An Overview of 10 Managed Security Service Providers Leading the Way with SASE Solutions
- Top 10 Managed Security Service Providers
Advancements in technology coupled with the growth of cloud computing have sparked a game-changing revolution for businesses. At the same time, the rapid adoption of cloud-based and distributed models has resulted in increasing cyber risks. According to a security survey, 92% of organizations are currently hosting at least some of their IT environment in the cloud. In relation, 79% of companies have experienced at least one data breach in the cloud.
Table of Contents
Companies are struggling to gain control of modern security issues relating to the cloud and beyond for many reasons. Traditional network management approaches lack the sophistication to uphold security in complex cloud environments comprised of various SaaS solutions, globally distributed and remote users, IaaS models, and hybrid cloud and on-prem data centres. To reduce the evolving risks related to cloud-based and hybrid environments, companies are opting to incorporate innovative Secure Access Service Edge (SASE) models.
What is SASE, and what are the key components?
Secure Access Service Edge (SASE) is a model originally coined by Gartner in 2019. It encompasses the unification of various network security services such as Zero Trust, CASB and FWaaS, along with WAN functions to provide a single, simplified protection model. As described by Gartner, this provides “the ability to identify sensitive data or malware and the ability to decrypt content at line speed, with continuous monitoring of sessions for risk and trust levels.” One provider describes it as a solution that “unifies networking and security services into a cloud-delivered service to provide access and security from edge to edge — including the data centre, remote offices, roaming users, and beyond.”
What are the key benefits of adopting a SASE model?
There are many benefits to adopting a SASE model. One of the most obvious is simplification. The model consolidates various solutions into a single point of service for more efficient management. In addition, this simplicity means better agility, scale, cost savings and coverage across even the most complex organisations.
Adopting a SASE model also significantly increases security by allowing companies to execute on Zero Trust approaches, achieve greater visibility for improved threat detection and response, and enforce critical data and network protection policies to reduce cyber risk.
Key service providers in this space
It’s important to pick the right vendor to help you along your SASE journey. Here are overviews of key providers and considerations to be aware of when procuring SASE vendors:
AlertLogic
Overview: Alert Logic provides managed detection and response (MDR) solutions with comprehensive coverage for public clouds, SaaS, on-premises and hybrid environments. From managed intrusion detection, log management and advanced event correlation to web application protection – they provide a layered and SASE-friendly approach to support enterprise cloud security and compliance.
Highlights:
- Global view of threat activity for continuous coverage across your infrastructure, on-premise and in the cloud.
- Dedicated security research team building signatures, correlation rules, log parsers, and web app security rules to defend against threats in any environment.
- 24/7 security monitoring.Coverage of log sources and integrations, applications, containers, servers, endpoints and SaaS applications.
- Robust reporting capabilities on audits and compliance, threats and vulnerabilities.
Cato Networks
Overview: Cato SASE Cloud is a cloud-native service that securely and optimally connects all branches, data centres, people and clouds. Cato can be gradually deployed to replace or augment legacy network services and security point solutions. The platform converges SD WAN, a global private backbone, a full network security stack and seamless support for cloud resources and mobile devices. Customers can connect physical locations, cloud resources and mobile users to the platform, and IT teams immediately benefit from the agility of a unified network and security service managed through a single, self-service console.
Highlights:
• Converges SD-WAN and network security capabilities into a single pass architecture
• Built from the ground up as an elastic, resilient, and scalable cloud service
• Available across 65+ global Points of Presence (PoPs) to support any business location or user
• Secures and optimises traffic from all users, locations, clouds, and applications
• Robust patching and change management through Cato Socket.
Masergy
Overview: Masergy embeds security into the SD WAN and private SD network in order to align with key tenets of Gartner’s Secure Access Security Edge (SASE) model. This includes a global SD network integrated with best-of-breed cybersecurity technologies. The solution provides a unified portal with robust real-time insight and reporting.
Highlights:
- CASB solutions and identity-based WAN analytics.
