It converges security and networking into a unified framework. This simplifies network management and improves the user experience. SASE:

• Routes network traffic through the nearest cloud points of presence. The result is lower latency, faster application performance and better responsiveness. 
• Prioritises critical applications over non-essential ones, ensuring important tasks receive higher network bandwidth. 
• Scales network and security services up or down based on demand. This elasticity allows the network to handle traffic variance effortlessly. Adding new users and devices does not affect the UX. The UX remains consistent with access devices, locations, and networks. 
• Supports multiple connectivity options, including direct internet access, private network connections, and SD-WAN. Such flexibility allows users to access resources through the most efficient connection.

It moves enterprises away from static environments to adaptive controls and automation. Such an approach boosts data protection, matures the security environment, and improves the UX. 

5. Priority for single vendor SASE solutions

SASE adoption can take three approaches:

• A single-vendor offering
• Explicit pairing of two vendors, with one for network services and the other for security services
• Managed SASE.

The trend among users is for single-vendor SASE solutions. Small and medium enterprises, who do not have siloed networks, drive the bulk of the demand. For them, the best of breed in all capabilities is overkill. 

Single-vendor solutions offer:

• Single-pass scanning improves the security posture. Single-pass scanning scans and analyses data only once. Such an approach reduces the attack surface, lowers latency, and makes the network traffic more efficient. 
• A single unified console that makes administration simple. Multiple consoles make management and troubleshooting complex.

The market for well-architected single-vendor SASE offerings is immature but developing quickly. The limitation has been the lack of breadth and depth in functionality, limited integration across components, and inability to offer a unified data model and data lake. Most vendors still only still supply some components of SASE.

But vendors are overcoming these limitations fast. They also add cloud-based security stacks on single-vendor SASE. Research major Gartner lists nine vendors offering end-to-end solutions with networking and SSE. These vendors are Cisco, Cato Networks, Citrix, Fortinet, Forcepoint, Netskope, Versa Networks, Palo Alto Networks, and VMware.

Gartner predicts 65% of enterprises will consolidate individual SASE components into one or two partners by 2025. The corresponding figure in 2021 was only 15%. It’s spending is also increasing. The worldwide end-user spending on SASE will touch $9.2 billion in 2023, representing a 39% increase from 2022 figures. By 2025, 80% of enterprises will use SASE frameworks to unify web, cloud services, and private application access. This is a 400% increase since 2021.

It offers a comprehensive security solution but is not a “magic bullet.” Enterprises that approach SASE as a “set-and-forget” solution ask for trouble. Effective network security requires co-opting SASE complements into existing security solutions and configuring SASE to meet business objectives. 

Enterprises that track and apply SASE developments address the challenges of the modern IT landscape.