“As enterprises pivot towards becoming cloud-first and mobile-friendly, they are running into the structural deficiencies of the hub-and-spoke model and need alternatives,” said Mauricio Sanchez, director at Dell’Oro Group. “The need for more agility, better scalability and ubiquitous security has driven the vendor community to respond with the convergence of software-defined WAN (SD-WAN) and secure web gateway (SWG) solutions into a new architecture under the SASE umbrella. As a result, enterprises’ interest in SASE is skyrocketing.” Yet in a cloud survey by Frost & Sullivan, 48 percent of IT decision makers stated that they decided to repatriate applications from the public cloud after experiencing security incidents such as unauthorized access. “That is a staggering percentage, and the entire cloud model will be unsustainable in the long run if cloud, network and security planning is not done holistically,” argued Roopa Honnachari, a director in Frost & Sullivan’s network services and edge computing practice. The increased complexity of corporate networks, not so surprisingly, also comes into play as enterprises incorporate SASE into their networks. As Gartner analysts warn, “Enterprises can’t flip a switch and adopt SASE.” Instead, the transition to SASE generally is done on an incremental basis, according to experts and providers, with technologies introduced consecutively rather than concurrently. A survey by Avant Research & Analytics, for instance, found that more than 90 percent of customers intend to adopt SASE on an incremental basis, as opposed to using a single engagement approach. Indeed, the vast majority of enterprise SASE adoption, said Gartner analysts, will take several years to complete, with executives prioritizing areas of greatest opportunity in terms of cost savings, mitigating complexities and reducing risks. “By introducing new technologies consecutively, as opposed to concurrently, any glitches are generally easier to identify, locate and resolve,” said Presti. The intended benefits and drivers of SASE can be somewhat simplified: enhanced security and improving application performance. In practice, however, the implementation touches multiple teams and resources within the customer organization, must cross organizational silos and can impact multiple existing solutions and vendors. In addition to SD-WAN, zero trust network access (ZTNA), cloud access security broker (CASB), firewall as a service (FWaaS) and secure web gateway (SWG), a SASE implementation can involve a number of other capabilities and consideration, including DNS protection, remote browser isolation, sandboxing and API/application protection. “A full SASE implementation requires a coordinated and cohesive approach across network security and the networking teams,” advised Gartner analysts. “For midsize enterprises, this is an easier problem to address, as a separate security team may not exist. Within large organizations, these organizational structures, budgeting processes and responsibilities are quite rigid.” And don’t expect SASE to magically fix any underlying network issues. BetFactors Driving Involvement with Emerging Technologies Source: CompTIA Top Reasons to Engage Trusted Advisors in SASE Decisions Source: Avant Research & Analytics 54% 51% 37% 36% 10% 12% 46% 43% 42% 42% 16% 38% 46% 15% 37% 48% 15% 12% 76% 9% 7% 5% 2% Customer demand Better revenue opportunity Competitive diferentiator Avoid obsolescence Vendor pushing us to do so Dovetails with existing portfolio Major factor Minor factor Not a factor Education Product/Solution Selection Integration with Legacy Systems Developing Migration Strategy Coordinating Buy-in within Customer Organization Organizations’ SASE Implementation Timelines Incremental migration planned 46% Likely to be incremental migration 44% Not likely to be incremental migration % No incremental migration planned 5% Source: Avant Research & Analytics THE CHANNEL MANAGER’S PLAYBOOK 8