Cisco took a step closer to realizing its SASE ambitions today with the latest update to its SD-WAN software stack.

A bevy of features that enable customers to begin the migration from SD-WAN to Cisco's newly announced secure access service edge architecture are at the core of the update.

"We are the industry's first true SASE architecture that encompasses security network delivered to the cloud," boasted Muninder Sambi, Cisco's VP of enterprise routing and SD-WAN, in an interview with SDxCentral.

Cisco, however, is far from the first to adopt SASE, which stitches together SD-WAN and security functionality into a single cloud-native service. Numerous vendors including Cato Networks and Palo Alto Networks, which announced SASE products nearly a year before Cisco, have also made similar claims.

If an enterprise was to stitch together the elements of a SASE it would be "like buying parts of a car and then trying to assemble it in one's house," said Sambi. "That's not what our customers want."

Instead, he argues customers want a platform "that with a single click, they're able to consume both security on-prem, or security in the cloud."

Today's update enables Cisco SD-WAN users to do just that. From Cisco's SD-WAN portal, users can now tap into the vendor's Umbrella secure internet gateway. Together with Cisco's zero-trust network access platform, Umbrella and Viptela form the basis of the company's SASE offering.

"Honestly, none of our competitors have put these solutions together. You have to consume it from mostly separate companies," said Sambi. "Even if a company has made some acquisitions and bought it, they are still disjointed, non-integrated solutions."

This ease of deployment is critical, explains Will Townsend, senior analyst of networking infrastructure and carrier services at Moor Insights & Strategy, in an interview with SDxCentral. "At the end of the day, if it's not easy for customers to deploy this stuff and manage this stuff, it's going to be useless."

Despite being a relatively new entrant in the SASE market, Townsend said the Cisco is very well positioned for growth. "Cisco has all the right assets and capabilities," he said.

"Are they the front leader? No, they're not," said Townsend, noting that while it is still too early to call out leaders within such a nascent market, there are some companies that are further along in their SASE journeys. "But, I have no doubt that Cisco can catch up very quickly. I think this announcement is a strong indication in that direction," he said.

The update also adds secure sockets layer (SSL) proxy support, addressing one of the common criticisms of Cisco's SD-WAN offerings. Prior to this development, security policies could not be applied to encrypted traffic on Cisco's SD-WAN.

"About 87% of the web traffic that we see today is fully encrypted," explained Sambi, adding that in order to apply policies at an application level, "you have to be able to inspect the traffic in the data path at high performance, high speed. That is where the SSL proxy function comes into play."

The update also delivers more than 60 improvements, including tighter integration with unified communications, cloud on ramps to accelerate software-as-a-service applications, and new tools for managed service providers.

Editors note: This story has been updated to clarify analyst comments.