New Report
Menlo Security finds a new sophisticated phishing campaign.
Icon Rounded Closed - BRIX Templates

What is Security Services Edge (SSE)?

Consolidating and Modernizing IT Network Security Services

The ideas around Security Service Edge make total sense:

  1. Faster workplace changes, especially due to the pandemic, made old security measures like firewalls and the devices that ran them outdated.
  2. Relentless IT innovations continue to add new security vendors (have you attended an RSA conference?) 
  3. Coincident with the pandemic, Zero Trust became another crucial IT initiative.
  4. Long before SSE, internal applications were becoming webified. SaaS consumption is the highest-growth spend in IT followed closely by IaaS and PaaS. With internal and public clouds, nearly everything is done with a web browser!

Replacing outdated IT security equipment, consolidating vendors as much as possible, implementing Zero Trust access and securing cloud consumption created a fearsome foursome of needs that can be potentially satisfied with SSE. 

What is Security Services Edge?

Security Service Edge (SSE) offerings typically aggregate cloud-delivered security functions that attempt to work together to safeguard user access to web applications, cloud services, and private applications. It is intended to act as a security layer at the "edge" of the network, closer to users and applications, rather than relying on a central data center for security.

While most services are cloud-delivered, some services include a desktop component for both ensuring desktop security posture and steering traffic to the relevant cloud services.

Why Did Security Services Edge emerge?

Secure Services Edge (SSE) emerged as a response to the evolving IT landscape, particularly the rise of cloud computing, mobile workforces, and the dissolving traditional security perimeter. Here's a breakdown of the key factors:

Shift to Cloud

Businesses are increasingly relying on cloud-based applications and data storage. Traditional security models, centered on a central data center, became inadequate to secure access to these resources spread across the internet.

Mobile Workforce

With more employees working remotely, the need arose for secure access to corporate resources from anywhere, on any device. Legacy security solutions couldn't handle this kind of flexibility.

Dissolving Perimeter

The traditional network perimeter, where security was concentrated at entry points, is no longer effective. Data and applications are scattered across the cloud and user devices, making it harder to define a clear boundary to protect.

Application Webification

The age of client-server computing evolved to web access to back-end systems.

What is the origin of Security Service Edge?

The term "Secure Services Edge" (SSE) is a relatively new concept, emerging in the tech world around 2021. Here's a breakdown of its origin:

  • Attributed to Gartner: Market research firm Gartner is credited with coining the term SSE in its 2021 Strategic Roadmap for SASE Convergence.
  • Building on SASE: SSE is considered a subset of the broader concept of Secure Access Service Edge (SASE). SASE itself was introduced by Gartner in 2019 to address the need for a converged security model for the cloud era.
  • Addressing Cloud Security Challenges: Gartner identified a gap between cloud security design and traditional WAN service edge design within organizations. SSE emerged as a way to bridge this gap and provide a more comprehensive security solution for cloud-centric environments.

While the specific technology behind SSE might have roots in earlier security tools, the term itself is a recent development specifically tailored to the growing need for securing access to cloud applications and services.

What are the main functional components of SSE?

SSE (Security Service Edge) combines networking and security functionalities to deliver secure access. Here are the main components of a typical SSE offering:

Secure Web Gateway (SWG)

Cloud Access Security Broker (CASB)

Zero Trust Network Access (ZTNA)

Firewall as a Service (FWaaS)

SSE and Zero Trust: Inextricably Linked

What are the top three arguments in favor of deploying SSE?

The top three arguments in favor of deploying SSE are enhanced security posture, improved user experience, and cost efficiency.

1. Enhanced Security Posture

2. Improved User Experience

3. Cost Efficiency

What are some arguments against deploying SSE?

While SSE offers significant benefits, there are also potential drawbacks and considerations to weigh before implementation: cost and complexity, performance impact, vendor lock-in, security risks, and potential overlap with existing solutions.

Cost and Complexity

Performance Impact

Vendor Lock-in

Security Risks

Potential Overlap with Existing Solutions