Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week lets explore the concept of security service edge (SSE) and why it was removed from the secure access service edge (SASE) in the recent Gartner Magic Quadrant.
SASE is a term introduced by Gartner in the second half of 2019. This is a cloud-centric model which essentially combines network security functionalities with software-defined wide area network (SD-WAN) capabilities. It eliminates physical boundaries, enabling the workforce to connect securely and remotely, and provides higher visibility into an organization’s network traffic. With the increase in cloud adoption, the legacy model of storing data and directing traffic through centralized data centers is often redundant. This is where SASE comes in, as it enforces the security controls on the edge network instead of data centers.
Why did Gartner formulate another similar security paradigm, SSE in 2021 after all the hype given for SASE in 2019?
As organizations shifted to a remote work model in the last two years, digital transformation and cloud adoption have skyrocketed. Organizations are either operating remotely or with hybrid models and have realized now there is no going back, creating a multitude of security challenges. Security solution providers developed new solutions to meet this need. This is when Gartner developed SSE, which is a combination of disparate security solutions into a single cloud-based service. SSE is the security sub-set of SASE, eliminating the SD-WAN component. Its core components are secure web gateway, cloud access security broker (CASB), and zero-trust network access.
Gartner Analyst, Winckless feels that the need for SD-WAN is declining for enterprises utilizing remote work environments. The falloff in SD-WAN use expands the opportunities for SSE as it is accurate, flexible, cost-efficient, and more simplified than SASE. It also increases the target base for SASE vendors as they can pitch their SSE capabilities separately to customers who are not looking to replace their existing SD-WAN infrastructure.
Here are five interesting reads explaining more about the concepts of SASE and SSE, its core components, benefits, differences and what needs to be considered before adoption.
1. Explaining the differences between SASE vs. SSE
The concepts of SASE and SSE are not that different. However, Gartner’s decision to position SSE as a separate solution segment has raised questions, including if the current work environments have diminished the need for SASE. This article provides an in-depth understanding of the differences between SASE and SSE and their core components.
2. Gartner: SSE is SASE minus the SD-WAN
Buyers who opt for SSE and SD-WAN are seeking different value propositions. This article provides use cases on why companies looking to move away from VPNs are considering SSE solutions.
3. As Vendors Ditch SASE For SSE, What’s Actually Changed?
Security solution providers seem to be pitching SSE solutions over SASE ever since Gartner introduced this concept in its 2021 Hype Cycle for Network Security report. This article explores the reason behind this.
4. SSE, SASE or CASB?: Spelling out the right security approach
Mike Schurict, SVP of Product Management at Bitglass dissects security concepts like SASE and CASB while determining how SSE fits into this mix.
5. Do You Need SASE or Zero Trust Edge?
Cyberattacks are growing at the same pace technology is, giving rise to more complex security needs. Organizations are trying their best to mitigate such attacks, and question which approach they should take. Key is understanding the pros and cons of SASE and zero trust edge in securing an organization’s network edges.
Today’s technology landscape is dynamic and security threats will take new forms. Security solutions will also continue to evolve to curb such risks. SASE and SSE are no exceptions. Organizations today need to decide between these two, based on their present requirements. An organization which requires SD-WAN capabilities along with cloud security services can opt for SASE. Others, who either have a remote work model or have an existing SD-WAN infrastructure they are happy with, can go with a robust SSE solution to meet their security needs.
Today’s work environment has seen major changes. The modern remote workforce needs remote access to cloud services and private applications but to do this there is usually a need for VPN technology, Providing secure access to private and cloud apps without needing to open firewall ACLs or expose apps to the internet is key. Enabling access to applications, data, and content without enabling access to the network is a critical piece of zero trust access because it eliminates the security ramifications of placing the user on a flat network. This new acronym SSE reflects the observation that while organizations are looking to consolidate and simplify their network security for remote and hybrid workers, some prefer a best-of-breed dual-vendor approach with separate solutions for networking-as-service and security-as-a-service.