Security Savvy: Unpacking key SASE vendor selection criteria
Graphics Padlock For Web Data Information Security Application System
Written by Martin Mascarenhas, Customer Engagement Director at Xalient
Many companies are stepping up their security measures to protect against cyber risks associated with the increasing use of cloud services and remote work. As a result, the global deployment of Secure Access Service Edge (SASE) is on the rise. According to the 2024 Gartner CIO and Technology Executive Survey, 39% of respondents have already deployed SASE or plan to do so within the next 24 months.
Strategic Deployment of SASE
While SASE architecture provides advanced protection for users and assets, it is important to deploy it correctly by following a strategic approach and meeting several criteria to derive the most value from the solution. Once the business and use cases are understood, organisations need to determine which SASE vendors are best suited to meet their specific needs. However, it is also important to be aware of some of the key challenges of SASE deployment and how to address them.
Commercial considerations
A key consideration for any new investment is the commercial aspect.
When evaluating SASE vendors, cost is inevitably a key factor and will be a consideration for any purchaser. Assessing the value of a SASE solution against your current solution will be necessary to ensure it will add value to your business and create a solid business case. Look at areas where you can eliminate cost, reduce cost or avoid cost. Examples might be eliminating the cost of a VPN, reducing the cost of your firewalls as you reduce (but maybe not eliminate) them and avoiding the cost of a standalone DLP solution that is required.
To weigh up value against cost, it’s also important to consider whether the price of the chosen solution is transparent and cost-effective. Organisations need to clearly understand what is included in the price, what comes as an additional cost, and what the terms and pricing models are. It is essential to assess if these costs align with the business’ commercial model so that the costs remain appropriate if the business’ circumstances change. Additionally, it’s crucial to consider the deployment and management costs, especially when deciding between a single supplier or a multi-vendor environment.
Single v Multi-Vendor Approach
There is often an immediate assumption that when considering a single versus multi-vendor option, the single vendor will provide economies of scale. However, this is not necessarily the case, and the multi-vendor cost may depend upon the specific mix of vendors chosen.
If a single vendor solution does appear to offer economies of scale, does it offer the integration assumed? This may be so, but single-vendor solutions may also have evolved through the acquisition of other businesses to obtain additional components. In this case, it is important to consider how well integrated the components are and, as such, whether they deliver the perceived benefits of a single-vendor solution.
Before finalising vendors, it is important to thoroughly investigate any aspects that the vendor may not have disclosed upfront. Although often difficult to uncover, with the right questions regarding limitations, restrictions and ‘what ifs’, it is possible to uncover, and subsequently avoid some pitfalls.
An experienced Managed Service Provider (MSP) can be worth its weight in gold here, as they are likely to have seen some of these pitfalls in the past and can provide guidance throughout the selection process to find the vendor that best suits the organisation.
Regarding vendors, it’s worth mentioning the impact that a vendor’s ‘heritage’ can have. If you look at many of the vendors in this market, they have often specialised in security and moved into networking to address the SASE requirement. Some started in networking but have moved into security for the same reason. This heritage can often highlight their strengths and weaknesses.
Also, the value derived from a single vendor solution may not match that of a more appropriate solution obtained by selecting the most appropriate vendors for each component. As such, organisations must weigh up the difference in costs and determine if a single supplier would provide the economies of scale they are looking for or if a multi-vendor approach would be a better option to derive value.
As several vendors provide SASE solutions, selecting a vendor to meet the organisation’s needs can be a complex task. This is particularly true because vendors provide varying solutions, each offering unique benefits. However, looking at the security controls and integration of components can shed some light on the matter.
Security Controls and Integration
Companies should evaluate how well any full SASE solution, whether single or multi-vendor best addresses their use cases. Some solutions provide powerful controls and tight integrations. For example, controls may have strengths in data loss prevention (DLP) or Cloud access security broker (CASB) but may be weak in secure web gateway (SWG). Before opting for a solution, it is valuable to determine what is most important to the organisation. Once this is known, it is important to understand if the company has the appropriate controls and whether it can also benefit from integration between components. As an example, some Endpoint Detection and Response (EDR) vendors will dynamically assess the security posture of the endpoint device and inform the other components. This insight allows an Identity application to dynamically move users into different user groups based on their security posture, potentially modifying their authorisations and, thereby, the applications they can access. In doing so, potentially ‘risky’ access can be managed appropriately. The automation of these controls is powerful.
Operation
Managing a single vendor solution could be easier if it is truly architected as such. The idea of a single platform with a single manageability/visibility interface, a single commercial model and all use cases met would be a strong one. But is this a viable option for all organisations?
If a multi-vendor solution is chosen, it is important to understand the impact of managing multiple vendors and the challenges and time involved for the team working with them. Managing these vendors will involve the monitoring and management of various aspects including performance, service quality and meeting compliance. All of this needs to be multiplied by the number of vendors. On the other hand, vendors often work together, and it’s possible to get ‘best of breed’ vendor solutions with a high level of integration.
SASE deployment can often be a major challenge due to the need for networking and security teams to work together effectively. Things are changing, but this has been a challenge for a long time. As such it is important to decide whether it is best to deploy and operate this solution internally or if it would be better to seek assistance from an external provider.
SASE offers a great opportunity to reduce ‘friction’ in the user experience, but often additional friction is created through an incomplete deployment. A good example is incomplete or inaccurate URL classifications leading to frustration for users unable to access the sites they need within appropriate timeframes. This can be avoided.
SASE offers numerous benefits for organisations worldwide. However, IT teams often find it challenging to select the right vendor mix while managing various organisational and operational demands at the same time. A managed service partner with extensive experience in managing multi-vendor SASE can assist throughout the entire process, from vendor selection to design, deployment, and ongoing management. This could avoid a costly mistake from a failed or time-consuming project – simplifying the process instead of adding to the complexity.
