IDC reported over half of large enterprises in India are planning to implement SD-branch and zero-trust network access (ZTNA) as a first step on the road to secure access service edge (SASE) adoption.

Network and device prevention across software-defined perimeter and identity authentication are “forming to be just the beginning of an enterprise’s journey toward a comprehensive SASE framework,” noted Sakshi Grover, research manager at IDC India.

To be completely secure, implementing SD-branch will provide enterprises an upper-hand with cloud-centric security provided by SD-WAN as well as branch-led security inclusive of routing, security, Wi-Fi, and LAN operations, she said.

SD-branch infrastructure virtualizes the network hardware in the branch and consolidates virtual LANs (VLANs) into a single LAN with dynamic segmentation. Typically, an SD-WAN serves as the foundation for SD-branch infrastructure, with vendors placing more functionality in the branch LAN, including security functions that offer protection at the data’s origin.

Data-sensitive industries are focusing on these technologies to provide lateral threat movement protection and comprehensive security, Grover noted. The “most critical” driving force for SASE adoption – to converge networking and security – is applicable to enterprises across verticals, but is especially important to industries where sensitive data is involved, she said.

“Cyber-perpetrators are pursuing multi-vector approaches to target enterprises. The attacks are no longer confined to the application layer protected by security solutions,” Grover told SDxCentral. “We are more vulnerable to attacks hitting our network, transport, and physical layers as well. Our legacy architectures fail to monitor connections and traffic between cloud applications and users.”

IDC also found that around 9o% of India's enterprises believe SASE will grow as a part of their strategy in the face of this expanding threat landscape.

There are two categorizations dividing the global SASE market: single-vendor versus multi-vendor, and the differentiation between unified and disaggregated products, which indicates whether the network and security stacks in a SASE solution are fully integrated. According to IDC, India enterprises are more often pursuing single-vendor and unified SASE solutions rather than multi-vendor or disaggregated products.

“We found out that there is an increasing trend toward consolidating the number of MSSPs the enterprises are partnering with going forward. Tired by the rising fatigue around multi-vendor solutions, enterprises are now looking at partnering with a technology supplier that can offer a plethora of capabilities with a unified single-pane-of-glass view,” Grover said.

But echoing many analysts in the space, Grover noted there is no "one-size-fits-all" when it comes to the SASE framework. While some enterprises prefer a single-vendor or unified approach, others might have needs within their existing infrastructures that call for a multi-vendor or disaggregated approach.

“It is important that tech buyers reassess the IT strategy and business needs of the organization before going into the ‘checklist’ process,” she said. “Organizations should use a network technology that best suits their needs to provide reliable connectivity while searching for security solutions that are compatible with their network technologies without introducing complexity. Adopting SASE is a journey an enterprise must strategically plan to pursue.”