Understanding the Evolution of SASE: A Comprehensive Overview for the Modern Enterprise
In 2019, Gartner defined Secure Access Service Edge (SASE) as a transformative networking and security framework that combines multiple functionalities to meet the needs of today’s digital organizations. At its core, SASE encompasses two significant pillars: on one side, the Security Service Edge (SSE), which includes various microservices dedicated to cybersecurity, and on the other, the connectivity component managed through Software-Defined Wide Area Networking (SD-WAN). This integrated security model not only aims to simplify the everyday management of cybersecurity but also signifies a fundamental evolution in enterprise networking infrastructures.
The Rise of SASE and Network Modernization
The shift towards SASE is driven by companies reevaluating and overhauling their Wide Area Networks (WAN) to support their ongoing digital transformation and the rapid growth of cloud services within their infrastructure. As Stan Nabet, France Country Director for Netskope, highlights, “Market analysts describe a transition from traditional legacy approaches, which relied heavily on MPLS networks, towards SD-WAN solutions.” He adds that, in 2022, SD-WAN represented around 15% of the market share, but projections indicate it will surge to about 60% by 2026. This swift adoption underscores how organizations are increasingly viewing SD-WAN as a critical foundation for their network evolution.
Several factors explain this shift. Although traditional WAN links are still costly, the primary driver is the expanding bandwidth demand fueled by ubiquitous Wi-Fi at home and the rollout of 5G. Today’s workforce often connects via Internet-enabled devices, making the Internet an extension of the company’s network. Consequently, businesses face a fundamental challenge: the inescapable reliance on Internet connectivity to support remote work and cloud access. To address the limitations of Virtual Private Networks (VPNs), embedding security directly into the network infrastructure has become the most straightforward solution.
1. Telecom Operators Embrace Cybersecurity Within the SD-WAN Paradigm
A 2024 study commissioned by GTT, a global provider of network and security services, reveals that 81% of IT decision-makers see SD-WAN deployment primarily driven by the need to enhance overall security. Bastien Aerni, Vice President of Strategy and Technology Adoption at GTT, affirms that “SD-WAN is now considered a critical component of a complete SASE solution; in fact, it’s the very foundation of it.” He explains that “software-defined networking techniques are used to intelligently route and optimize traffic across various locations—be it branches, data centers, or cloud environments—while supporting remote and mobile users.” A SASE framework leveraging SD-WAN thus improves network performance and provides essential visibility, which is vital for maintaining effective security.
GTT’s Secure Connect platform exemplifies this integrated approach. It incorporates technologies from partners like HPE Aruba, VMware, Fortinet, Palo Alto Networks, and Fortinet again for cloud security. Aerni emphasizes, “Since a purely cloud-based network security approach may not suffice, we advocate a ‘Cloud First, Edge as needed’ strategy, applying enhanced security through our Envision platform and its components EnvisionEDGE and EnvisionCORE. All managed via our unified EnvisionDX portal.” Major telecom operators now offer SD-WAN alternatives alongside traditional MPLS links, and many are also moving towards SASE adoption.
Frédéric Ong, France Country Manager for Tata Communications, contextualizes this trend: “While we identify ourselves as a traditional telecom operator, we’ve quickly recognized the shift from MPLS to Internet-based solutions, multi-cloud, SD-WAN, and SASE.” He further notes, “Our portfolio has expanded to encompass a suite of digital platforms, including network services, cloud and security solutions, IoT, and a comprehensive digital customer experience platform.” Tata Communications now positions itself between classic network operators and pure service providers, assisting businesses in optimizing routing policies for their digital transformation. “This cloudification process has required adjustments not only in routing and security layers—what we call the overlay—but also in the underlying network infrastructure—the underlay,” Ong explains. He argues that “controlling the underlay remains crucial because independent cloud and managed service providers often neglect the network quality beneath their solutions, which is a mistake. The ideal approach combines high-quality overlay with a robust underlay infrastructure.”
Operators have heavily invested in partnerships with cybersecurity leaders such as Fortinet, Palo Alto Networks, and HPE Aruba, which promotes its Universal Zero Trust Network Access (ZTNA) strategy. Gregory Gatineau, Category Manager at HPE Aruba, details, “Having control over access equipment allows us to trace application flows and user sessions end-to-end. Our SASE platform offers cross-layer visibility from the edge—where users are—to data centers and cloud environments.” He notes that “this end-to-end insight not only ensures full transaction traceability but also enhances application performance and security via a unified access policy framework. Our integrated approach eliminates the silos currently plaguing security, which often require managing disparate solutions for LAN, Wi-Fi, and IoT networks.”
