The CF List: 2022's 20 Top SASE Providers You Should Know
With SASE, customers need more than just secure access to their applications.
![Twenty, 20, SD-WAN providers Twenty, 20, SD-WAN providers](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt1623fbe456f4d7d3/6523f96f6868b42e553c7c45/shutterstock_790434142.jpg?width=700&auto=webp&quality=80&disable=upscale)
Jörge röse-oberreich/Shutterstock
Frost and Sullivan’s Ying Ting Neoh, S&P Global’s Garrett Bekker, and Omdia’s Rik Turner and Fernando Montenegro cited Cato Networks as a leader in SASE. In February, Cato Networks reported its 2021 revenue grew by 96% year over year, increasing headcount by 66%, and a doubling in valuation to $2.5 billion with an added $200 million investment. More than 1,100 enterprises with more than 17,000 branches and cloud instances, and 300,000 remote users rely on Cato Networks’ SASE Cloud every day.
“Cato has raised a lot of venture capital cash, so probably worth keeping them on your radar,” Turner said.
Bekker, Neoh and Montenegro said Versa Networks is a leading contender. Dell’Oro Group’s Q4 2021 Network Security Quarterly Report listed Versa Networks as the unified SASE market leader with an 84% market share.
“As a result of Versa’s market performance, we are pleased to award the company with Dell’Oro Group’s Market Share Leadership Award for unified SASE,” said Mauricio Sanchez, research director at Dell’Oro Group. “We see SASE as a service-centric, cloud-based solution that brings networking and security into a unified service architecture. On a technology level, we see it as the combination of SD-WAN networking and numerous security technologies, such as SWG, CASB, ZTNA and FWaaS.”
Bekker, Neoh, Turner and Montenegro said Palo Alto Networks is a top SASE contender. In April, Palo Alto Networks announced it has extended SASE to protect home networks with its Okyo Garde Enterprise Edition. It enables organizations to extend Palo Alto Networks’ SASE into the home network through a security subscription that comes with Prisma Access and a Wi-Fi 6 router.
“I’d definitely include Palo Alto by virtue of their market clout,” Turner said.
Bekker, Neoh and Montenegro cited Forcepoint as a SASE leader. Forcepoint’s SASE platform enables distributed enterprises to safeguard critical data and intellectual property. Its DLP technology provides visibility and control over data no matter where it resides. Its SASE platform reduces the operational burden on teams and cuts ownerships costs by up to 30%.
Neoh and Montenegro said VMware is among top contenders. Chipmaker Broadcom is bolstering its software practice with its massive acquisition of VMware. Broadcom will buy all outstanding VMware shares in a stock-and-cash transaction totaling approximately $61 billion. The deal expands the depth of critical infrastructure solutions both companies can provide to enterprise customers. Leading shareholder Michael Dell, who owns slightly more than 40% of VMware shares, called the deal a “landmark moment for VMware.”
Bekker, Neoh and Montenegro cited Cisco among SASE leaders. At this month’s RSA Conference, Cisco announced Cisco Security Cloud, a unified, end-to-end security platform designed to stretch across hybrid multicloud environments. The platform also offers new zero trust and SASE features. With unified management, the open platform will provide threat prevention, detection, response and remediation capabilities.
Bekker, Neoh and Montenegro said Fortinet is a SASE contender. FortiOS 7.2, the latest upgrades to Fortinet’s flagship operating system and the foundation of the Fortinet Security Fabric, provides secure private access to corporate applications with natively integrated zero trust network access (ZTNA) in FortiSASE for one unified agent for endpoint protection and traffic redirection. Continuous identity and context validation allow organizations to shift from implicit to explicit access per application for remote users to overcome traditional VPN challenges.
Bekker and Turner said Perimeter 81 is a SASE leader. At this month’s RSA Conference, Perimeter 81 announced its valuation has reached $1 billion after completing a $100 million Series C funding round led by B Capital. The financing will accelerate Perimeter 81’s growth, hiring and development. The company has more than doubled its annual recurring revenue (ARR) year over year.
