Cisco is expanding its secure access service edge (SASE) ecosystem to offer integration with security services edge (SSE) providers Cloudflare and Netskope.

Gartner recognized Cisco as one of the nine vendors that can offer a single-vendor (or unified) SASE solution – network edge capabilities like SD-WAN and a cloud-delivered SSE security suite that includes secure web access gateway (secure web gateway (SWG)), Cloud Access Security Broker (CASB), zero-trust network access (ZTNA), and Firewall-as-a-Service (FWaaS).

However, Gartner said a two-vendor SASE approach is another viable option for some enterprises. The Cisco integration with Cloudflare and Netskope SSE solutions aims to simplify a two-vendor SASE architecture for organizations that would like to use Cisco’s SD-WAN but a different SSE vendor.

The integration with Cloudflare and Netskope will also help organizations simplify configuration and improve IT experience with reduced manual work and less errors, according to Rohan Naggi, product manager of Enterprise cloud and SD-WAN at Cisco.

The solution leverages a tunnel-based approach to steer traffic from Cisco SD-WAN devices to the third-party cloud security vendors, Naggi told SDxCentral. Organizations can define what traffic gets sent to the third-party vendors for security inspection.

Last quarter, Cisco and Zscaler also announced deeper integration of Cisco SD-WAN and Zscaler’s security stack.

Naggi noted many of Cisco’s customers are on a journey to a SASE architecture. “Customers are at different points along that journey and may have made investments in these other SSE solutions, or plan to,” he added. “These collaborations help them protect their investments and leverage the power of Cisco SD-WAN with those SSE solutions.”

Gartner recommends two types of SASE architecture; the converged single-vendor approach and an integrated two-vendor approach.

“One benefit of a two-vendor SASE architecture would be that the customer protects its current investment in their SSE solution they have deployed,” Naggi said. However, he added that a potential pitfall to this approach could be that SD-WAN and SSE solutions are “not working well end to end.”

Naggi explained when it comes to embracing a SASE approach, IT teams and Enterprise leaders often struggle to address a few challenges, such as “driving the required organizational change to make this paradigm shift, breaking down the silos between networking and security teams, and choosing the right vendor(s), products, and tools to align with the desired business outcomes.”

Gartner analyst Neil Macdonald specified the single-vendor strategy makes sense for midsized enterprises with networking and security teams that often work together.

Organizations that have not yet selected an SD-WAN solution also benefit from single-vendor solutions, as they don’t have to change any existing networking infrastructure to adopt a unified SASE vendor’s technology.

That said, Macdonald said the two-vendor SASE approach typically works best for “larger enterprises that have siloed teams, one team for networking and one team for security, and they each have their favorite vendor,” adding that as long as the two vendors “have explicit partnering, that’s a reasonable strategy.”