Changing the Security Game -
Microsoft enters the SASE Market
Microsoft’s release of a Secure Service Edge (SSE) solution in November will drive innovation in the secure access service edge market – a win for security-conscious pros and end-users.
By Scott Murphy
VP of Strategic Business Development,
Data Perceptions Inc.
Published September 2023
Businesses around the world are being challenged by the increasing security risks over the last decade. The trend towards hybrid work and work from anywhere (WFA) has compounded those challenges in recent years. The rise of Secure Access Service Edge (SASE) solutions has been a game changer for many organizations by enabling better security control, visibility, and mitigation capabilities, regardless of the worker modality.
2023 marks the year that SASE becomes mainstream: Microsoft is entering the market with its Entra ID Secure Service Edge (SSE) solution. SSE is a subset of SASE that covers the SASE security and network components and is the driver for many deployments. Microsoft has indicated that SSE will be part of Entra ID (previously Azure AD) and could be included in M365 E3 and E5 subscriptions.
Microsoft’s release of their Global Secure Access Client (GSAC) will enable organizations to integrate their end user devices with the advanced Microsoft 365 security features regardless of where the user device is located and where the service is delivered from (on-premises data centre, cloud data centre, SaaS, or Internet). It is expected that Microsoft will leverage their 170+ points of presence around the world to enable SSE as a global solution and eventually expand their service offerings to a robust full SASE suite (but for now they are only releasing the SSE capabilities).
This is fantastic news for any organization that has invested in the Microsoft 365 ecosystem, as it will allow these organizations to extend this investment and enhance the security for the work-from-anywhere workforce. Entra ID SSE will enable a Zero Trust Network Architecture (ZTNA) integrated with the organization’s existing user identities and authentication. It will allow them to extend that security to the web, SaaS, non-web, and Internet applications. It will provide a secure web gateway (SWG), cloud firewall (FWaaS), cloud access security broker (CASB), and data protection services that are integrated into the user’s identity with single sign-on (SSO).
This is nothing new for any organization that has already deployed a SASE solution – around 15% of organizations, according to Gartner in 2021. However, adoption of SASE is expected to grow to 65% by 2025 – Microsoft’s entry into the market will accelerate and streamline that adoption.*
This is exciting for the security community as Entra ID SSE will enhance risk reduction capabilities, regardless of user, device, application, or content, anywhere in the world. It will provide a consolidated approach for security administrators while improving the end-user experience. Security teams can detect and mitigate threats using Microsoft’s advanced AI-based threat protection capabilities – users will be constantly secured.
Microsoft is later to the game than some SASE market leaders like Cisco, CATO Networks, Palo Alto Networks, Versa Networks, Forcepoint, and Fortinet. Microsoft’s SSE solution will be incomplete upon initial public release, but based on experience, we expect it to be fleshed out quickly.
Microsoft’s entry into the SASE market is a pivotal moment for security teams as it will reduce the barrier to deployment from a technology and budget perspective. This will create greater competition in the SASE space and accelerate deployments. The Entra ID SSE unified platform will allow organizations to future-proof their security investments, as the marketplace competition will accelerate innovation.
* In the Forbes Technology Council Article by Jason Clark - 2023 Will Be The Year SASE Really Takes Off—Here’s Why
Gartner predicts that "By 2025, 65% of enterprises will have consolidated individual SASE components into one or two explicitly partnered SASE vendors, up from 15% in 2021 [and] by 2026, network and security vendors that are unable to deliver a compelling SASE offering will be relegated to niche market opportunities."