Every year vendors rally around certain words and the RSA Conference 2020 was no different. It had been about ten years since my last RSA conference after regularly attending in the 2000s. After nearly 40 hours of meetings and vendor conversations at Moscone Center in San Francisco, I kept hearing how vendors were inventing (or reinventing) themselves to deliver SASE, SD-WAN, Zero Trust Networks, and/or SOAR with a sprinkle, or even a good helping, of SaaS. Let’s break down what’s behind the buzz:
SD-WAN (Software Defined – Wide Area Network):
On the first day, the IT gods gave us routers for each branch office and expensive dedicated links. Eventually, businesses got tired of paying the high price for dedicated links. Plus, they wanted to improve the user/app experience that at times could get unstable, full of lag and generally poor. Behold: the SD-WAN routing solution was developed that can make snazzy forwarding decisions based on rich set of inputs, including user, app, latency, congestion and more, to deliver better user/app experience over cheaper commodity Internet links. It turns out many of these SD-WAN solutions also aim to provide network security. But many are not as effective as pure-play security solutions, such as FW/NGFWs. Just so happens that the barrier to entry to implement SD-WAN isn’t like doing carrier routing. Thus, several security vendors have added sufficient routing capability to claim SD-WAN functionality. At RSA 2020, I had some good discussions with Fortinet and Palo Alto Networks, both of which are investing heavily in the space.
Zero Trust Network:
Back in early 2000s I helped get Network Access Control (NAC), an ancestor to Zero Trust Networks, off the ground. I ran the IETF RADIUS extensions working group, which developed some of the open authentication standards leveraged by NAC and, now, Zero Trust Networks. While NAC flamed out for being ahead of its time, I found Zero Trust Network solutions at RSA conference as a more usable, superset form of NAC solutions from my yesteryear. Zero Trust Network solutions are all about implementing a multi-segmented network by orchestrating between endpoints, access edge (campus, branch, cloud user edge), and applications/data being accessed. At RSA 2020, the folks at Cisco and Juniper Networks walked me through their campus network solutions.
While most think SaaS equals Software-as-a-Service, I prefer to think of it as an acronym for Security-as-a-Service. Boxes/appliances will never completely disappear, but the clear trend is to deliver services as a service where you want it and how you want it. Whether it’s NGFW/FW, email security, ADC/WAFs, web gateways, IPS, DLP, or ATP you can get it in a SaaS model, whether it’s a virtual machine, hosted service, or true pay-as-you go offering. Every vendor at RSA, or least everyone that wanted to be hip and cool, had a SaaS play. This is a very exciting space for security vendors that I plan on digging deeper here at Dell’Oro.
SOAR (Security Orchestration, Automation, and Response):
Everyone at RSA 2020 wanted to SOAR in some way. But to my mind, SOAR boiled down to the cool new name for a central dashboard for policy, visibility, and analytics. Fifteen years ago, we called SOAR’S predecessor the “Single Pane of Glass.” But with a decade and a half of refinements, SOAR seems to be soaring higher than the pain caused by the early-gen single panes of glass. At RSA 2020, I noticed the focus on bringing together a vendor’s product/solution portfolio with complimentary, third-party solutions. It looked like vendors had finally internalized the maxim that security can’t and shouldn’t always be delivered by a single vendor. Like SaaS, every hip vendor had a SOAR-type offering, whether or not it was referred to as SOAR.
SASE (Secure Access Service Edge):
I saved the SASE (pronounced “sassy”) kid for last. As the new kid on the block, SASE is in that awkward phase that all young buzzwords/markets go through when industry lacks black-white clarity on what’s in it and who’s delivering it. This reminds me of the days when early cloud providers were hammering out the technicalities of IaaS, PaaS, and SaaS.
From what I can tell, we’ll continue in the storming and form phase a bit longer. But through the dust I can see that SASE, at its core, is anchored by an in-the-cloud gateway service. Thus, at minimum, SASE will replace on-prem security web gateway appliances with a side helping of Cloud Access Security Broker, Data Loss Prevention, applied threat intelligence, and even FW/NGFW capabilities brought together under a single administrative panel. At RSA, I had the pleasure of talking with the zScaler, Cisco, Palo Alto Networks, and ForcePoint SASE teams.
In future blogs, I’ll dig deeper into why I think these ideas caught wind. But for now, keep an eye out for a year filled with SASE security clouds over SD-WAN and Zero Trust Networks with some SaaS and SOAR… at least until RSA 2021. If you attended RSA 2020 and have different takeaways, drop me a note at firstname.lastname@example.org. I always appreciate other perspectives.