The ugliest name I have ever heard in the industry that confuses me when pronounced is SASE (sassy). It is a new term, born as a new generation of cloud-based networks are coming online that incorporate SD-WAN and NFV to challenge the old telco cloud. Several years ago, most enterprise applications resided in data centers and enterprise branches, and the staff connected to those data centers. The flow required very strict access to the data center to access enterprise apps and the cloud via the public internet (if needed).
These days application access architecture looks like a blend of connections to many applications located in and out of the data center, located in the public cloud (more than one), and specific SaaS vendors. Mission-critical apps are in the cloud, such as Office 365, and custom apps. The data center has changed and is not the center of data or use anymore. You could call this transformation: FROM DATA CENTERS TO CENTERS OF DATA.

We are in an era that new network architecture needs a change. For example, a homeworker does not need SD-WAN to balance between multiple links. A home user needs (thanks to COVID) a separation between his personal life and work life (enterprise), a guarantee of services required for daily work, such as long video calls. The changing business environment made enterprises face changes in security policies and technologies to support them. For example, a contractor from Australia accessing via a non-trusted endpoint on a Sunday to fix a tenant table issue in Salesforce by applying security policies became a major issue.
Additionally, enterprise locations need intrusion detection and prevention services (IDS/IPS), data loss prevention (DLP), anti-spam, anti-malware, whitelisting, blacklisting, and so on. The overhead of trying to keep that stuff patched is a nightmare. You’re always out of date. You’re not going to put seven boxes stacked up — and duct them to the back of an iPad when you are traveling. Cloud delivery is the only model that makes sense. The only way to apply policy anywhere and everywhere, scaling up and scaling down as needed, delivering a set of functions you need on-demand, is to deliver it primarily cloud-based. That means on-premises equipment needs to go from being the standard way of delivering enterprise services to a more cloud case, and if to be more specific, the old model only when you must cloud-based delivery is the new norm. This is a threat to NFV because NFV depends on selling expensive x86 boxes. The cost benefits promised initially for NFV failed to materialize because vendors refused to lower their prices. Frankly, they have no way to compete, especially when new solutions are introduced like NPU hypervisor that can deliver better performance for network-aware apps and can offload the data path to it.
NFV proved to be incredibly complicated, while the telco industry struggled to make it work. You really cannot expect network engineers to become DevOps engineers it takes decades to change. Application consumption patterns changed and the branch was no longer the center of the universe. A non-scalable, hard-to-maintain, expensive, and complex solution winds up being made obsolete by something elastic and easy to maintain.
There are several steps for service providers to succeed in the new market:
· Transform offerings to a cloud-native architecture.
· Transform business models to cloud-native-as-a-service.
· Deliver a clear vision to the market.
· Complete their portfolio organically, with the fewest acquisitions possible to minimize integration challenges and inconsistencies across services.
· Invest in distributed real estate, such as PoPs and colocation facilities, to place services as close to the access point as required.
Looking at the SASE industry leaders like Cato networks, for example, they are far beyond, Telco networks are based on appliances, and they’re two years behind catching up on the cloud networking model. To be successful, Telcoms need to be more of a software player as they don’t own the code these days. They always need to think about operating and integrating, which means less innovation and fewer customers willing to pay what looks like yesterday. The software-defined networking (SDN) movement, launched at the beginning of the decade, was all about moving network intelligence into software for increased agility; the reason we don’t hear much about that anymore is that it has become mainstream. Recently, AT&T and others moved their networks to cloud architectures. A few weeks ago, AT&T announced a big partnership with Azure transforming their workloads into Azure with maintenance by Azure. When looking at the last decade, we see that the promise of NFV has created more complexity, and I can argue with any NFV expert about its efficiency (remember the good old days of OpenStack ?).
To summarize the big promise of NFV and its results then:
1. Agility — fail
2. Openness — Fail
3. Performance — fail
4. Software transition — Yes
5. Cost — fail
SASE is just an example of how service providers should look at how such a classic connectivity task (and complex) skips under the hand of service providers and clarification becomes mainstream. I wonder where NFV is going. As one of the early product managers that were part of the first NFV solution in the industry (CloudBand), I assume that the NFV time has passed.