Gartner has released the 2023 version of their “Magic Quadrant” for Secure Service Edge (SSE), with cheers and jeers from the companies that scored well or poorly respectively. SSE now has a place in the industry, which is good news given the ongoing rise of cyber-attacks and national security concerns. However, one area needing improvement is how solutions are architected. The placement and management of network “points of presence” (PoPs) is critical, and SSE and Secure Access Service Edge (SASE) require functions to be placed close to the employee and endpoint device to overcome the dilemma of selecting either network performance or security scanning. SSE providers can install PoPs in their own data centers, in telecom hotels, or in the Cloud Giants (AWS, Azure, Google Cloud), with the closer placement producing better performance and security.
Research paper by Gartner analysts Evan Zeng and Jonathan Forest suggests that as applications become Cloud dominant, SASE product leaders must consider how to architect their WANs. SSE/SASE vendors must account for application performance and security, and network and security engineers must select the best placement of a PoP to realize the value of SSE/SASE, and application performance with security. Some vendors have taken a different path, which puts the network/security engineer back in the driver’s seat. Instead of a “take or leave it approach” to the PoP, the engineer can select the best placement of a PoP to realize the value of SSE/SASE, and application performance with security.
Choice in how SSE/SASE solutions are constructed is essential to evaluate and provide performance with security. The Gartner MQ provides a good first pass, but it is critical to dive into the architecture of each of the solutions listed and not included in the MQ. Ask the critical questions about the location of a vendor’s PoPs, their resilience, and their capacity to meet demands. Choice in how to construct, create resiliency, and provide performance with security must be at the core of the evaluation of SSE/SASE solutions. Enterprises cannot be pigeonholed into a solution that is flawed or results in compromises, complexity, or limited resiliency. Downtime and slow, insecure applications are no longer acceptable.
Key Points:
– SSE now has a place in the industry, which is good news given the ongoing rise of cyber-attacks and national security concerns.
– Placement and management of network “points of presence” (PoPs) is critical for SSE and SASE.
– SSE providers can install PoPs in their own data centers, in telecom hotels, or in the Cloud Giants (AWS, Azure, Google Cloud), with the closer placement producing better performance and security.
– SSE/SASE vendors must account for application performance and security, and network and security engineers must select the best placement of a PoP to realize the value of SSE/SASE, and application performance with security.
– Enterprises must evaluate SSE/SASE solutions to provide performance with security and cannot be pigeonholed into a solution that is flawed or results in compromises, complexity, or limited resiliency.
