Multi-vendor SD-WAN environments and poor WAN visibility can complicate the move to a SASE architecture. Credit: Thinkstock The transition from software-defined WAN (SD-WAN) to secure access service edge (SASE) is proving to be difficult for many enterprises, according to new research from Enterprise Management Associates (EMA). If you’re a network or security professional, you’re probably familiar with SASE, a new class of solutions that integrates SD-WAN, secure remote access, and cloud-delivered, multi-function network security. Many enterprises are now evolving their SD-WAN implementations into a SASE solution, either by adopting their SD-WAN providers’ SASE capabilities or integrating their SD-WAN with third-party, cloud-based network security solutions. [ Download our editors’ PDF SASE and SSE enterprise buyer’s guide today! ] EMA polled 313 IT professionals about their WAN strategies for its new report, “WAN Transformation with SD-WAN: Establishing a Mature Foundation for SASE Success.” Only 11% of survey respondents described the transition from SD-WAN to SASE as very easy. In fact, 30% described it as genuinely painful. Large enterprises (10,000 or more employees) were especially likely to express challenges with this transition. Why is this SD-WAN-to-SASE transition so painful? EMA’s research data uncovered several roadblocks to success. Multi-vendor SD-WAN complexity Nearly 43% of the enterprises in EMA’s research reported having multiple SD-WAN vendors. Respondents with multiple SD-WAN vendors reported experiencing the most difficulty with a SASE transition. Some of the problems they reported included difficulty implementing consistent security policies and controls across their network. They also struggled with skills gaps in the network team. Why is multi-vendor SD-WAN so common? There are several drivers. Some companies have different sites that have different vendor requirements, such as factories versus sales offices. Others have independent business units that make their own decisions around IT strategies. Others are transitioning slowly from one vendor to another. Regardless of the reasons behind this vendor complexity, IT organizations need to find ways to mitigate the issue. DIY versus managed SD-WAN services SD-WAN implementation and management can be difficult, despite what some vendors might tell buyers. This issue is exemplified by the fact that more than 66% of IT organizations prefer to consume SD-WAN as a managed service. More than 21% prefer a do-it-yourself SD-WAN implementation. The rest (nearly 13%) are still determining their preferences. Organizations that adopt a DIY approach to SD-WAN are much more likely to struggle with a SASE transition, according to our research. Consumers of managed SD-WAN experienced easier transitions. In fact, 40% of consumers of managed SD-WAN services told us they preferred a managed service over DIY specifically because it enabled better integration with other managed services, such as SASE security services. A managed provider has the internal expertise and the vendor relationships to implement a SASE transition effectively. Poor WAN observability SASE solutions deliver security functionality via globally distributed points of presence (POP). These POPs often replace centrally deployed network security solutions in an enterprise’s data center. SASE POPs add more optimal routing of traffic, but they also add traffic complexity, making observability essential for planning, design, and ongoing monitoring and troubleshooting. SD-WAN and SASE products typically offer an integrated WAN monitoring features that provide insights into network and application health and performance, especially into the tunnels that an SD-WAN solution establishes across a WAN underlay. EMA’s research found that only 40% of IT organizations are completely satisfied with the native monitoring capabilities of their SD-WAN vendors. Organizations that were less satisfied with these monitoring features were the most likely to report challenges with their transition to SASE. Most enterprises also monitor their SD-WAN networks with third-party network performance management tools, often to get better visibility into the WAN underlay, which is a mix of managed and private WAN services, broadband, and wireless WAN connectivity. This underlay visibility is important to SASE success. Overall, 76% of IT organizations told EMA that they can establish an end-to-end view of their WAN underlay with a monitoring tool. Organizations that were unable to establish this visibility were much more likely to struggle with the transition from SD-WAN to SASE. Charting a path forward EMA recommends that enterprises establish a mature SD-WAN foundation for SASE success. (Check out EMA’s free research webinar on WAN transformation.) This SD-WAN foundation should be based on a single SD-WAN vendor that is delivered via a managed service to mitigate engineering and operational complexity. However, enterprises should not outsource operations completely to that managed services provider. Good WAN observability is essential to SASE success. Shamus McGillicuddy is the research director for the network management practice at EMA. Related content news Cisco patches actively exploited zero-day flaw in Nexus switches The moderate-severity vulnerability has been observed being exploited in the wild by Chinese APT Velvet Ant. By Lucian Constantin Jul 02, 2024 1 min Network Switches Network Security news Nokia to buy optical networker Infinera for $2.3 billion Customers struggling with managing systems able to handle the scale and power needs of soaring generative AI and cloud operations is fueling the deal. By Evan Schuman Jul 02, 2024 4 mins Mergers and Acquisitions Networking news French antitrust charges threaten Nvidia amid AI chip market surge Enforcement of charges could significantly impact global AI markets and customers, prompting operational changes. By Prasanth Aby Thomas Jul 02, 2024 3 mins Technology Industry GPUs Cloud Computing news Lenovo adds new AI solutions, expands Neptune cooling range to enable heat reuse Lenovo’s updated liquid cooling addresses the heat generated by data centers running AI workloads, while new services help enterprises get started with AI. By Lynn Greiner Jul 02, 2024 4 mins Cooling Systems Generative AI Data Center PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe