The New Network Dictionary: AvidThink Explains SASE, SD-WAN, SSE, ZTNA, MCN, and NaaS  

Listen to post:
Getting your Trinity Audio player ready...

The enterprise networking and security market has seen no end to terms and acronyms. SASE, of course, is chief among them, but let us not forget SD-WAN, SSE, ZTNA, and Multi-Cloud Networking (MCN). Then we get into specific capabilities like CASB, DLP, SWG, RBI, FWaaS, and micro-segmentation. This alphabet soup of jargon can confuse even the most diligent and capable CISOs and CIOs, especially when vendors continually redefine and reclassify each category to fit their needs. 

AvidThink,  an independent research and analysis firm, set out to fix that problem. The firm produced the “Enterprise Edge and Cloud Network” report that defines and contextualizes these concepts and terms.  AvidThink founder and report author, Roy Chua, lays out the universal network fabric (UNF) — the grand theoretical architectural model for how enterprises can seamlessly integrate disparate enterprise networking resources while providing a consistent and secure connectivity experience across all endpoints.  

He correctly understands that no longer can networking and security stand apart: 

Traditional security measures are proving inadequate in the face of sophisticated threats, forcing organizations to seek security-centric network solutions. Integrating advanced security features directly into network architectures is now a critical requirement. Strong CISO interest in SASE, SSE, and ZTNA is evidence of this sentiment.” 

And he correctly identifies that to address this need SD-WAN vendor are trying to remake themselves into SASE vendor:  

“…all leading SD-WAN vendors are upgrading to becoming SASE solutions” or partnering with SSE vendors to deliver SASE as a response “…to customer demands for protection from an increasing number of cyberattacks, and to further simplify the messy collection of point products across customer remote and campus sites.” 

AvidThink Sees Cato as the SASE Pioneer 

But while numerous vendor market themselves as SASE vendors, Cato stands out: “…To be fair to Cato Networks, they were already espousing elements of the SASE architecture years before the SASE umbrella term was coined.”  

With that four-year head start (SASE was defined in 2019), Cato’s been able to do SASE right. We didn’t cobble together products and slap on marketing labels to capitalize on a new market opportunity. We build a fully converged, cloud-native, single-pass SASE architecture that today spans 80+ Cato -owned and -operated PoP locations servicing 140+ countries and interconnected by our global private backbone.  

Enterprise Strategy Group Report: SSE Leads the Way to SASE | Get the Report

It’s this fully single–vendor, converged approach that’s so critical. As Chua reports hearing from one of our customers, “We believe in Cato’s single-vendor clean-slate architecture because it brings increased efficiency and we’re not bouncing between multiple vendors.” 

SASE Is About Convergence Not Features 

Cato did help sponsor the report, but it doesn’t mean we agree entirely with the author. If there’s a weakness in the report, and every report has to stop somewhere, it’s in this area – the centrality of convergence to SASE. As we’ve mentioned many times in this blog, the individual components of SASE — SD-WAN, NGFW, SWG, ZTNA, and more – have been around for ages. What hasn’t been around is the convergence of these capabilities into a global cloud-native platform.  

Converging SASE capabilities enables better insight where networking information can be used to improve security analytics. Convergence also improves usability as enterprises finally gain a true single-pane-of-glass for a management console where objects are created once, and policies are unified, not the kind of “converged” console where when you dig a level deeper you find a new management console needs to be launched with all its own objects and policies.  

And its convergence into a single-pass, cloud-native platform, which means optimum performance everywhere and deploying more infrastructure nowhere. All security processing can now be done in parallel at line rate. There are no sudden upgrades to branch or datacenters appliances when traffic levels surge or more capabilities are enabled. And since all the heavy “lifting” runs in the clouds, little or no additional infrastructure is needed to connect users, sites, or cloud resources. 

It’s this convergence that’s allowed Cato customers to instantly respond to new requirements, like Juki ramping up its 2742 mobile users or Geosyntec adding 1200+ remote users worldwide in about 30 minutes both in response to COVID. It’s convergence that allows one person to efficiently manage the security and networking needs of companies on the scale of a Fortune 500 company. Convergence IS the story of SASE.  

To read the report, download it from here.  

Related Topics