Security Services Edge (SSE) may be dominating headlines these days but it isn’t exactly a new technology. In fact, many of the vendors peddling the Gartner-coined product category were marketing the same services under another buzzword just a few months earlier: SASE.

And that shouldn’t be too surprising given that SSE is a fundamental part of secure access service edge (SASE), Gartner Analyst Charlie Winckless told SDxCentral.

“When you look at the SASE definition there were always two halves to it,” he said. “It was always the WAN service edge in the cloud and then there was the SSE, which included secure web gateway, Cloud Access Security Broker, zero-trust network access, firewall-as-a-service,” among other ancillary components.

SSE is effectively SASE without the SD-WAN baggage. Or put more succinctly: SASE - SD-WAN = SSE.

Why the differentiation? According to Winckless, it comes down to market maturation. “SSE as a market matured faster and in a more consolidated fashion,” he said, adding that in many market segments, particularly large businesses, there is a preference toward standalone-security functionality.

This, he explained, is the result of a couple of factors, one of the most profound being the rapid pivot to remote and hybrid work models in the wake of the pandemic, which for many workers will far outlast COVID-19.

With workforces likely to remain largely remote, the importance of SD-WAN to enterprises with limited or non-existing physical locations is greatly diminished, he said. “That's where SSE plays very strongly, and that’s where we see some of the leading SSE vendors who are not even considering SD-WAN organically as part of the solution.”

“The workplace is everywhere. What we’re trying to do now is make sure the workforce is secured and that doesn’t necessarily mean running an SD-WAN connection from the home,” he added. “It makes a lot of sense for the office or a branch office, but from the home, why would I not use an agent or agentless approach.”

The other factor at play is large Enterprise consumption habits still favor distinct networking and security products, and while the ultimate goal of any SSE deployment is still SASE, it may not be a single vendor SASE architecture, Winckless noted.

This strategy is further bolstered by the fact many security stacks offered by SD-WAN-turned-SASE vendors aren’t as sophisticated as those specializing solely in SSE, he added.

In other words, while sticking with your existing SD-WAN vendor for SASE may offer a lower barrier to entry, that single-vendor architecture may not check all the boxes required by security teams.

And that isn’t necessarily a bad thing, according to Winckless, who argues a tightly integrated dual-vendor SASE architecture, composed of an SSE security suite that’s tightly integrated with another vendor’s SD-WAN, will in many cases perform as well, if not better, than a similar single-vendor approach.

Gartner’s latest SSE Magic Quadrant report, published early this year, sheds some light on those vendors leading the cloud-security market.

Zscaler, Netskope, and McAfee Enterprise lead the SSE market. All of these companies at one point or another branded themselves as SASE vendors despite a glaring lack of organic WAN service edge capabilities.

Zscaler CEO Jay Chaudhry previously argued in an interview with SDxCentral that there was no reason for the company to provide SD-WAN. “We believe that the notion that SASE means networking and security coming together is a misinterpretation of it,” the exec said at the time.

And while none of the vendors in the SSE leaders pen offer SD-WAN or a single vendor SASE offering to date, that wasn’t true of every vendor that made the list.

Palo Alto Networks and Cisco, which were ranked by Gartner as “challengers,” offer both standalone SD-WAN and SSE products as well as a converged SASE platform. And its a similar story for security-focused SD-WAN vendor Versa, which found itself in the “niche-players” camp in this year’s ranking.

Looking ahead, Gartner predicts strong adoption of SSE products, with 70% of organizations that had previously deployed ZTNA deploying a broader SSE stack by 2025.

What’s more, analysts expect 80% of those organizations will pursue a single vendor SSE platform rather than standalone security products.