SD-WAN and SASE: How Do They Relate?

3min. read

A 2019 report states that 69% of enterprise organizations are migrating data for enterprise resource planning (ERP) applications to the cloud1. With this move, organizations need to address security concerns that pertain to the use of public clouds. Enter software-defined wide area networking (SD-WAN).

SD-WAN is a software-based approach to building and managing networks that connect geographically dispersed offices. Many companies use SD-WAN to securely connect branch offices to their corporate networks instead of relying on traditional and expensive multiprotocol label switching (MPLS) connections, firewalls or proprietary hardware to do it. The challenge is that SD-WAN uses a networking overlay – an “SD-WAN fabric” – that doesn’t include any of the security and access controls companies need to protect and defend their network in a cloud environment.

Companies often turn to multiple point products to secure web gateways, support application firewalls, secure virtual private network remote access, and more. Since these products all come with their own policy management protocols, interfaces and sets of logs, this can create unwieldy administrative issues, increase costs and complexity, and lead to gaps in a company’s security posture.

To address this, Gartner, a leading research and advisory firm, proposed a new cybersecurity model for networking in the cloud called secure access service edge (SASE). A SASE solution combines the capabilities of a WAN with comprehensive security functions, such as secure web gateway (SWG), cloud access security broker (CASB), firewall as a service (FWaaS), and Zero Trust network access (ZTNA) to facilitate secure network access in cloud and mobile environments.

Gartner expects that by 2024, at least 40% of enterprises will have explicit strategies to adopt SASE, up from less than 1% at year-end 2018.2

How a SASE Solution Works 

A SASE solution provides mobile users, branch offices and retail locations with secure connectivity and consistent security wherever they are in the world. It does this by offering companies a single, centralized view of their entire network. This allows companies to quickly identify users, devices and endpoints, apply their networking access and security policies, and securely connect users to their applications and data in a cloud or mobile environment, all while ensuring multi-branch and multi-cloud network security.

It also enables companies to greatly reduce capital costs and cut the overhead typically associated with deploying security and networking at scale. More importantly, it speeds up deployment time and reduces the time to deliver protection by eliminating the need to set up traditional IT infrastructure.

The Benefits of SASE

Among its advantages, SASE:

  • Provides a holistic view of an organization’s network so the organization can better protect it.

  • Simplifies network complexity and management by combining SD-WAN and other networking infrastructure into a single cloud-based platform.

  • Enables companies to consistently apply security to stop cyberattacks.

  • Reduces costs by allowing companies to use a single platform instead of multiple point products. 

  • Allows users to immediately gain secure access to a company’s network, wherever they are and whatever device they use.

To learn more, read our e-book The 10 Tenets of an Effective SASE Solution.

Further Reading

The Next Generation of Network Security is Cloud-Delivered


1 “69% of enterprises moving business-critical applications to the cloud,” TechRepublic, January 11, 2019, https://www.techrepublic.com/article/69-of-enterprises-moving-business-critical-applications-to-the-cloud.

2 “The Future of Network Security is in the Cloud”, Gartner, August 30, 2019, https://start.paloaltonetworks.com/sase-the-future-of-network-security.html.