The SASE market is growing. It is still in the early stages of maturity but it’s going to drive a demand cycle for years. At the SASE Simplified partner event, Westcon’s Director of Data and Analytics, Atul Damani, explored this new security model and asked: is it evolution or revolution for you and your customers?
Before Westcon-Comstor I came from the end-user world in a variety of roles, from engineer to executive across different industries, from mid-size to enterprise, from financials to government, local to global. But in all these roles I was the customer that sat across from partners, looking for the best deals and trusted advisers to help future-proof my business.
At Westcon-Comstor I’ve applied all this experience of the channel and distribution to help identify the next set of technologies and vendors that partners and end-users need help with. Now heading up our data and analytics, I can take this to the next level, talking to CEOs, end-user CIOs, industry analysts and equity analysts to see what challenges they are facing and will face. And what we’re seeing is that this market opportunity for SASE is huge.
Why is this happening?
For all the benefits the cloud brings it has wreaked havoc on traditional security frameworks. Let’s take the example of Joey. He’s a sales executive, he goes to Starbucks and connects to Starbucks’ Wi-Fi on his work laptop. While he’s on that public Wi-Fi he’s accessing the company’s CRM, either using a tunnel or clientless. He’s browsing a SaaS application. He’s also browsing the web.
That means Joey has just extended his security threat landscape. He’s now vulnerable to a variety of attacks, whether it’s malware, data loss, infections or malicious activity. We need to decide if his access to the cloud is appropriate, and if so, provide quality of service to the cloud. And finally, we have to protect his Wi-Fi connection.
That is just one example, which is repeated thousands and thousands of times, and in the post-COVID world will become a way of life. Businesses are going to struggle to get visibility into their applications and data, let alone control and manage access to those assets. Employees are going to operate from their homes and outside their homes on unmanaged networks. They’re going to access resources spanning the public web, IaaS, SaaS and on-premises applications.
A new set of tools for a new world
One way to look at SASE in the most basic terms is that it represents the new tools and processes an organisation will need to secure workers in a world that is no longer centred on the perimeter.
When zero trust was first introduced by Forrester it was based on the concept of ‘trust no one’ and segmenting and securing the network across locations and hosting models. Consequently it ended up defining security, but zero trust network access is not a single architecture, it’s a set of guiding principles for network infrastructure design that can improve the security posture.
What SASE has done is take the zero trust network access model and build on it to provide a fully integrated and secure network. It is a cloud architecture model, introduced by Gartner, that includes multiple cloud security and infrastructure models and functions delivered as cloud services.
It combines SD-WAN, zero trust network access, Firewall-as-a-Service, secure web gateways, data-loss prevention and more into an integrated, comprehensive solution that protects all data, applications and users. SASE blends all these services in a cloud-aware, cloud-based network security posture so users don’t have to set up separate network structures to address both internet and private applications, as was the case with traditional perimeter products.
Who are your prospects?
According to analysts, two-thirds of your customers are going to move to SASE. Customers with multiple locations with cloud infrastructure, remote access, legacy VPN infrastructure or the need to outsource security solutions. And COVID has brought cloud apps and remote workers to the forefront. It is no longer optional for traditional companies not to adopt it, and those that are on their journey are moving faster and faster.
Let’s look at SASE from a data and analytics viewpoint. Our Intelligent Demand programme allows us to look at end-users and get valuable insights into what they’re doing, how they’re going to spend their money and what their propensity to buy is. We then help partners to identify and support them. We track 325,000 end-user companies in EMEA and 5,000 vendors – not just in the security space – so that we can see if they are on a cloud or digital transformation journey, and put markers on them to see if they have a higher propensity to buy. We marry that with our point-of-sale data and use data science techniques to identify specific use cases.
Let’s apply that to a bottom-up, early SASE opportunity. We start with 325,000 companies in EMEA, and focus on the 75,000 with decision-making in Europe. We identify the 20,000 that have spent heavily on IaaS, whether it’s Azure, AWS or Google, and then 18,000 that have all the hallmarks of a cloud journey and will need extra help to secure their workforce and data.
Evolution or revolution?
Traditional, monolithic companies are being forced by COVID to enable remote workers and move to the cloud. These businesses will be in the revolution phase, needing trusted advisers to help them design secure access service edge solutions and map their cloud transformation journey.
For companies that have already started investing in these technologies it will be more evolution. Most will have not realised how their threat landscape has expanded due to the increase in mobility and remote working, and they will need help putting the rest of the building blocks in place.
Regardless of whether end-users require a revolution or evolution, they will need partners as trusted advisers to help them. And we’re here to support you with the right tools and the customer insights to identify, address and go after this large market opportunity.