- SD WAN comprised of AI-based automation and flexible service options and a global, software-defined edge network.
- SOC service FWaaS with hybrid flexibility to put firewalls in the cloud and on-prem.
- Secure web gateway with protection at the packet level and at the application level, deep visibility into applications and users, and tight integration with cloud firewall services.
- Advertised zero trust solutions as “coming soon”.
- Managed security capabilities that go beyond SASE.
- SASE + AIOps: SASE with a virtual network assistant.
Lumen
Overview: Lumen SD WAN solutions help reduce the complexity and risks of network transformation by securing and coordinating workloads across the full range of connectivity types on a single, automated platform with centralized visibility and control.
Highlights:
- Robust coverage of use cases and solutions, including threat intelligence, log monitoring and firewall management.
- SD WAN with Versa Networks to provide maximum performance and centralized cloud management for security, routing and application control.
- SD WAN with VMware to simplify branch office networking and provides secure, reliable access to enterprise and cloud apps.
- SD WAN with Cisco Meraki to simplify management for security, networking and app control. Efficient multi-site deployments.
- SD WAN with Cisco Viptela to provides advanced routing, segmentation and security capabilities for interconnecting complex network.
- Cloud control centre console with reporting on utilisation and performance.
- SASE + AIOps: SASE with a virtual network assistant.
Trustwave
Overview: Trustwave consulting services can migrate some or all of an enterprise’s workloads to the cloud safely and effectively through managed security services. With a specialty in advising and guidance, Trustwave helps customers define an effective security strategy to protect cloud environments and data in the cloud, stop threats from penetrating cloud environments and executing malicious actions, assist to deploy new technologies like Cloud Access Security Broker (CASB) and Security Posture Management, as well as ongoing tuning and optimisation, and detect malicious activity throughout all phases of the attack kill chain, with the goal of minimising dwell time.
Highlights:
- Match with experienced professionals who deliver hands-on expertise and map out your security success plan in the cloud.
- Establish the first line of defence in your cloud or hybrid environment with Secure Email Gateway, Intrusion Prevention and Detection System and Next-Generation Firewall.
- Determines the right mix of security solutions for cloud or hybrid environments and ensures they are properly integrated.
- Protect against advanced threats with flexible services that diminish your attack surface, identify new risks and respond to and recover from incidents.
- Gain insight and access to reporting. The Trustwave Fusion extended detection and response (XDR) platform offers visibility beyond your endpoints and EDR (endpoint detection and response) tools to provide more context and transparency in detection and response activities.
- SASE + AIOps: SASE with a virtual network assistant.
Verizon
Verizon Advanced SASE redefines how security is delivered. The solution provides a universally distributed, identity-centric networking and security platform that ensures end-users and devices—across all locations—are securely connected. This incorporates a smarter and more automated SD-WAN offering with critical network security services provided by a secure web gateway and zero-trust network access. It also enables simplified management and policy enforcement for all users and devices across your network, with support provided by Verizon’s Network Operations Center (NOC) and Security Operations Center (SOC) teams.
Highlights:
- Discover how to automate traffic routing decisions for more flexible controls on the fly and increase resiliency at the same time through managed SD WAN solutions.
- A cloud-based Secure Web Gateway (SWG) helps to protect users and devices across locations, on or off your network through a threat prevention solution.
- Ensure only authorised users on authorised devices can access protected applications through zero trust network access solutions.
- Leverage robust MDR, XDR, Advanced Security Operations Center (SOC), Secure cloud gateway, monitoring and Cloud Access Security Broker (CASB).
- SASE + AIOps: SASE with a virtual network assistant.
Palo Alto
Palo Alto Networks takes on SASE by converging best-of-breed security and SD WAN capabilities in the cloud to deliver exceptional user experiences while reducing security risk. Prisma SASE is the Palo Alto SASE solution converging security, SD WAN and Autonomous Digital Experience Management into a single cloud-delivered service. The solution consistently secures all apps used by your hybrid workforce, regardless of location with an integrated management console, backed by industry-leading SLAs.
