Total IT spending in Australia is projected to exceed AU $133 billion (US $85.8 billion) in 2024, according to Gartner. With an increase of 7.8% by 2024, including a strong 12.8% growth in software spending, the overall prediction adds up to more money being available to IT departments.
An increased portion will be going towards secure access service edge technologies.
Gartner said SASE technologies were one of two top technologies Australian CIOs plan on investing in as they seek to simplify the delivery of critical network and security services. The other technology was generative AI due to its potential to improve innovation and efficiency.
Speaking with TechRepublic, Brisbane-based Gartner Senior Principal Research Analyst Bjarne Munch said although it is “very early days” in terms of holistic SASE being adopted in Australia, “We are seeing a lot of mid- to large-sized enterprises looking at it in their future roadmap.”
Many Australian organizations who have migrated to software-defined wide-area networking are converging security solutions first because of the clearer value proposition. Looking ahead, Munch advised local IT teams not to make SASE a “religious decision” and choose vendors that keep the SASE door open.
Jump to:
- Australian enterprises want SASE convergence to make IT management simple
- Security convergence the current focus of most SASE roadmaps
- Australian enterprises advised to work towards SASE over the longer term
Australian enterprises want SASE convergence to make IT management simple
Describing a future vision of converged network and security-as-a-service capabilities and driven by the move to SD-WAN architecture as well as more distributed workforces, SASE is now being championed by some as the future.
Ultimately, it would see Australian organizations bring together security services, such as secure web gateway, cloud access security broker and zero-trust network access services, with firewall-as-a-service and the slightly less natural bedfellow SD-WAN.
SEE: Explore this network and systems security checklist from TechRepublic Premium.
The rationale for SASE, aside from securing the organization, is the value of simplification.
“Anybody with a need for a modernised SD-WAN service and with a focus on managing those aspects of security, should probably plan around simplifying their vendor landscape,” Munch said. “It’s really in anyone’s interest to simplify as much as they can. I see it as an investment in the world you’re living in, and it’s in everyone’s interest to simplify their world.”
One advantage is that it would remove policy duplication. At present, Australian organizations are often running four different security applications and an SD-WAN service. With five different places to set and manage policies, this can create a lot of management pain for IT teams.
“There’s often conflict in configuration settings between SD-WAN and security applications — it is not unusual to see erratic application performance behaviour because of conflict between policies,” Munch said. “There would be an advantage of one interface where you can configure all of that.”
Security convergence the current focus of most SASE roadmaps
The journey to SASE is just beginning for Australian businesses. Following the enterprise shift towards cloud services and applications, there has been a migration since 2018 from private to SD-WAN. But so far, Gartner estimates that only 35% to 40% of all enterprise WANs in Australia are running on SD-WAN.
Right now, enterprise roadmaps are focused more on security application convergence.
“People are now focused on that security convergence phase, known as security service edge,” said Munch. “They are moving to a point where they might have SD-WAN from one vendor and all their security as one cloud-delivered service. That’s the phase a lot of enterprises are in.
“There’s very strong adoption of converged security services because there is clearly value there for the enterprises. Instead of three different services from three different vendors, it can converge into one service from one provider with one user interface with one configuration (Figure A).”
Figure A
Munch said the value proposition is so strong he has no doubt enterprises will go down this path.
“There’s really no reason not to do it,” Munch said. “If the vendor really is good in all those security areas, then why not converge? It’s much easier to manage, much less time-consuming.”
Obstacles in the path of security convergence
One caveat would be that a single vendor may not meet security needs in all areas. Munch said the CASB market is an area where the strength of vendor products has been lagging a bit behind.
The case for SASE isn’t as clear-cut when it comes to the SD-WAN element. Munch said the outcome of this decision may depend on whether an organization manages IT in-house, where the prospect of a single converged solution with a single portal could be appealing.
For organizations accessing a SASE-like service through a managed service, the value of converged security and network security aren’t as large. With a managed services provider — which already covers 80% of SD-WAN services — multiple vendors won’t matter as much.
Australian enterprises advised to work towards SASE over the longer term
It will take a few years for a substantial number of Australian organizations to move to fully fledged SASE.
Part of the reason for this is the vendor market. Currently, there’s no single vendor that offers SASE within a fully converged stack; although, there are offerings that combine the likes of an operations platform with a product platform underneath, with the advantages of SASE.
Local managed service providers are likely to use multiple vendors to deliver a SASE-like proposition in the future. Munch says they may look at one vendor providing best-of-breed SSE, for example, and then package that up to provide a managed service SASE offering for enterprises.
There will be other challenges. Though some midsize enterprises might jump at a converged solution to reduce demands on IT, larger organizations often run into the problem of internal conflict between silos or individuals with existing preferred vendors in each niche.
Munch says organizations would be advised to simplify what they can on security first, but try to choose a vendor that has a roadmap that will give it the ability to integrate with SD-WAN offerings when the opportunity comes, such as an SD-WAN contract renewal or upgrade.
He also advised Australian IT teams to know the difference between must-have and good-to-have requirements, so they’re equipped to make necessary compromises.
“People are buying into the high-level messaging. But if it doesn’t fit, and do what you need it to do right now, just do something that will make it possible going forward,” said Munch. “It’s about your organization’s requirements and needs, so it shouldn’t be a religious decision.”