All roads lead to SASE: The Zero Trust journey you already started

Gartner first branded SASE back in 2019, in a world very different to the one we live in now. Its timing was equally ironic and prophetic considering what came the following year. But when the paradigm shifted in 2020, it pulled attention elsewhere so that the concept of ‘SASE’ almost flew under the radar. And yet, many organisations actually began their SASE journey without realising or intending to do so.

This article will help you identify if you're already on your way and make your first steps count. It’s a comprehensive article, so if you want the short version, click here.

SASE in a nutshell

Secure Access Service Edge (SASE) is a framework that unifies networking and security into a single, cloud-delivered service model. It combines technologies such as SD-WAN, Zero Trust Network Access (ZNTA), Secure Web Gateways (SWG), and Cloud Security services to provide consistent policy enforcement, secure modernised connectivity, and new-age visibility regardless of where users, devices, or applications are located.

SASE is universally relevant because nearly every modern organisation is distributed in some way. It helps with challenges in:

• Security: Enforcing contextual access policies, protecting data in transit, reducing attack surface, and providing visibility across cloud and on-prem environments.
• Networking: Modernising WANs, reducing reliance on hardware, improving performance, and connecting multiple sites or cloud applications efficiently via hybrid-mesh networks.
• The organisation: (When it’s done right.) Breaking down silos between Security, Networking, Infrastructure, and End-User teams, aligning outcomes and consolidating tools to reduce complexity.

There’s a small handful of scenarios where SASE is less critical, but still supportive:

• Single-site organisations: Software-Defined Networking still brings the benefits of less hardware reliance, a modernised network and simplified operations, but gains are more incremental than transformational.
• Offices with everyone on-site: These (now uncommon) organisations have a simplified perimeter and traffic flows, so traditional tools provide many necessary controls. Even here, however, there's value in consolidation; SASE can enable secure third-party connectivity, bolster SaaS and AI protections, allow re-sizing of on-premise hardware, and enhance User experience.

In short, SASE addresses challenges that almost everyone faces today — distributed workforces, hybrid cloud environments, the presence of GenAI, and fragmented Network & Security tooling.

SASE, where have you been all this time?

Most organisations have been on a steady digital transformation journey since the advent of cloud computing, but it’s taken the wider market until now to get on board and see SASE architecture as a critical area of investment. Why? Well, I see two things.

SASE isn’t a service, it’s a framework.

As with any security model, markets need to mature before they can adopt. It took time for the industry to realise it couldn’t simply purchase Zero Trust Network Access (ZTNA) and had to learn and apply new principles instead. SASE has been on a similar journey from concept to mainstream adoption. That journey has almost certainly been slowed down by the ‘acronym fatigue’ that buyers experience when navigating the security and networking marketplace.

You are on board – maybe you just don't know it yet.

Conversations about SASE rarely start there. More often than not, Zero Trust and network modernisation take a natural turn towards SASE. VPN and MPLS renewal scrutiny, netsec hardware reaching end of life, data centre and Infrastructure migration, SaaS and GenAI Usage all present an opportunity for elevating like-for-like decisions into a discussion around business strategy and collaborative outcomes. This touches every surface of the wider organisation to realise company-wide objectives.

Am I getting SASE-ready already?

The market has become largely familiar with SASE in the last year compared to the last five. Even if people don’t yet know all the components — even if they’re not using the term ‘SASE’ explicitly — it’s often what they are working and investing towards.

The shift isn’t accidental. The market language around secure connectivity is growing up, vendors have realigned their portfolios to emphasise the ‘platform’ approach, and customers are feeling the pain of fragmented architectures. As a result, understanding and adoption are accelerating rapidly.

SASE has so many natural entry points that almost any IT project can pivot into a strategic review. That breadth is both an opportunity and a trap. If things stay too general, the message gets diluted, but when we ask targeted questions about pain points, constraints, and ambitions, it doesn’t take long to uncover where SASE could be exactly what a customer needs. These conversations can start anywhere — with a Head of Infrastructure, a CISO, a Network Manager, or an architect in the weeds — but they usually begin with one of a handful of themes.

If any of these sound familiar, it could be that you’ve already begun your journey into SASE.

Zero Trust as the gateway

Many customers are more familiar with Zero Trust Network Access (ZTNA) than they are with SASE as a framework. Because SASE is built on Zero Trust principles, the two go hand in hand. When customers say they want consistent policy enforcement, stronger access controls, or identity-led security, they’re describing foundational Zero Trust outcomes that naturally extend into SASE adoption.

