Top 5 SASE Trends in 2024

With the first quarter of 2024 coming to an end, we can now predict with a fair amount of accuracy what the key secure access service edge (SASE) trends of the year will be.

Before discussing trends, let’s set the stage so we’re all working with the same understanding of the cybersecurity market today. According to a recent Forbes survey, 84% of companies now have a hybrid workforce and need to secure those work-from-anywhere (WFA) employees’ access to the network, often from multiple locations—on-site, at home, or anywhere they can get a Wi-Fi connection.

In addition to supporting their WFA staff, IT security teams have to handle many Internet-of-Things (IoT) devices connected to their networks. An IDC research document estimates that 42 billion IoT devices are now in use. And industry experts believe the average number of applications an organization uses, including its remote workforce, is well over a hundred.

Now add the latest cyberthreats, which are becoming more sophisticated and numerous, to the mix, and you have a realistic picture of the current state of cybersecurity worldwide.

SASE Trends for 2024

Given this background, together with what we are hearing from industry analysts and Fortinet customers and partners, there are five clear SASE trends we foresee becoming a reality over the next 9 to 12 months:

1) Single-vendor SASE will become even more popular.

Single-vendor SASE has reached “the tipping point” in the evolution of SASE solutions. Single-vendor SASE ensures the same company delivers all necessary SASE components, simplifying deployment, management, and operations. This contrasts with the traditional process of purchasing SASE components like SD-WAN and firewall services from different vendors. Having products from multiple providers almost always results in complications, preventing smooth integration and creating efficiency issues.

A single-vendor SASE designed with a unified policy engine provides streamlined operations across all SASE use cases. This single-vendor SASE approach also results in a predictable return on investment (ROI) due to fewer point products and clear cost savings due to integration. We estimate that a single-vendor SASE can lead to a 40% or 50% reduction in existing costs.

Another aspect of single-vendor SASE that’s helping its popularity grow is its simplicity in procurement. Using one vendor ensures seamless licensing, a single SKU across the entire SSE stack, and simplified deployment of a SASE solution’s various components.

2) Unified SASE will help fast-track the zero-trust journey with real-time user and device behavior checks.

SASE enables the adoption of zero-trust technology. Zero trust is about real-time validation and verification based on user and device behavior. It’s not enough to verify users, devices, and connections every 30 or even every 15 minutes. Verification must be measured in seconds to ensure you can trust a connection, agent, user, and device whenever they access an application.

A true single-vendor SASE solution also includes unified agent capabilities to help simplify operations. A unified agent allows organizations with a small IT team to troubleshoot and manage everything through a central platform. Consolidation reduces the number of products being employed, and this is enhanced even further by using a single agent for everything.

In addition to providing flexible and scalable zero-trust enforcement, organizations also demand lower latency, better performance, and enhanced efficiency. The Fortinet FortiSASE solution provides all of that, and its benefits include low latency for the best user experience, continuous verification, use of your existing infrastructure, and traffic security inspection all through our single agent.

With continuous monitoring of user and device behavior, SASE solutions can stake a claim to significantly improve any organization’s cybersecurity posture.

3) SASE will be supercharged by AI-powered security and operations.

Integrated SASE solutions must be AI-powered and use machine learning (ML) to help detect zero-day threats and protect users from malware, including ransomware. This is a critical requirement because SASE vendors often talk about the simplification their solutions offer. Still, when you look “under the hood” at their security, it is usually an OEM component that isn’t integrated with the rest of their solution. And often, these incomplete SASE solutions do not include threat intelligence, making it difficult to keep them tuned to the latest threats and exploits.

Given the vulnerable nature of remote workers and devices, your number one consideration should be security when selecting a SASE solution. We foresee the most successful SASE solutions will be those that:

  • Are capable of detecting zero-day threats and protecting users from ransomware, which is growing, as per our latest threat landscape predictions.
  • Are not siloed. As a SASE solution is configured and gathers threat intelligence, that data needs to be shared. That means SASE must also be part of the overall security platform strategy and integrated with your security operations center (SOC).
  • Can be part of the broad product platform so policies, enforcement, and AI-powered capabilities can be applied consistently.

Fortinet is not new to AI or ML. We have been developing, training, and using our AI tools for 10+ years and have 100+ documented AI applications to date. Currently, we have eight security domains using AI and 42 solutions driven by AI. Most recently, Fortinet integrated generative AI into our AI-based security services to predict and prevent emerging threats. This is part of the threat intelligence from our FortiGuard Labs and is directly powering our SASE solutions.

4) SSE will extend connectivity to OT, wired, and wireless LAN devices.

We foresee SASE having full flexibility in connecting and securing locations of all sizes, whether large offices, home offices, or even microbranches that don’t have firewalls or SD-WANs. Of course, there’s still the need for security on-premises, and SASE must also be able to support that architecture. Because of this, we predict SASE will be securing more microbranches with its security service edge (SSE) components that provide cloud security for LAN/WLAN.

Because SASE must adapt to any device and location, it will also enable more “coffee shop networking,” which will feature bring-your-own-device (BYOD) and agent-less secure access capabilities. SASE also aims to secure critical infrastructure through operational technology (OT) security integration and its SSE components.

Fortinet’s platform approach is built around a single operating system, FortiOS, ensuring FortiSASE provides consistent security everywhere and works seamlessly with the rest of your organization’s security framework. Similarly, the same SASE console can manage all locations, including microbranches.

5) End-to-end DEM will be a core part of the SASE solution.

Digital experience monitoring (DEM) provides end-to-end visibility. In the market today, DEM is considered by many to be a premium feature, but we predict it will soon become a core component of SASE solutions. Including DEM will result in improved user experience and application performance reports as well as simplification, resulting in faster mean time to detection and remediation (MTTD/MTTR). IT teams will feel empowered using this tool. And with DEM integrated into the SASE agent, you will also see reduced operational costs.

We recently announced that DEM has been incorporated into our FortiSASE solution, which means FortiSASE now provides comprehensive visibility, correlated metrics and alerts, and proactive responses. We plan to continue to expand the role of DEM in SASE, and we predict it will ultimately lead to improved productivity.

In conclusion, organizations are actively transitioning from legacy solutions like VPN to zero trust and SASE, and we foresee an acceleration in that evolution. The key benefits will be consistent security, unified management, reduced overhead, and better user experiences.

Written By: Nirav Shah