[basch]

SASE is the new buzzword for a SaaS Threat, Identity, Firewall, SD-WAN, Access Rights, Remote Access bundle. The picture in this article illustrates everything I would expect the suite/bundle to cover eventually. https://www.sdxcentral.com/security/sase/definitions/what-is...

It's a bit of a messy space for a couple reasons. Every vendor who made any one of these products is quickly racing to become a kitchen sink through development and/or acquisition. At the same time, they are splitting up what was once bundled into components you can buy separately to piece into a larger puzzle. Because most companies already have relationships with multiple vendors providing these services, they are fighting each other to both create walled gardens AND SIMULTANEOUSLY interoperable compatible components for larger multi vendor buildouts. (Palo Alto buying CloudGenix SD-WAN, while at the same time being the leading supplier of on Edge firewall VM's for Velocloud devices. Velocloud will both tell you you can run Palo Alto, ZScaler, or Checkpoint, but also that they have in house Carbon Black. What risk are you taking by integrating two vendors that are both trying to crush each other, despite the best in breed solution being part of each of their products.) "We have Cisco for this, so maybe Duo makes sense, but then that overlaps Okta, and that overlaps what we already get from Microsoft, which overlaps what we get from VMWare, which is starting to overlap what we have from Palo Alto.

https://www.sdxcentral.com/articles/news/sase-acquisitions-d...

Anyone in the "Zero Trust" space is likely rebranding bundles as SASE. https://telegra.ph/ZeroTrust-Vendors-04-23

On the topic of Cloudflare. They have a leg up over EVERYBODY because they are building on top of Wireguard, and everybody else is stuck with legacy IPSEC that they cant leave anytime soon. From a future proofing perspective, if you don't already have commitments elsewhere, this is likely a VERY ATTRACTIVE bundle. One of the killer products buried in this is Cloudflare for Teams Access. No more need for AnyConnect. And like I said, most/all the other ZeroTrust Access gateways either a) only come in a bundle with other products 2) are a me-too product offered by a vendor that specializes in something else 3) are ipsec. https://www.cloudflare.com/teams/access/

[api]

So like everything else in the networking space it's a mess of overloaded terms with multiple meanings and tangled concepts all trying to hit as many buzzwords as possible...?

[basch]

Yes and no. I think Cloudflare has advantage here of not being that mess of overload. They dont have the legacy cruft, the legacy customers. They purposely ARENT trying to be everything (by supporting all identity providers but not being one. By not being an MDM.)

I feel the same way about Cloudflare as I did about Velocloud. When Velocloud came out, their pitch was that they WERENT "WAN optimization." They purposely werent compressing the data on the edge to squeeze a couple extra bytes down a tiny pile. By starting from the ground up, and not transforming a legacy product, they kept their hardware costs down. They didnt need the extra horsepower to do things that werent necessary in a modern paradigm. Instead they offered a unique cloud service that made their product a bit different than the rest, and at a lower price.

Cloudflare here has that same competitive advantage of being able to design everything from first principal, with no regard for how things were before. Maybe even moreso.

[1vuio0pswjnm7]

As a potential customer, I guess I am supposed to hypnotised by all these silly names and acronyms but instead I just keep thinking "Just show me the code". Names seem to serve as a way for the authors to avoid telling us exactly what the software does, instead referring to what the software "is". Horribly imprecise and the source of endless arguments. The disagreements in this thread are but a tiny example.

This is nothing new and during the dot-com boom I think the naming nonsense spread to websites, in addtion to software. Software people have been obsessed with wacky names as long as I can remember.

I find this so repulsive and unworkable (e.g., name conflicts, needless keystrokes) that on personal computers I actually name programs I write for myself using an alpha prefix and a numerical suffix. For quick reference I keep a separate index of what each program does. Every program has a unique, sequential number in its name. Every name has the same number of characters.

[api]

I have to break down and plug this then:

https://www.zerotier.com/