Network modernisation as the catalyst

Another starting point is something that looks innocuous: a like-for-like switch replacement as hardware reaches end-of-life. When we take that one step back, it’s rarely ‘just’ a hardware refresh. What we actually see is an organisation beginning a network modernisation journey: rationalising architecture, fixing legacy bottlenecks, and preparing for more cloud-centric connectivity. That ambition flows directly into conversations about SD-WAN, one of SASE’s core components, and from there the wider picture starts to form.

Revisiting pandemic-era access controls: VPN and SWG

Huge volumes of VPN and SWG technology was purchased in 2020 in response to the pandemic-era shift to remote work. It did the job, but most deployments were tactical rather than strategic. Now, organisations are reassessing both – if they still need VPN at all, and if their SWG still meets their needs around policy, visibility and control, as users move between home, office, and cloud.

Those reassessments often expose the same issues: patchy performance, fragmented tooling, inconsistent experiences, and a lack of identity-led conditional security. When those gaps surface, the conversation naturally shifts towards ZTNA, SSE, and ultimately SASE.

When teams operate in silos

This is one of the most pervasive blockers and one that takes committed investment to unravel: networking, security, infrastructure, and end-user compute teams running separate projects with their own KPIs and budgets. Security is saying ‘We need to secure users’ while Networking says ‘We need to replace switches and modernise Wi-Fi' and the two never meet.

Organisations used to be able to operate this way, but as outcomes are increasingly driven from the top — reducing total cost of ownership (TCO), simplifying tools, enhancing security posture, bettering performance — these silos are being smashed together. They’re being asked to integrate before they’ve learnt how to collaborate.

Often, we'll met a Head of Cybersecurity or the Head of Infrastructure & Cloud without the end compute team in the room. The disconnect in priorities and visibility are obvious in these scenarios. This is why when we run SASE workshops with customers in the early stages of adoption, the first thing we push is internal collaboration. Without it, they can find themselves two or three years into their ‘modernisation’ only to realise they must now unpick and re-architect major decisions.

Vendors are becoming platforms

Another major driver is vendor convergence. Security, networking, and cloud tools used to be neatly separated; today, they’re collapsing into unified platforms. Firewalls don’t only firewall, they do data loss prevention (DLP), cloud inspection, SD-WAN, segmentation, threat intelligence, and more. Network solutions now bundle identity, posture checks, and policy enforcement. This convergence requires cross-departmental ownership, and that often raises often uncomfortable but always necessary questions.

A customer asked us recently: ‘Who’s going to manage SASE internally in the long term?’ We couldn’t give them a neat answer. Because SASE touches networking, security, and infrastructure, those teams all have a stake. But who will be nominated to own it so that your SASE adoption succeeds without disappearing into organisational grey space? It’s our job to help you figure that out.

Why SASE projects derail at the first step

Because of the nature of SASE — its breadth, its architectural impact, and its dependency on alignment across teams — you must be taken on the right path from the start. There is no ‘one size’ solution, and the cost of implementing an ill-fitting solution can have lasting consequences.

When we speak to customers who’ve hit this wall early, it’s almost always down to one of a few recurring issues.

Defaulting to vendors

Every environment is different, and treating SASE like an off-the-shelf SKU is a fast route to misalignment. Partnerships where default vendors are used based on preference or financial incentive rather than need set you up for failure.

You and (if you have one) your procurement team may be increasingly aware of this dynamic. Organisations are more switched on than ever.

Shallow qualification

Sellers are trained to listen for trigger words and renewal dates, but if they immediately pivot to the vendor they’re tied to, they’re failing you. This isn’t how you find a solution.

Our approach runs in the opposite direction: think like the customer first, understand their pain points and business goals, work backwards from the outcomes they really want, and only then narrow the vendor list. That’s the only way to avoid designing a solution around a preconceived tool rather than a real need.

Too many vendors too soon

Equally, providers who bring the whole market to your door while thinking it’s in your best interests may actually be achieving the opposite. It is a saturated market with more solutions available every month. Through proper discovery your options should favour quality over quantity.

Poor documentation leading to long-term technical debt

Perhaps the worst thing we see are customers years into a deployment without any documentation explaining why the solution was chosen or the use cases it was designed to address. They’re handed a painful choice: rip everything out and start again or pour more money into a solution that may never deliver what they need. This isn’t just a paperwork problem, it’s an architectural risk. Without a documented rationale and clear use cases, teams inherit a black box they can neither evolve nor justify.