Highlights:
- Zero Trust Network Access (ZTNA) model with CASB, Firewall as a Service (FWaaS) and Secure Web Gateway (SWG).
- Next-generation SD WAN powered by artificial intelligence and machine learning.
- PRISMA visibility into cloud infrastructure performance, real user traffic monitoring, end-to-end path trace analysis, internet, and cloud SaaS and data center application performance insights.
- Robust user experience, insight and reporting via an autonomous platform.
- SASE + AIOps: SASE with a virtual network assistant.
Cisco
Cisco’s SASE architecture is helping customers reap the rewards of risk reduction, effective security and improved performance. For example, the Cisco Umbrella solution offers flexible, cloud-delivered security when and how you need it. It combines multiple security functions into one solution, so you can extend protection to devices, remote users, and distributed locations anywhere. Cisco SecureX offers even more robust features to help secure environments, including threat detection and response, orchestration, unified visibility, insights and reporting.
Highlights:
- Converge networking and security in the cloud with end-to-end observability from the user all the way to applications, over any network and cloud.
- Connect and secure access to applications, data and the Internet for remote workers, fixed locations, workloads and IoT or Internet-facing devices.
- Optimise performance by ensuring the fastest, most reliable and secure path to the cloud.
- Adopt zero-trust network access by verifying the identity of users and the health of their devices to secure access to applications on a per-session basis.
- Quickly pinpoint application and network performance issues to ensure seamless service delivery and the best application experience for users.
- Enjoy instant global coverage, with the ability to provision thousands of locations in minutes and scale up and down your level of service, features that you use and the number of connections in your subscription.
- Gain more simplicity, predictability and intelligence through an as-a-service model.
- Make your business more agile by leveraging the cloud to remove complexity from your infrastructure and provide immediate scalability.
- SASE + AIOps: SASE with a virtual network assistant.
FireEye
FireEye’s SASE approach allows customers to take control of their multi-cloud security posture. The Cloudvisory solution enables uniform visibility into disparate, multi-cloud infrastructure through a single console, reduced risk of cloud security misconfiguration resulting in exposure and compliance violations and proactive cloud security posture using machine learning to intelligently detect anomalies. FireEye XDR uncovers threats by correlating incident data and applying unparalleled frontline intelligence and analytics.
Highlights:
• Perform ad-hoc cloud security audits, get continuous cloud security analytics and network flow visualisation.
• Implement cloud security compliance guardrails, leverage an extendable compliance framework, conduct risk analysis & remediation and master cloud vulnerability management.
• Enforce automated policy governance, manage cloud security policy, implement intelligent micro-segmentation and manage threat detection & response.
Open Systems
Open Systems tackles SASE through their SASE+ solution approach. With a network of global access points, SASE+ secures users no matter where they work. It delivers direct, fast and reliable connections to the Internet and cloud and is centrally managed and easy to expand to reach anywhere and anything. SASE+ does this with a single unified service that’s cloud-delivered, policy-driven, automated and seamlessly orchestrated. ZTNA is added to extend SASE+ to include even more users working on a broader range of devices. SASE+ customers are backed by the Open Systems global team of security experts who monitor your environment around the clock and are ready to assist with whatever you need – when you need it.
Highlights:
- Connect users, machines, apps and data in a highly performant and reliable way – from anywhere to anywhere through Application Management, Line Operation Service, Mobile Entry Point, Partner Connect, SD WAN, SD WAN Connect and ZTNA.
- Protect users, apps, and data from web threats as well as malicious access and misuse through Advanced Threat Protection, CASB, Cloud Sandbox, DNS Filter, Firewall, Secure Email Gateway and SWG.
- Experience unrivalled service, a multi-functional customer portal, 24×7 expert-level operations and continuous technical consulting through their Platform, Customer Portal, Operations and Continuous Consulting.
It’s evident that companies must take quick action to overcome the security vulnerabilities present in traditional network management approaches. By adopting Secure Access Service Edge (SASE) models, companies can reduce the evolving risks related to cloud-based environments.