German telecom giant Deutsche Telekom tapped Fortinet to support a new enterprise-focused secure access service edge (SASE) product, which builds on past SD-WAN work between the two and comes just a week after Deutsche Telekom subsidiary T-Mobile US rolled out a unique hardware-based SASE offering.

Deutsche Telekom’s latest Fortinet integration will use the vendor’s FortiSASE platform within the operator’s Magenta Security managed service. This combination will provide a single-vendor SASE product to Deutsche Telekom enterprise customers.

The FortiSASE platform is based on Fortinet’s FortiOS, providing cloud-based access to next-generation firewall services. This allows Deutsche Telekom to provide its managed customers with SASE services for on-premises and remote users.

[Related: How to use Gartner’s Hype Cycle for your zero-trust and SASE strategies]

Fortinet recently extended its SASE platform to its wireless LAN offering in a move to secure microbranches, IoT and operational technology (OT) devices. The vendor’s platform also was one of a handful to gain initial MEF SASE Product and Services Certification.

Deutsche Telekom’s SASE deal with Fortinet builds on its long-standing use of Fortinet’s SD-WAN service, which is an increasingly common move by operators looking to deepen their enterprise security offerings.

Matt Small, research analyst at Analysys Mason, noted in a new report that “SASE has become an important part of many new partnerships between telecoms operators and SD-WAN vendors or security vendors.

“Indeed, it has been mentioned in more than 70% of all SD-WAN partnership announcements since the start of 2022,” Small wrote. “We expect more partnerships involving SASE to be announced as the market continues to grow rapidly and matures.”

Analysys Mason had previously forecast SASE as a $16 billion opportunity for operators.

Deutsche Telekom’s SASE move comes just a week after its U.S. subsidiary T-Mobile US launched a SIM-based SASE system powered by Versa Networks that is targeted at the enterprise segment.

The SIM card-based service, called T-Mobile Secure Access Service Edge, is being positioned as a network management and zero-trust network access (ZTNA) platform. It’s designed to support enterprise customers in securely connecting employees, systems and endpoints to remote networks, corporate applications and company resources.

T-Mobile is working with Versa to create the T-SIMsecure platform that uses the International Mobile Subscriber Identity (IMSI) and International Mobile Equipment Identity (IMEI) specifications for clientless authentication. This results in devices connecting to T-Mobile’s network being automatically authorized through the SIM card, including nontraditional network devices like IoT devices and routers that are often difficult to protect.

The carrier explained that the hardware-based offering is superior to traditional software-based SASE that “only offers protection when client software is downloaded into devices and configured. This is a heavy administrative lift for IT departments and can potentially leave some devices vulnerable, such as IoT hardware and routers.”

“There’s nothing new about SASE,” Mishka Dehgan, SVP for strategy, product and solutions engineering at T-Mobile’s Business Group, told SDxCentral in an interview at last week’s MWC Las Vegas event. “This is something that we had been working on, but we wanted to make sure we bring something that’s differentiated. … The fact that IT administrators do not have to worry about the authentication and it’s happening organically through the SIM, that’s a differentiation point, which we know is resonating with customers.”

Dehgan also said T-Mobile US is interested in working with other SASE vendors.

“[Versa’s] the first SASE partner that we are going to market with,” Dehgan said, adding “we are going to be augmenting our SASE portfolio working with other partners. Versa is just the first.”