Masergy is chaining multiple products with its own internally-developed tools in an effort to expand beyond managed SD-WAN and establish itself as a secure access service edge (SASE) provider.

Masergy's managed SASE platform is built around Fortinet's SD-WAN, security appliances, and cloud-based firewalls. The vendor previously reorganized its managed SD-WAN offering around Fortinet's Secure SD-WAN and FortiGate appliances, but it's no longer a wholly Fortinet-based offering now that its stitching a mix of services together.

Fortinet itself is a relative newcomer to cloud-based security and SASE, having acquired Opaq in July.

Masergy has expanded its relationship with BitGlass and is now deploying its cloud access security broker (CASB) to protect software-as-a-service applications and other cloud workflows. It's also incorporating many of its own internally developed tools into the platform to further differentiate itself from the competition. These include its zero-trust network access (ZTNA) as well as its artificial intelligence operations (AIOps) capabilities.

Masergy aims to provide single sign-on and user, device, and location-based authentication to soon provide finer-grained access controls to its ZTNA offering.

Meanwhile, the company's AIOps platform, which it announced a little over a year ago, acts as a virtual network engineer that automatically evaluates the network and makes recommendations on how to optimize performance.

While it's certainly possible to assemble a SASE platform with products from multiple vendors, Gartner has warned against service chaining that results in a multi-pass structure for policy application and enforcement.

Gartner analyst Neil MacDonald, who co-authored the original report on SASE, noted in a previous interview, that service chaining is fraught with problems that make it highly inefficient for a SASE architecture.

However, MacDonald adds that not all service chaining is necessarily bad, dismissing the idea that SASE vendors have to provide the full software stack. That argument, he said, “just sounds like vendors trying to say ‘well, if you don’t have both pieces you can’t compete here, effectively.’ That’s not true.”

As long as the traffic is inspected once, it doesn't matter how many services are chained together. Although other analysts have noted that vendors that can offer a full SASE software stack are at an advantage.

While Masergy can't avoid a multi-pass architecture when chaining multiple vendors and appliances it has managed to avoid some of the more problematic performance challenges.

“There is no hair-pinning between services. The SASE security services are co-located where possible so there is no measurable performance impact,” said Masergy CTO Terry Traina, in an email to SDxCentral, “As a service provider, we measure and guarantee performance so customers don’t need to worry about latency or performance.”

Masergy's decision to use a combination of Fortinet and BitGlass products may instill confidence in some enterprise customers, according to Zeus Kerravala, principal analyst at ZK Research.

“At this early stage in the market, each company is doing SASE differently, and the converged tech stack is a marquee moment,” said Kerravala. “Right now, IT leaders are trying to make a judgment call on whether they can trust one SASE provider with their own homegrown technologies to span five disparate industries, giving them a world-class experience across all arenas.”

Masergy's approach is also compelling because the service provider has managed to converge several core SASE technologies under a single portal while minimizing daisy chains, he explained.