Turner said Perimeter 81 is pure-play and cloud-native with no SD-WAN capabilities, yet has “something interesting to say in this space.”
Bekker, Neoh and Turner said they’re keeping an eye on Akamai. The Akamai Intelligent Edge Platform, a globally distributed cloud network, provides the foundation to build and optimize a SASE architecture. In March, Akamai completed its $900 acquisition of Linode, a 19-year-old independent cloud computing provider.
Bekker and Montenegro said they’re tracking Cloudflare. The company is designed to deliver integrated network and security services across each of its more than 270 locations worldwide, eliminating the need for enterprises to run traffic through a centralized data center or manage multiple point solutions in the cloud.
Turner said Juniper Networks is one to watch in SASE. This month, Juniper Networks announced the expansion of its SASE offering with the addition of CASB and advanced DLP capabilities to its Juniper Secure Edge solution. It now offers a full-stack SASE solution with visibility into both the edge and the data center.
“Juniper has only just joined the fray and is making a virtue of necessity, arguing that it is late, but that enables it to come in with more advanced functionality,” he said.
Bekker said Barracuda Networks is a noteworthy provider. Last month, Barracuda announced the expansion of its cloud-native SASE platform. Barracuda’s SASE platform streamlines secure SD-WAN, FWaaS, ZTNA and SWG functionality, and incorporates secure connectivity to industrial IoT devices. The expansion includes new capabilities for hybrid deployment models and IIoT environments. Additionally, new technology integrations offer secure data transfer, orchestration, asset management and anomaly detection.
Bekker cited Trend Micro as a SASE leader. In April, Trend Micro unveiled its unified cybersecurity platform that integrates all of the vendor’s native services and builds an ecosystem with third-party partners and competitors such as Google Cloud, Microsoft, Palo Alto Networks and others.
Bekker and Montenegro said Zscaler is a noteworthy SASE provider.
“While the threat landscape continues to change/evolve, we tend to see interest in SASE grow more from the perspective of simplifying service delivery,” Montenegro said. “The idea of switching security delivery to a services-based model is appealing to organizations based on how much it can free up resources for other tasks. We see customers interested in addressing a multitude of use cases, from remote access security to branch optimization, and that hasn’t significantly changed.”
Bekker and Montenegro cited Netskope as a top SASE contender. Netskope and Deloitte have formed a strategic alliance to help their mutual clients adopt SASE and SSE security frameworks aimed at protecting users, applications and data from cyber threats, while preserving user experience.
Montenegro said Check Point Software Technologies is a noteworthy SASE provider. Earlier this year, Check Point announced its enhanced Harmony Connect SASE. It allows zero-trust connectivity to corporate applications with cloud-delivered VPN-as-a-service, improved connectivity speed worldwide with new global PoPs, and increased security via device posture validation for remote user devices.
Montenegro cited Skyhigh Security as a SASE leader. In March, Symphony Technology Group (STG) completed its split of McAfee Enterprise into two organizations with the launch of Skyhigh Security. Skyhigh Security includes the McAfee Enterprise SSE portfolio. It was created to satisfy the growing cloud security requirements for large and small organizations. Its data-aware SSE provides security that follows the data and users wherever they are.
Bekker said Aryaka Networks is a noteworthy SASE provider. In December, Aryaka announced three new SD-WAN and SASE product lines, designed to serve customers of varying size and security needs. Among the offerings is Prime EZ managed SASE, which offers basic security features derived from the company’s Secucloud acquisition.
Bekker cited Citrix as a top SASE provider. Citrix is being acquired by Tibco portfolio company Vista Equity Partners for $16.5 billion. Evergreen Coast Capital, the private equity arm of Elliott Management, is also part of the deal. The acquisition, which should close in the second half of this year, will take the company private.
Bekker said Ericom Softtware is a top SASE provider. Ericom’s ZTEdge cloud security platform provides a host of zero-trust capabilities aligned with Gartner’s SASE and SSE security frameworks. The solution was designed with midsize enterprises in mind, helping them cut complexity, reduce cyber risk and improve performance.
