SD-WAN vs SASE: What does your business require?

Mike Blunt
Architect, Practice Lead

New Technology with dozens of vendors spouting terms like SD-WAN and SASE with substantially different capabilities are confusing the marketplace. 


Software-defined Wide Area Network (SD-WAN) is a maturing technology that Gartner first covered in July 2015. It has secured a place in the market and should be considered a hot topic, especially given how well it has played out over the COVID-19 pandemic.  

The Secure Access Service Edge (SASE, pronounced “sassy”) is a relatively new term introduced by Gartner in 2019 and is gaining tremendous momentum. It adds a comprehensive security architecture at the edge. 

While different, these two technologies will play a significant role in the evolution of your WAN, Application, and Cloud services. They also complement each other and should share a typical function in your business model and business requirements.  

Is SD-WAN the right fit for your business? 

SD-WAN and the various vendor implementations are not equal. When determining if SD-WAN is right for your business, it is best to focus on the primary function. SD-WAN is used to connect branch, data center, and headquarter locations that are spread out across a wide geography. There are also enhancements such as cloud connectivity either directly from the branch or centrally localized at a data center. One of the major concerns for SD-WAN has been the enhancements to network security models that are more flexible than the traditional centralized model. 

Now while this may be a concern, each SD-WAN design model is different, and organizations are currently thriving via centralized models as well. Here are a few other questions that could be used in determining if SD-WAN is right for you: 

  • Do we fully understand your business requirements? 
  • Can we remove higher-cost MPLS links with Internet-based solutions? 
  • Do you have the capacity to perform Proof of Concepts across multiple vendors? 
  • Does our security policy allow for enhancements such as Cloud offramp and service chaining at the edge? 
  • How does SD-WAN save your business money? 
  • Can you determine the total cost of ownership (TCO) and its impact on CAPEX and or OPEX? 

Is SASE the right fit for your business? 

SASE focuses on organizations adopting a cloud-first approach to their business. Enterprises should secure the edge with as-a-service solutions that allow users, devices, applications, and data located outside of an enterprise to be covered by a single solution. Gartner writes that “Complexity, latency and the need to decrypt and inspect encrypted traffic once will increase demand for consolidation of networking and security-as-a-service capabilities into a cloud-delivered secure access service edge.” 



With SASE, businesses should determine if the solution is right for them based on some of the following criteria: 

  • Is the business moving towards a cloud-centric model? 
  • Define business requirements and determine a cloud adoption strategy. 
  • Decryption and inspection only happen once across multiple solutions which require a documented security/data policy 
  • Do we have the capacity to perform Proof of Concepts across multiple vendors? 
  • As an emerging technology, SASE has vendors determining how they deliver or how they should deliver SASE in addition to SD-WAN. This is still a work in progress. 


Overall, SD-WAN and SASE seem to lead to the same outcome but utilizing different solutions to get there. When determining what is best for your organization, focus on the long-term strategy and what risk/impact each solution has on the business. 

When you are ready, NetCraftsmen Consultants are available to discuss SD-WAN and SASE systems to improve productivity and reduce risk to your business. Let us know how we can help by contacting us here.