‘Green flags’ for your SASE partnership

Not all partners are created equal, and in SASE, the right guidance early on can make or break a project. A partnership of the kind you need demonstrates a few key behaviours from the very first conversation.

They don’t rush to bring vendors into the discussion. They understand that technology is only useful when it solves the right problem, and that the vendor shortlist should follow discovery, not lead it.

They ask deep, thoughtful questions. A good partner digs into business goals, pain points, and constraints, rather than listening for trigger words and jumping to a product pitch. Being challenged early with these kinds of questions is itself a major green flag.

They focus on outcomes, not products. connecting silos and seeing the organisation as a whole system. They recognise that security, networking, infrastructure, and end-user computing can’t operate in isolation, and they help map how these teams intersect. The conversation isn’t about which vendor is ‘best’ or which features sound impressive; it’s about the tangible benefits the organisation needs to achieve: reduced complexity, stronger security, smoother connectivity, and better user experience.

They actively help build internal collaboration. By fostering cross-team alignment from the start, they prevent the costly disconnects that often stall SASE projects.

A partner who consistently demonstrates these behaviours is not just a vendor advisor, they’re a trusted guide through the SASE journey. And that makes all the difference.

Ready? Prepare for your SASE Readiness Workshop

Our SASE workshops are delivered as a guided but flexible session designed to help you navigate the complexity of adopting this framework. We look at common drivers, uncover pain points, expand your horizons, and build a roadmap connecting business objectives to technology decisions. If there’s a particular compelling event, we can home in on that requirement and build it out. Or, if the goal is a wider ‘art of the possible’ we can supply the background and experience that supports business justifications and uncovers unexpected benefits.

While most insights come out during the session itself, a little preparation goes a long way. Useful inputs include:

• Understanding how users work day-to-day: browser versus applications, cloud versus datacentre. The who, what, where and why
• A broad view of your footprint and topology, your network, challenges and realities – your ‘today’ 
• Insights into your organisation’s objectives, both from the top and at a local level
• An open dialogue – this workshop was founded as a reaction to misled, mis-sold, and mystified businesses struggling to understand, plan and adopt the architecture. Our chief aim is to simplify and streamline the process for you, our ask is that you partner with us to maximise a successful output

One of the first questions we ask is, ‘What is your understanding of SASE today?’ This helps tailor the session and avoids the classic pitfall of vendors failing to listen. By following this structured approach, we aim to compress a six-month, vendor-heavy exploratory cycle down to three months or less, saving time, reducing confusion, and keeping the focus squarely on outcomes rather than features.

The short version: Are you already on the road to SASE?

Nearly every organisation in 2025 consists of distributed users, applications, infrastructure and networks, with data in a constant flow state between all the above. Secure Access Service Edge (SASE) addresses this by providing:

• Consistent, identity-led Security for Any User on Any Device, accessing Any Resource from Any Location
• Modern, flexible and scalable Networking through SD-WAN and cloud-leveraged connectivity, moving beyond traditional limitations
• Cross-team alignment between security, networking, infrastructure, and EUC

While there are no silver bullets, SASE serves to deliver against the three fundamental outcomes universal across all sectors: enhanced security posture, improved network performance and user experience, and reduced cost and complexity.

How SASE conversations usually begin

Most SASE journeys stem from less-obvious requirements, but when viewed strategically can form the foundation of a SASE architecture.

Common entry points include:

• Zero Trust: Consistent policy, reduced attack surface, identity-led access
• Network modernisation: Hardware refresh, WAN upgrades, cloud connectivity
• Revisiting legacy VPN and SWG tools: Performance issues, poor user experience, tactical pandemic-era deployments
• Team silos: Disjointed projects, duplicated effort, unclear ownership
• Vendor convergence: Platforms replacing fragmented point products

If any of these themes feel familiar, you’re likely already moving in a SASE direction.

Putting your best foot forward

SASE initiatives fail early when partners default to their preferred vendors, rely on shallow discovery, flood customers with options, or provide no context to guide long-term decisions. Because SASE spans multiple domains, outcome-first discovery and cross-team collaboration are essential.

Starting with a SASE workshop

A structured SASE workshop brings the right stakeholders together, uncovers pain points, clarifies business goals, and narrows the market to a realistic shortlist. Done properly, it cuts a six-month exploratory cycle down to three — with clarity, alignment, and direction from day one.

If this summary reflects the conversations happening in your organisation, you may already be further along the SASE journey than you realise.

Want to find out more? Send us a message here.