Secure Access Service Edge (SASE) According to Gartner

SASE According to Gartner

Gartner is a global research and advisory leader in the technology space dedicated to helping businesses make critical IT decisions. Its Magic Quadrants (MQs) drive many organizations’ acquisition processes as they provide a clear and unbiased evaluation of the relative advantages and disadvantages of various technology solutions.

However, Gartner does not only perform evaluations of existing technology – it also looks to the future and provides organizations with guidance on how to build and secure the networks of the future. Back in 2019, Gartner finally created a name for what Cato Networks had already been doing for 4 years – SASE (Secure Access Service Edge).

Today, SASE has become a priority as many organizations look to adopt what Gartner calls “the future of network security”. Gartner’s recently released Single-Vendor SASE Magic Quadrant provides strong guidance on critical capabilities and vendors to help organizations maximize the value of their SASE investment throughout their journey. 


The Components of SASE Architecture

Single-Vendor SASE, according to Gartner, is defined as the global delivery of converged networking and security-as-a-service capabilities such as: SD-WAN, SWG, CASB, FWaaS and ZTNA by a single vendor, supporting all edges (not just branch networks or mobile users). The standard capabilities of a Single-Vendor SASE include:

  • Secure Web Access: Protection for users and locations against malware, phishing, policy violations and other threats, regardless of location. 
  • In-Line SaaS Access Controls: Granular controls based on activity type (upload, download, login, etc.) or risk level for cloud applications. 
  • Identity, Context and Policy Based Remote Access: Provides access for users or locations based on least-privilege principles with ongoing evaluation on a case-by-case basis. 
  • An Appliance That Supports Application-Aware Dynamic Traffic Steering: SD-WAN, providing resiliency and optimized routing overs multiple last-mile ISP connections. 
  • Firewall as a Service (FWaaS): A firewall is the foundation of any network security stack. SASE includes FWaaS to provide strong protection with minimal overhead and management.

Optional security capabilities include: 

  • Remote Browser Isolation: Delivers additional security to users by allowing them to access unknown Internet resources in an isolated environment. 
  • Zero-Day & Polymorphic Malware Protection: Evaluates unknown files to make a verdict on malicious intent. 
  • DNS Protection: Protection from known threats by sink holing queries that refer to malicious destinations. 
  • API-based Inspection for Cloud Applications: Known as API-based CASB, this service integrates with common cloud applications to scan for malware, data leakage and unintended over-sharing of data. 

Optional networking capabilities include: 

  • Global Private Backbone: A global private backbone overcomes the unpredictability of the public Internet, by leveraging reliable, consistent transport that favors performance over cost savings. 
  • Enhanced Internet: Network optimization capabilities such as TCP proxy and QoS that improve and ensure performance for critical applications. 

Gartner also defines the term “SASE alternatives” to describe solutions that check the boxes of SASE features without achieving the full convergence required by SASE. These solutions – often called “dual-vendor” or multivendor SASE – link point security products via APIs and service chaining. While these may have the same capabilities as SASE, they have poorer performance and are more difficult to manage than a true SASE solution.

Gartner’s SASE Guidance Report

Since defining the term SASE in 2019, Gartner has included a SASE category in its Hype Cycle for Enterprise Networking report. Both years, Gartner listed Cato as a “Sample Vendor” in the space, recognizing that Cato SASE Cloud meets the criteria for a true SASE solution.

In addition to its Hype Cycle reports, Gartner has published a number of reports further defining the space and providing guidance to organizations looking to adopt SASE. The SASE Convergence Roadmap 2021 and Market Guide for Single-Vendor SASE 2022 outline the steps that organizations should take when adopting SASE, including short-term and long-term goals for making the transition as well as recommendations for selecting a SASE vendor.

Finally, in 2023, Gartner launched the first-ever single-vendor SASE Magic Quadrant, positioning Cato among the top vendors in the space.

Getting Started on Your SASE Adoption Journey

Gartner believes that SASE represents “the future of network security” and encourages all organizations to start their SASE adoption journey today. A good starting point for this process is learning more about what SASE is and what to look for in a SASE solution. Then, build and demonstrate your SASE knowledge and skills by earning Level 1 of Cato’s SASE Expert Certification.

To learn more about SASE solutions and how to start your SASE journey, contact us. To see the capabilities of a true SASE solution and learn what Cato SASE Cloud can do for your organization, request a free demo.