Secure Access Service Edge (SASE) is a hot topic for our customers. Due to hybrid and remote working, cloud migration, and SaaS adoption, customers are running more traffic over the Internet than ever before. They're also wrestling with the complexity of managing multicloud environments while protecting against increased exposure to cyber-attacks.
By converging software-defined networking and security in the cloud, SASE provides a more consistent architecture that is simpler to manage and more dynamic and secure than previous models-one that is well-suited to meeting the secure connectivity needs of businesses as they continue their digital transformations.
Gartner? expects 80% of enterprises to have adopted a strategy to unify web, cloud services, and private application access using a SASE or Security Service Edge (SSE) architecture by 2025 [1]. And, according to Cisco's latest CISO Survival Guide, 98% of CISOs plan to spend money on SASE, and 55% of them will prioritize 25-75% of their IT security budget on SASE in the future.
The question is: How do Cisco Partners capture their share of the multi-billion-dollar SASE opportunity?
SASE combines SD-WAN and VPN capabilities with comprehensive network security services such as secure web gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA), and firewall as a service (FWaaS).
Given that Cisco was recognized as a Leader in the 2022 Gartner Magic Quadrant TM for SD-WAN [2] and offers a broad, end-to-end security portfolio, our Partners are well positioned to grow their businesses by selling more Catalyst Routing and Meraki MX-the foundation for SD-WAN. They can also cross-sell Cisco SASE to customers who currently have our cloud security but not SD-WAN, or up-sell to those that have both cloud security and SD-WAN installed but have not yet integrated them under a SASE architecture.
In addition, Partners can now offer even more value-added services such as implementation, training, and ongoing support, as well as expanding their managed services portfolios.
Another key benefit for Partners leading with Cisco SASE is that their customers have a choice between going all in with a single-vendor SASE solution, or incorporating their choice of Cisco products into a multi-vendor SASE deployment.
An all-Cisco solution means customers can realize faster time-to-value with cloud-managed, turnkey operations delivered via a single management console (Meraki Dashboard TM). Or they can opt for our modular SASE solution, which offers a more flexible, scaled deployment with customizable and extensible products, solutions, and services, plus high-value integrations that allow them to benefit from their existing cloud security investments.
Every journey to SASE is unique. Customers value having a choice of networking and cloud security capabilities. Cisco has both a unified SASE solution and a modular SASE solution, enabling Partners to meet customers where they are today. Here are three of the core use cases we see:
1. Enabling WAN modernization at hardware and software refresh
When upgrading customers from legacy to next-generation routers, such as Catalyst 8K or Meraki MX, Partners can focus on the benefits that come with Cisco DNA Center, Meraki Dashboard, or Cisco vManage. These cloud-centric management platforms ideally position customers to not only transition to SD-WAN with advanced features at their fingertips but be SASE-ready at the same time.
Take QDOBA as an example. As the first step toward a full SASE architecture, QDOBA coupled Meraki MX SD-WAN and security services from Cisco Umbrella to future-proof their network security. The company's network and security teams now proactively discover emerging threats and instantly coordinate countermeasures across all their operations. The entire network is now managed via the cloud using Meraki Dashboard.
2. Securing remote workers
Many organizations have embraced remote work, which means letting their people work from almost anywhere. This is hard when they are using both managed and unmanaged devices (i.e., 'bring your own devices' or BYOD) to access corporate resources, and relying on networks that the organization does not own (think home WiFi and broadband as examples).
A Cisco SASE architecture connects users from outside of the corporate network and from remote locations to applications and data (which can also be located anywhere) by enabling identity-based security. It applies zero-trust policies that establish user and device trust before granting access to applications, employs breach defense for SaaS accounts and Internet-based threats, and leverages cloud-enabled automation to ensure always-on security everywhere users go.
Cisco SASE provides a top-tier connectivity and application experience for every remote worker. We have ThousandEyes to provide IT teams with visibility across the entire digital supply chain, while our SD-WAN uses intelligent traffic steering and path selection to enable lightning-fast performance.
3. Securing place and things
With more customers re-assessing their offices footprint, we're seeing a growing need to securely connect more places-like branch offices and branch users-as well as Internet of Things (IoT) and Operational Technologies (OT) to the public Internet, SaaS, and private applications.
For this use case, customers need better performance and scale for latency-sensitive cloud applications, better support for a broad range of platforms and device types, and to minimize operational complexities and overhead. Here, Cisco SASE enables user identity verification, visibility into every device, and adaptive policy enforcement to secure access to every application.
With network-based security delivered from the Cloud, Cisco SASE includes multiple levels of defense against Internet-based threats. It enables guest access identification and blocking to malicious links and websites via the DNS layer and provides actionable security intelligence while reducing false positives via Talos, the world's largest commercial threat intelligence service.
We also support cloud on-ramp for SaaS to intelligently route cloud SaaS application traffic. This provides a fast, secure, and reliable end-user experience. Additionally, it allows for continuous monitoring of path performance and forwarding adjustments, superior real-time and historical visibility into SaaS application performance through a quality-of-experience metric, application/bandwidth forecasting, and branch expansion analysis. It also includes what-if scenario modelling for policy changes.
Again, our Partners can only deliver this level of capability with Cisco SASE.
The SASE opportunity for Cisco Partners is huge. To help you grow your business and win big selling Cisco SASE solutions, check out these resources:
We'd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with#CiscoPartners on social!
Cisco Partners Facebook | @CiscoPartners Twitter | Cisco Partners LinkedIn| @CiscoPartners Twitter | Cisco Partners LinkedIn