SASE Survey Reveals User Experience Comes First

The results are in: end-user experience is most important when it comes to SASE. That was the primary feedback from 608 security professionals we surveyed regarding SASE adoption. A full 72% put end user experience as a top concern.  

This validates everything we’ve been doing at Harmony SASE. From our beginnings as Perimeter 81 to joining the team here at Check Point. Security is critical and top of mind, of course, but that’s table stakes.

Before anything else, security pros want to make sure their end users will have a solid user experience. That means seamless onboarding, an agent that’s easy to use, and a responsive network that connects people to resources and the web no matter where they are in the world.

Why Conduct a SASE Survey?

It’s been almost five years since Gartner coined the term Secure Access Service Edge (SASE), so we wanted to see where adoption of this framework stands.

Large (27%), midsize (35%), and small-to-medium businesses (39%) were all well represented in our survey. And three quarters of responses came from individuals with network, security, and engineer titles, which told us that we were hearing from individuals actively involved with their organizations’ security products and processes. An additional 12% of respondents were senior IT/security leaders including CISO, CSOs and CIOs.

The following is a summary of the top findings.

Top Considerations

Beyond user experience, top considerations when shopping for a SASE solution include richness of security features (selected by 63%), solution cost (62%), and finding a complete SASE solution from a single vendor (52%).

The last point caught our eye because more than half of respondents report they’re interested in a single vendor SASE solution. This is a significant increase from the sentiment of just a few years ago and demonstrates solid momentum. On a related note, several data points from the survey (as discussed below) demonstrate that, although “full SASE” is optimal from a network security standpoint, many organizations are early in their journey. While skeptics may dismiss SASE as an unnecessary buzzword, the fact remains that adopting the full set of technologies greatly enhances an organization’s security posture.

The Path to SASE Starts With ZTNA and SWG

When asked to name the SASE features that are most important, respondents ranked Zero Trust Network Access (ZTNA) (73%) and Secure Web Gateway (SWG) (58%) the highest. This is where we see a theme start to emerge: while SASE is a combination of security and networking technologies, there is a bias toward the security aspects.  

Specifically, respondents rated their top three SASE features as follows:

  • Zero Trust Network Access (ZTNA): 73%
  • Secure Web Gateway (SWG): 58%
  • Data Loss Prevention (DLP): 44%
  • Firewall-as-a-Service (FWaaS): 38%
  • Cloud Access Security Broker (CASB): 34%
  • SD-WAN: 32%

Interestingly, these results align closely with recent research conducted by ESG, which found that 72% of organizations adopting SASE are focused first on the security side, while 25% are focused on the SD-WAN aspect.

Adoption of SASE Technologies

When it comes to current and planned adoption of SASE technologies, SWG and ZTNA again lead the way. At least two-thirds of organizations have implemented these tools or plan to do so in the next 12 months.

SD-WAN, which is well-suited for today’s cloud computing architectures, has also seen solid implementation, and industry analysts project double-digit growth for this category.

And firewall-as-a-service (FWaaS) is not far behind. This category will continue to grow in a cloud-first world, as organizations that previously used on-prem only firewalls start to make the shift.

Implementing Zero Trust

While a fundamental element of SASE is ZTNA, the concept of zero trust precedes SASE by many years. So it was reassuring to learn from survey respondents that 87% of them have a zero-trust framework in place.

Getting more specific, we asked how they implement a zero-trust framework in their organizations and discovered that they use a list of tools, including:

  • Network firewall: 63%
  • Identity Provider: 60%
  • Endpoint security solution: 53%
  • Secure Access Service Edge (SASE) solution: 38%
  • Secure Web Gateway (SWG) solution: 34%

Digging A Level Deeper Into Internet Security

Secure Web Gateway is an element of SASE but it’s just one of the tools used specifically for internet security. Other tools such as next gen firewalls and endpoint security are well established and highly trusted for defending against internet threats.

Here’s a breakdown of the internet security tools being used today:

  • Next Generation Firewall 87%
  • Endpoint Security 76%
  • On-premises Secure Web Gateway 49%
  • Cloud Based Secure Web Gateway 42%
  • Secure Browser / Browser Security Extension: 31%

When asked to choose the three most important features for securing internet access, a large majority selected threat prevention (e.g., malware protection) (85%) and URL filtering (77%). This demonstrates a strong preference for tools that block malicious files and websites, which is not surprising given the continued success of ransomware attacks across industry sectors.

The Ongoing Evolution of SASE

Organizations are steadily integrating its principles into their security strategies as we mark five years since SASE was introduced. The emphasis on user experience, coupled with the prioritization of security features like ZTNA and SWG, underscores the importance of a balanced approach to network protection. As they aspire to fully adopt the SASE framework, most organizations have taken important steps to improve their network security by implementing SASE technologies. Wherever you are on your SASE journey, we’re here to help. Learn more about our unified SASE solution or, better yet, book a demo!