Organizations face significant challenges when securing their digital transformation initiatives, with traditional perimeter boundaries dissolving due to cloud, IoT, and hybrid work, leaving a network edge that is now everywhere- wherever data, users, and devices exist. Over time, piecemeal adaption of legacy security to this new reality has meant organic growth of point products in modern data center security stacks, leading to performance issues and making them complex to manage and challenging to integrate. Point products are daisy-chained together, resulting in latency and degrading the user experience. Administrators must cope with isolated policies for every user, device, and location. In turn, manually correlating fragmented and limited identity data across disparate systems generates volumes of false positive incidents, requiring additional specialized tools for response and remediation. This complexity creates gaps which can be exploited by advanced malware, phishing threats and ransomware attacks.

Put simply, where people work has changed, and what people need access to – SaaS apps on the internet, private data center apps, private cloud apps, et al. – has expanded drastically. The attack surface has expanded correspondingly and the nature of threats has changed, so how we defend our users and data now has to change with it. A promising new architectural response to growing complexity and continued security failures took form when two analysts at Gartner coined the term SASE – Secure Access Service Edge – to define a new approach evolved from the world of SD-WAN that combines networking and security in a single, scalable, cloud-native platform. Security Service Edge (SSE), a term also coined by Gartner, is then the security component of SASE.