Dell’Oro: Secure Access Service Edge (SASE) market to hit $13B by 2026; Gartner forecasts $14.7B by 2025; Omdia bullish on security

The secure access service edge (SASE) market is expected to triple by 2026, exceeding $13 billion, representing a very healthy CAGR, according to a new forecast by Mauricio Sanchez, Research Director at the Dell’Oro Group.  The report further divides the total SASE market into its two technology components, Security Service Edge (SSE) and SD-WAN with SSE expected to double the SD-WAN revenue for SASE. The report further breaks down the SSE market into FWaaS, SWG, CASB, and ZTNA.

Sanchez wrote in a blog post:

“Today, enterprises are thinking differently about networking and security. Instead of considering them as separate toolsets to be deployed once and infrequently changed, the problem and solution space is conceptualized along a continuum in the emerging view. The vendor community has responded with a service-centric, cloud-based technology solution that provides network connectivity and enforces security between users, devices, and applications.

SASE utilizes centrally-controlled, Internet-based networks with built-in advanced networking and security-processing capabilities. By addressing the shortcomings of past network and security architectures and improving recent solutions—in particular, SD-WAN and cloud-based network security—SASE aims to bring networking and security into a unified service offering.

While the networking technologies underpinning SASE are understood to be synonymous with well-known SD-WAN, the security facet of SASE consists of numerous security technologies, such as secure web gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA), and firewall-as-a-service (FWaaS). Recently, a new term, security services edge (SSE), emerged to describe this constellation of cloud-delivered network security services that is foundational in SASE.”

As noted above, Dell’Oro  divides the total SASE market into two technology components: Security Service Edge (SSE) and SD-WAN with SSE. Security features such as Firewall-as-a-Service (FWaaS), Secure Web Gateway (SWG), Cloud Access Security Broker (CASB) and Zero Trust Network Access (ZTNA) fall under the umbrella of SSE, according to Dell’Oro. In addition, Dell’Oro predicts that the security component to SASE “will increasingly be the driver and lead SASE’s SSE to exhibit over twice the growth of SASE’s SD-WAN.”

Dell’Oro’s Sanchez wrote, “We see SASE continuing to thrive independent of the ongoing macro-economic uncertainty as enterprises strategically invest for the new age of distributed applications and hybrid work that need a different approach to connectivity and security.  We anticipate that security will increasingly be the driver and lead SASE’s SSE to exhibit over twice the growth of SASE’s SD-WAN.”

Additional highlights from SASE and SD-WAN 5-Year Forecast Report:

  • Within SSE, Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) are expected to remain the most significant revenue components over the five-year forecast horizon, but Zero Trust Network Access (ZTNA) and Firewall-as-a-Service (FaaS) are estimated to flourish at a faster rate.
  • Unified SASE is expected to exceed disaggregated SASE by almost 6X.
  • Enterprise access router revenue is expected to decline at over 5 percent CAGR over the forecast horizon.

Dell’Oro expects that under the umbrella of SSE, Secure Web Gateway and Cloud Access Security Broker will continue as the most significant revenue components over the five-year forecast horizon. However, Zero Trust Network Access and Firewall-as-a-Service are expected to grow at a faster rate.

Unified SASE, which Dell’Oro qualifies as the portion of the market that delivers SASE as an integrated platform, is expected to exceed disaggregated SASE by almost a factor of six over the next five years. The disaggregated type is defined as a multi-vendor or multi-product implementation with less integration than unified type.  Dell’Oro also predicts that enterprise access router revenue could decline at over 5% CAGR by 2026.

………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………..

Gartner has a more optimistic forecast of SASE revenue, predicting the market to reach $14.7 billion as early as 2025.  “Gartner predicts that global spending on SASE will grow at a 36% CAGR between 2020 and 2025, far outpacing global spending on information security and risk management,” reported VentureBeat last month. According to Gartner, top SASE vendors include Cato Networks, Fortinet, Palo Alto Networks, Versa Networks, VMware and Zscaler.

These disparate predictions could be a result of the nascent nature of the SASE market, a convergence of networking and security services coined by Gartner in 2019. To address the varying definitions for SASE and resulting confusion on the part of enterprise customers, industry forum MEF plans to release SASE (MEF W117) standards this year. MEF started developing its SASE framework in 2020 to clarify service attributes and definitions. (See MEF adds application, security updates to SD-WAN standard and MEF’s Stan Hubbard on accelerating automation with APIs.)

………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………..

Omdia’s [1.]research also shows security is a major driver for SASE adoption, according to Fernando Montenegro, senior principal analyst with Omdia.  “Our own research indicates that end-user organizations value secure web browsing use cases (SWG, CASB, browsing isolation) particularly as they go further into their deployments of SASE projects,” said Montenegro in an email to Light Reading.

Note 1.  Omdia and Light Reading are owned by Informa in the UK

Security is critical for organizations in what Omdia calls the age of “digital dominance” and by how the “demands on security teams – both in terms of time and expertise – make the delivery of security functionality via a services model particularly attractive,” Montenegro said.

SASE services also provide “good performance characteristics” when compared to enterprises utilizing their own VPN headends, and especially when hybrid work continues to be popular, added Montenegro.

References:

https://www.lightreading.com/sd-wan/bolstered-by-security-demand-sase-market-to-surpass-$13b-by-2026—report/d/d-id/779447?

Total SASE Market to Nearly Triple by 2026, According to Dell’Oro Group

 

SASE & SD-WAN

https://start.paloaltonetworks.com/gartner-2022-report-roadmap-for-sase-convergence.html

 

One thought on “Dell’Oro: Secure Access Service Edge (SASE) market to hit $13B by 2026; Gartner forecasts $14.7B by 2025; Omdia bullish on security

  1. Verizon said in its guide for the “right approach” to secure access service edge (SASE) – the Gartner-coined infrastructure that combines cloud-native network and security stacks- that managing and securing an increasingly complex environment poses “significant challenges.”
    https://www.verizon.com/business/resources/T8d/whitepapers/the-right-approach-to-sase.pdf

    In 2021 Verizon Business launched SASE solution with a multi-vendor approach that combines SD-WAN and network security capabilities from Versa Networks and Zscaler into a single managed service. Rival AT&T had rolled out its own solution earlier that year in partnership with Fortinet.

    Verizon cites the COVID-19 pandemic, virtualization and the move to the cloud, increased security threats, and a shift away from the network appliance box as the primary factors that drove the “SASE frenzy” in recent years.

    By 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018, according to the Verizon guide.

    “Getting SASE right may be a complex proposition that presents significant challenges,” the provider said. “For one thing, it is a still-evolving technology target.”

    The SASE architecture combines network edge capabilities like SD-WAN and a set of security capabilities Gartner dubbed the security services edge (SSE) – a cloud-delivered suite that includes zero-trust network access (ZTNA), cloud-access security broker (CASB), secure web gateway (SWG), and firewall-as-a-service (FWaaS).

    The major elements that make up SASE have been around in some form or another for “at least 10 years,” Verizon pointed out.

    For this reason, a critical component of getting SASE right is cross-technology integration. “There’s no one-size-fits-all SASE solution, which means enterprises will need to be comfortable working with a variety of technologies in order to build an effective implementation that solves a given organization’s specific challenges,” the provider said.

    Enterprises adopting SASE need to be able to integrate a broad range of network technologies from physical transport – like private IP and MPLS – up through the virtualization SDN layer in order to build an integrated SD-WAN capability with traffic routing, prioritization, and bandwidth optimization.

    Another “key ingredient” to SASE is edge computing like content delivery networks, multi-access edge computing (MEC), or an IoT gateway. “Managing security across these complex and distributed systems will be essential and require a deep understanding of how edge computing fits into the SASE model,” Verizon explained.

    Orchestrating SASE Infrastructure
    How the technology components of SASE come together is critical.

    Verizon recommends enterprises implement service chaining as a key component of SASE because it is a “way of automating and optimizing the service delivery experience.”

    In an environment where many vendors are still unable to provide a complete end-to-end SASE solution, organizations likely need to combine technologies and products to create their desired solutions. “Being able to optimize new and already-deployed technology components so each is functioning and contributing at its full potential will be important,” Verizon said.

    The ability to conduct testing to make sure SASE is properly integrated and performing at necessary levels will also be critical. Verizon indicated this requires the “proper tools to conduct the integration, performance, and stress testing needed to ensure that functions have been deployed in the optimal order and the most efficient configuration.”

    Service chaining and other orchestration in a virtual network requires expertise, which has led to challenges for many organizations in the midst of a global skill shortage. However, this can be mitigated in part through organizational restructuring that sees networking and security teams – which have traditionally operated separately – merge their administration and management from the organizational perspective.

    Lastly, Verizon suggested that because SASE is still a work in progress, “CIO and CISO groups will need to rethink their respective roles in supporting enterprise infrastructure operations.”

    “Proper governance will be key to success as these changes percolate down through the organization, as they will eventually touch the network architects, security architects, application architects and others that need to work together to execute on a company’s SASE strategy,” Verizon added.

    https://www.sdxcentral.com/articles/analysis/verizons-critical-components-to-getting-sase-right/2022/11/

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*