Secure Access Service Edge

What is it, and does it make sense for SMBs?
Tuesday, July 22, 2025 | 3 MINS
You’ve probably seen the term SASE (Secure Access Service Edge), or ‘Sassy’ as vendors like to term it, thrown around. 

Some call it the future of network security.  Others roll their eyes and file it under "yet another acronym".

But when you strip out all the buzzwords and think about the realities,  SASE is trying to solve a very real, very common problem in that most of us didn't plan to end up with - a patchwork of tools.  It just happened over time.

Typically, this means teams of a certain size have

  •  A VPN to keep remote access going.
  • A web gateway for content filtering.
  • A firewall that still sits on-prem, protecting a perimeter that barely exists anymore.
  •  Some cloud apps, mobile users, and branch sites.

So what you end up with is a bunch of overlapping tools, scattered policies, and very little visibility.  This means, if you're responsible for keeping things secure and usable, it's a daily balancing act.  So my question isn't "should we care about SASE?, it's "Are we happy managing this chaos indefinitely?"

What's SASE all about?

If we forget the vendor definitions for a moment,  the core idea behind SASE is this: One cloud-based service that handles both secure access and network performance, wherever your users are. Instead of stringing together five different products, you manage one.

That usually includes:

  • SD-WAN to route traffic intelligently
  • Zero Trust Network Access (ZTNA) to replace clunky VPNs
  • Firewall-as-a-Service to enforce perimeter controls,  without the perimeter
  • Secure Web Gateway (SWG) to protect users on the web
  • CASB to manage SaaS app usage

Is it a silver bullet?  No.  But it is a way to reduce the sprawl and regain some sanity.

Who benefits?

Mostly it feels like the vendors of such products because we think we've already got much of it covered and we're doing just fine.  But one thing  I've come to realise is, SASE isn't just for enterprises with 50 sites and global networks. It’s especially relevant for:

  • Mid-sized businesses with remote workers
  • Teams struggling with performance and visibility
  • Companies scaling fast, where on boarding secure access takes too long
  • Security leads trying to bring policy consistency across hybrid environments

If you're managing access and control across multiple tools, locations, and cloud platforms, SASE might not be a "future state", it might just be a smarter starting point.

But is it worth the hype?

That depends on what you’re looking to solve.  If your current setup works and users are happy, you probably don’t need to rip it all up. But if you're spending too much time stitching things together, SASE isn’t hype; it’s a simplification.

It's not about buying a whole new platform tomorrow. It's about starting to think differently and how to use technology to make us more efficient and ask ourselves

  • Can we stop defaulting to VPNs for everything?
  • Do we know how our data moves between SaaS apps and users?
  • Could a single policy engine give us better visibility and fewer blind spots?
  • Can we do it in stages?
How are other teams approaching it?

From speaking with cyber security leaders in networking events I've been to recently, it seems people approach the move to SASE using different paths:

  • Some start by replacing VPNs with ZTNA.
  • Others tackle performance first with SD-WAN.
  • A few go full platform, but most build towards it gradually.

What’s clear is that teams who’ve started the journey aren’t looking back. Not because it’s trendy, but because it’s removed friction. For users. For admins. For compliance.  So if your current model is a stack of workarounds, ask yourself: what’s the cost of standing still?

How this Community can help

Vendors will always give you their version. But the most useful insights come from peers who’ve been there.  This is what I can personally recommend

  • Ask others like you what they deployed first, and what they’d do differently.
  • Share what’s worked (and what’s backfired) in your stack.
  • Join sessions that dig into real-world deployments, not just product demos.

No one these days has the budget to buy for the sake of it. We buy because our teams need better ways to secure, connect, and scale.


Find out more about SASE

This guide from Amazon Web Services (AWS) whitepaper series in partnership with the SANS Institute, explores the rationale behind adopting SASE.

Security experts detail the critical design criteria for implementation and address operational challenges and optimisation strategies.

>Find out more about SASE
More in Secure Access Service Edge (SASE)
Would you still build it this way?
Would you still build it this way?

Why SMBs are thinking SASE over patchwork tools

Modern Workplace
Thursday, July 17, 2025 | 5 MINS
[Video] Plan smart: The future is SASE
[Video] Plan smart: The future is SASE

The perimeter is no longer “entombed in a box”

Modern Workplace
Thursday, March 20, 2025 | 3 MINS
Technology leaders' guide to SASE
Technology leaders' guide to SASE

The what, why and how of SASE

Modern Workplace
Thursday, March 13, 2025 | 5 MINS
Ten steps to prepare for SASE adoption
Ten steps to prepare for SASE adoption

View white paper

Modern Workplace
Thursday, January 09, 2025 | 5 MINS

Share this story

Reading Progress
https://www.myredfort.com/threat-intelligence-and-security-operations/user-and-entity-behaviour-analytics-ueba/cybersecurity-trends-in-2025-adapting-to-an-evolving-landscape/

We're a community where IT security buyers can engage on their own terms.

We help you to better understand the security challenges associated with digital business and how to address them, so your company remains safe and secure.

Register for the Next Level Cyber Security Book
Interested in what you see? Get in touch, and let's start a conversation Get in touch
If you’d like to know more about any of the technologies mentioned in this article please get in touch.