2. The Disruptive Rise of Pure-Play SASE Providers Challenging Established Players
Among the newer entrants are “pure players” such as Israeli-based Cato Networks. Founded in 2015 by Shlomo Kramer, known for Check Point Software and Imperva, Cato Networks is driven by a radical vision: “Companies cannot simply increase cybersecurity budgets linearly in the face of the exponential rise in cyber threats,” states Sylvain Chareyre, EMEA Sales Engineering Vice President for Cato Networks. He emphasizes that “simply investing more or deploying more appliances does not necessarily improve security posture. In fact, beyond a certain point, it becomes counterproductive. Managing dozens of devices and solutions becomes increasingly complex, leading to operational inefficiencies and higher risks.”
Sylvain Chareyre describes how Cato Networks offers an integrated service that includes both wide-area networking and security, with the company operating a globally distributed network of over 65 access points. “Our role is to overlay security over existing telecom links, regardless of their technology, to safeguard all enterprise resources.” The company collaborates with telecom Service Providers such as OCD and Adista to deliver managed SASE solutions that run on Cato’s infrastructure. While some service providers initially viewed SASE as a competitor to their core businesses, many now see it as an opportunity to access new markets and expand their service portfolios.
Zscaler’s approach diverges from traditional network operators by emphasizing a cloud-first security model. Ivan Rogissart, Zscaler’s European Sales Engineer Director, explains, “Zscaler’s MagicWAN enables a true ‘Any-to-Any’ networking approach, connecting regional sites, retail outlets, data centers, and cloud services. Our system manages and accelerates traffic, providing security at every point.” This ultra-integrated strategy contrasts with conventional vendors that rely heavily on routing through physical devices like routers, often leaving security as a last line of defense.
The Market’s Changing Landscape: From Traditional Telecoms to Cloud Ecosystems
Operators are increasingly forming strategic alliances with cybersecurity players such as Fortinet, Palo Alto Networks, and HPE Aruba, which offers a unique “Universal ZTNA” approach. Gregory Gatineau from HPE Aruba comments, “Our goal is to ensure consistency in access policies across all environments—local, remote, cloud, and branch sites—by controlling and orchestrating access from the edge to data centers or cloud resources.” He stresses that this unified visibility simplifies security management, making it easier to enforce policies uniformly across all network levels and devices, whether wired, wireless, or IoT.
Meanwhile, other providers like Tata Communications position themselves between traditional carriers and modern cloud-driven security providers. Frédéric Ong remarks, “Our approach is vendor-agnostic; we adapt our solutions to our clients’ specific contexts, collaborating with partners like Versa Networks, Fortinet, and Cisco.” He emphasizes that their aim is to demystify complex security and networking technologies, ensuring they fit into each customer’s unique operational landscape.
He affirms, “Our strength lies in managing both overlay and underlay layers, combining high-quality routing with security to deliver maximum value. This dual focus sets us apart from pure cloud or network-only players, which often overlook the critical importance of underlying infrastructure quality.”
As the market advances, collaboration remains a key theme. Tata has partnered with security giants such as Fortinet and Palo Alto to develop comprehensive security solutions, while also integrating SD-WAN and SASE capabilities into an increasingly interconnected service ecosystem.
The Future of SASE: Challenges and Opportunities
The landscape is decidedly dynamic, with new entrants continuously challenging established players. For instance, Cato Networks exemplifies how integrated security and networking services can disrupt traditional models. Their holistic approach, covering WAN connectivity, security, and managed services, aims to simplify cybersecurity management for enterprises overwhelmed by the proliferation of standalone solutions.
Meanwhile, cloud-native vendors like Zscaler leverage their global networks to provide internet-based, secure, and high-performance connectivity options that replicate private networks’ security and reliability. Their strategy underscores a critical shift in how organizations perceive and utilize the internet—not as a threat vector but as a trusted extension of the corporate network.
As Gregory Gatineau summarizes, “The key to thriving in this environment is agility and openness—embracing vendor-agnostic approaches, forming strategic alliances, and focusing on delivering seamless, secure, and intelligent connectivity across all operational environments.”
With ongoing technological innovations and increasing adoption of cloud services, SASE and its associated components will remain central to the future of enterprise connectivity, security, and digital transformation.
