And Microsoft Defender is a component of its SSE solution, she adds. “It is integrated with Microsoft Entra ID and the rest of Microsoft Entra portfolio through Conditional Access policy engine.”
“Our SSE products can also be deployed side-by-side with other SSE vendors, making it possible for customers to mix different components of the SSE stack,” she adds.
SASE vs. SD-WAN
SSE can be considered a subset of SASE (secure access service edge), which is a term coined by Gartner to describe a cloud-based service that combines networking and security to give remote workers safe access to internet-based resources. The five elements of SASE are CASB, secure web gateway, ZTNA, firewall as a service, and integrated SD-WAN. SSE is essentially SASE minus SD-WAN, the network access part of the equation.
IDC splits the difference between SASE and SSE, using the term “network edge security as a service” (NESaaS) to describe a converged approach that includes SWG, CASB, and ZTNA as prerequisites and treats networking capabilities like SD-WAN and digital experience monitoring (DEM) as “optional points of integration.”
SSE vendor landscape
According to Gartner, there are three SSE vendors that are leading the space: Netskope, Zscaler, and Palo Alto. Other SSE vendors include Cisco, Fortinet, Versa Networks, Cloudflare, Broadcom, iBoss, Skyhigh Security, and Lookout.
Microsoft’s SSE solution will put pressure on the other vendors in the space, says David Holmes, an analyst at Cambridge, Mass.-based Forrester Research. “They have all the pieces,” he says.
