SD-WAN isn’t going anywhere, argues VMware GM of SASE Craig Connors. Even as the conversation around network security pivots from SASE to Gartner’s latest buzz worthy acronym: security services edge (SSE) (SSE), Connors believes SD-WAN is more relevant than ever.

“We should be looking at vendors to bring SD-WAN-like simplicity and automation to our security,” he said. “To me, that’s what SASE is. It’s not just about a list of features, but how easy it is in a single pane of glass to consume those features.”

SD-WAN he explained is, in large part, a story about network automation. With SD-WAN, customers no longer have to manually create policies for applications, the SD-WAN platform automatically recognizes them and applies the appropriate policy based on a defined service-level objective.

“Why can’t we do the same for security. I shouldn’t have to tell my vendor that my SharePoint upload needs to go through my Cloud Access Security Broker, that should just be happening,” he explained. “We should really be SD-WAN-ifying security, and because that’s taking time, I think that’s where SSE split out.”

The rise of SSE isn’t surprising to Connors, who argues that while confusing at times, it’s likely a good thing for the industry as a whole.

“When a new market segment like SASE emerges and becomes a popular buzzword that people are asking about, everyone jumps onboard and says they do SASE, whether they do or not,” he said.

The same thing is happening with SSE, which has gained mainstream appeal among cloud security vendors that lack the SD-WAN functionality foundational to SASE. “When you consider all the different factors that have to be delivered to really truly cover a SASE solution, a natural thing happened, vendors started focusing on the things they’re good at,” Connors added.

In other words, the definition of SSE by Gartner in early 2021, gave vendors like Zscaler, Netskope, Skyhigh Security, and a litany of others an opportunity to realign around a product category that matched their core competencies.

“I think it’s a good thing because SASE is still maturing,” Connors said of SSE. “It’s a recognition that it’s going to take some time to build a full converged solution that works as well as every individual component.”

Part of this is because building a unified SASE platform is hard.

“When somebody goes to a VMware and are using VMware SD-WAN and [see] how simple it is, they expect everything that we do in SASE to be as simple and easy to use and high quality,” he said, adding that when you’re a new entrant to the space that’s not always an easy thing to do.

VMware is a prime example of this as the vendor built a large swath of its security suite around Menlo Security's technology. The integration of the technology was tight enough that VMware was one of three identified in a recent Dell’Oro Group report as a unified SASE vendor. Cato and Versa Networks were also recognized.

SSE “acknowledges the fact that a lot of people are still buying networking on the left and security on the right,” he said.

However, in conversations with customers, Connors said most are buying SSE as part of a two-vendor SASE architecture. “They’re not looking for just an SSE solution. ... I’m sure there are companies that have gone totally remote and that fits the bill, but for the vast majority of customers we’ve talked to, there is still that mobility of users in and out of the office and they still want that unified.”

According to Connors, the recent raft of high-profile cybersecurity breaches have made advanced threat protection technologies, like SASE, a priority for businesses of all sizes. “I think SASE offers a great opportunity for small to midsized business, many of which already have SD-WAN today, to add advanced threat protection in an easy way,” he added.

And Connors isn’t alone in this belief. A recent Dell’Oro Group report projects that unified SASE architectures will out pace multivendor implementations by a wide margin. Unified SASE products are expected to grow at a Compound Annual Growth Rate of 56% compared to a rate of 15% for disaggregated vendors.

And SMBs are expected to drive much of this growth. However, long term, Dell’Oro expects the balance of trade to shift back toward larger Enterprise, which have traditionally preferred separate networking and security products.

“A lot of people just know they want security, or just know they want SASE, because they’ve been given a directive to transition to that,” Connors said.

SASE, he argues, is something of a force multiplier for security teams, by enabling customers to manage their security posture in a centralized fashion.

“It’s hard to say don’t worry about security because these things are really important, but at the same time, threats are emerging so fast, threat defense techniques are evolving so fast, you can’t expect the customer to be an expert in EDR and SWG, and CASB, and DLP, and when do I use remote browser isolation,” Connors said.

By abstracting this complexity away the same way that SD-WAN abstracted the complexity of quality of service and routing policy, he argues SASE has an opportunity to do what SSE cannot.