Bekker said Ericom Softtware is a top SASE provider. Ericom’s ZTEdge cloud security platform provides a host of zero-trust capabilities aligned with Gartner’s SASE and SSE security frameworks. The solution was designed with midsize enterprises in mind, helping them cut complexity, reduce cyber risk and improve performance.
The increasing shift of business operations to the cloud has expanded the perimeter drastically, accelerating demand among secure access service edge (SASE) providers.
SD-WAN is an overlay network that backhauls traffic to data centers. SASE is a cloud platform that inspects data at various points of presence (PoPs) at the edge. As remote work remains a part of everyday life, architectures like SASE are better suited for remote access than SD-WAN.
This is our first annual “CF List” focused on top SASE providers. Analysts share their views on what it takes to succeed with the technology. It includes a new list and fresh views on changes in the competitive landscape.
SASE Core Features
Garrett Bekker is a senior research analyst with S&P Global Market Intelligence’s 451 Research.
We recently compiled a list of 20 top SD-WAN providers offering products and services via channel partners. |
S&P Global Market Intelligence’s Garrett Bekker
“To me, the five core features of a SASE are firewall-as-a-service/NGFW, SD-WAN, secure web gateway (SWG), zero trust network access (ZTNA) and cloud access security broker (CASB),” he said. “There are other ancillary features of SASE also, such as data loss prevention (DLP), encryption or remote browser isolation (RBI). Few vendors actually have all the pieces. So one criterion for success is completeness of solution, and how tightly integrated the various pieces are. Or are they just cobbled together?”
Ying Ting Neoh is a security research analyst at Frost & Sullivan.
Frost & Sullivan’s Ying Ting Neoh
“SASE has gained popularity even though the adoption of a single-vendor SASE providing a converged, full SASE-stack approach has been slow,” she said. “However, with more organizations looking to streamline their management of networking and security functions to avoid complex management, it is expected that customers increasingly favor vendors providing converged and cloud-native SASE architecture tightly integrating both SD-WAN and security capabilities. On top of that, the need for more advanced security protection capabilities … is increasing.”
More than Just Secure Access
Customers need more than just secure access to their applications, Neoh said.
“With the array of capabilities to be integrated into the SASE architecture, great user experience has also become one of the key deciding factors of a successful SASE provider,” she said. “Customers increasingly prefer SASE providers providing a single-pass processing architecture whereby inspection processes and services are done simultaneously. Customers are looking for SASE architecture which provides good visibility into the network traffic, user behavior and threats, driving the need for SASE-native threat intelligence to be integrated into the architecture to provide better actionable information to the security team. Hence, a cloud-agnostic SASE provider that can provide secure, consistent, converged networking and security services with expanded global coverage to multiple cloud service platforms and great user experience is foreseen to be the upcoming successful SASE provider customers need.”
Early Days for SASE Market
Rik Turner is principal analyst at Omdia, which shares a parent company with Channel Futures (Informa).
Omdia’s Rik Turner
“I still think it’s early days in the development of the SASE market, so I’m not sure customer expectations have even had time to mature very much, though obviously the basic premise of WAN connectivity over the internet instead of MPLS, network security, and secure remote access, all delivered as a service from a single provider, remains a compelling one,” he said.
Fernando Montenegro is senior principal analyst also with Omdia.
Omdia’s Fernando Montenegro
“We’ve seen acquisitions in the underlying technologies that are interesting in that they reflect a growing number of competitors,” he said. “Absolute acquired NetMotion, Lookout acquired CipherCloud, Forcepoint acquired Bitglass and many others. SASE has usually been an offering that requires a larger footprint, both in terms of tech and presence. So it’s a little bit skewed to larger vendors.”
We’ve compiled a list, in no particular order, of 20 top SASE providers. It’s based on feedback from analysts and recent news reports. The providers are making the most of the ongoing competitive landscape and charting success.
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like