Who Are the Major Players in SASE and Secure Edge?

Cyberlock1

By: R. Scott Raynovich


Two major technology markets, networking (including SD-WAN) and cybersecurity, are converging. The need for the convergence of networking and security, especially at the “edge” of the network, makes sense, because networks carry all of the traffic associated with just about all enterprise and cloud-based applications.

The term SASE was coined by the large research firm Gartner Inc., and it is now being used by a large number of security and networking technology vendors to describe the integration of software-defined wide-area Networking (SD-WAN) and security functionality. Futuriom has launched a free report covering this, the Cloud Secure Edge and SASE Trends Report.

Why SD-WAN and SASE?

The SD-WAN market is currently growing at a compound annual growth rate (CAGR) of 34% and has reached billions of dollars, according to our research. The broad adoption of SD-WAN has been driven by its software-defined architecture, which makes it easier to deploy and manage networking and security resources and functions.

Many SD-WAN technology vendors have added cybersecurity functions to their platforms, and this trend has increased over time. It's likely that the SASE and Secure Edge movement means that large portions of the cybersecurity market will start to merge or integrate with SD-WAN.

Some of the key security functions that are already associated with SASE and Secure Edge deployments include Secure Web Gateways (SWGs), Cloud Access Security Brokers (CASBs), cloud-based firewalls or firewall as-a-service (FWaaS), and Zero Trust Network Access (ZTNA) -- also known as Software Defined Perimeter (SDP) -- services.

Let's take a deeper look at some of the cybersecurity areas that are merging with SD-WAN in the SASE movement.

CASB

CASB started to appear on the market early last decade. This is one of the key areas to watch for convergence in the SASE and Secure Edge markets, because CASBs are essentially cloud-based security networks that have some of the characteristics of SD-WAN in addition to those of Content Delivery Networks (CDNs). CASB solves a lot of problems by creating a protected, proxy-based network for cloud services, and the area is experiencing rapid growth and adoption.

The CASB market has been consolidating and is fertile ground for M&A, with a fair number of acquisitions of CASB vendors in the last several years, mostly by more established security vendors. CASB vendors include Bitglass, CipherCloud, Cisco, Cloudflare, Forcepoint, McAfee, Microsoft, Netskope, Palo Alto Networks, Proofpoint, and Symantec.

FWaaS and SWG

The consolidation of network security functionality is a well-established trend with next-generation firewalls (NGFW), and unified threat management (UTM), but the introduction of new threats has historically led organizations to keep adding new security products to their portfolios, making an overall reduction in the total number of security vendors they work with difficult, even with the ongoing consolidation of legacy products.

There is significant overlap between the leading firewall and SWG vendors, but the products have historically remained distinct. With its cloud-native architecture, SASE enables inspection engines to operate simultaneously in a single pass of the data. In addition to FWaaS and SWG, DNS security and data loss prevention (DLP) will increasingly become components of standard SASE security suites.

Most firewall vendors now offer cloud-based versions of their products. Some products are simply virtualized versions of their on-premise appliances, and customers should fully evaluate their current and future needs when looking to adopt FWaaS and SWG within broader SASE deployments.

Some of the major firewall vendors include Barracuda Networks, Checkpoint Software Technologies, Cisco Systems, F5 Networks, Fortinet, Hewlett Packard Enterprise, McAfee, Palo Alto Networks, Symantec, Tufin, Versa Networks, and Watchguard.

SWG vendors include Barracuda, Check Point Software Technologies, Cisco, Citrix Systems, ContentKeeper, Forcepoint, iboss, McAfee, Menlo Security, Sangfor, Symantec, Trend Micro, Versa Networks, VMware, and Zscaler.

More Areas: ZTNA, SD-WAN, etc.

Moving toward a zero-trust orientation is one of the larger goals in enterprise security over the last decade. Futuriom believes that ZTNA/SDP is not only an important component of SASE deployments but also an important proof point to encourage the further adoption of a global zero trust posture.

There are dozens of ZTNA/SDP solutions in the market and many are offered as cloud-based services. These cloud-based versions are of the most interest to this Secure Edge discussion. Cloud-based ZTNA/SDP vendors include Akamai, Axis Security, Cato Networks, Cisco Systems (which acquired Duo Security in 2018), Citrix, Cloudflare, Cognitas Technologies, Google, InstaSafe, NetFoundry, Netskope, Okta, OPAQ (acquired by Fortinet in 2020), Palo Alto Networks, Perimeter 81, Proofpoint (which acquired Meta Networks in 2019), SAIFE, TransientX, Wandera, Versa Networks, VMware, Zero Networks, and Zscaler.

Cybersecurity is a deep area and there are many other areas that are being integrated with SD-WAN and the Secure Edge. These include: SSL interception, content isolation, advanced threat protection including dynamic detonation, IPS as a service, DDOS/WAF as a service, DNS security, and Cloud Security Posture Management (CSPM). And of course, there are many more areas we probably haven't mentioned.

The Futuriom Cloud Secure Edge Report

Futuriom's recent report dives into all of these areas in detail in an overview of the Secure Edge and SASE technology markets, including how solutions are being crafted to meet the changing security needs of networks.

The topics covered include:

  • What do we need to solve with the Secure Edge?
  • Secure Edge and SASE Services
  • Paths Toward Better Edge Security
  • Use Cases and Adoption
  • Key Players and Areas to Watch

There are many companies with solutions in these markets. Some of the companies included in our report (partial list): Akamai, Aryaka Networks, Bitglass, Cato Networks, Check Point Software, Cisco, Citrix, Cloudflare, Forcepoint, Fortinet, HPE, Palo Alto Networks, NetFoundry, Netskope, Versa Networks, VMware, Zscaler.

Futuriom has made the Secure Edge and SASE Report free to registered Futuriom.com users.

Download the FREE report right here.