Contact Us

Why an MSP for SASE?


In our 4-part insight series, we explored all aspects of Secure Access Service Edge, or SASE (pronounced “sassy”). Here we look at all the reasons that Managed Service Providers are in a strong position to deliver.

According to Gartner’s definition, a Secure Access Service Edge, or SASE, combines network security functions with Wide Area Network (WAN) capabilities to support the dynamic secure access needs of organizations–needs which have grown exponentially. That growth is due to the significant increase in remote working and the use of cloud applications and services that have moved many critical access points outside the control of the traditional enterprise network. SASE can transform enterprise networking by ensuring that security envelopes the network, expanding network protection to cover any access point or endpoint. This secures each device and user rather than just physical points along the network itself.

When paired with an SD-WAN that successfully deploys the latest WAN optimization and path controls, as well as Next Generation Firewall (NGFW) services, there is increased cloud-access, application performance, and security control to augment the access and resource management offered by SASE. (The NGFW services associated with SD-WAN provide the firewall, intrusion detection and protection, and virus/ransomware alert technologies.

Deploying this dynamic duo can be a complex undertaking. Turning to an experienced Managed Service Provider (MSP) can reduce risk, improve time to deployment, streamline the process, and ensure success.

We’ll summarize the key reasons to consider an MSP when it comes to deploying a SASE and SD-WAN solution.

Reducing Risk

An MSP can help to reduce your risk in a variety of ways. First, MSPs bring entire teams of experts to the task—not just a few IT professionals. These experts have deployed such technologies many times over, each time gaining insights and experiences to simplify and improve subsequent deployments. Second, MSPs specialize in operating networks to peak performance and efficiency, conforming to any required regulatory or compliance measures (e.g. PCI and HIPPA). Their efforts demand concrete and repeatable processes to support all aspects of implementation (including monitoring and updates) leading to regular refinement via adoption of best practices and employment of continuous improvement programs. And their core business model is focused on keeping customer networks up and running smoothly. Consequently, MSPs are quick to identify and solve problems or challenges as they arise.

They are also expert at orchestrating and delivering security to the edge in a distributed world and to tens of thousands of sites. They have vast experience deploying different security architectures, and even hybrid architectures, blending premises, data center, and web/cloud-based security capabilities to achieve the critical level of access and network security demanded by SASE. MSPs have also been investing in the capabilities required to manage these multifaceted networks and security architectures effectively.

When viewed through the CFO lens, the monthly service plans that MSPs offer move much of the CAPEX to OPEX, providing predictable costs and fee structures—and the ability to avoid surprises or large sunken costs.

Improve Time to Deployment and Scalability

For the typical enterprise, deploying a complex SASE and SD-WAN solution can be resource intensive and result in unplanned delays and costs. That’s because few IT teams are built to support large scale rollouts to hundreds, or even thousands of sites. Plus, it’s difficult to anticipate (or staff for) every potential obstacle or problem. MSPs that have delivered these solutions to similar types of enterprises, however, and are familiar with the challenges and best practices associated with such implementations. In addition, the larger MSPs have resources in most regions and states, enabling them to provide timely on-site support to any and all locations. Their depth of expertise and resources can address and overcome issues along the way, and their size and scale mean they can flex the delivery schedule to expedite deployment if needed. Another under-appreciated capability is the MSP’s ability to slow a deployment when required without prompting additional costs or impacting the overall rollout plan.

Streamlining the Process

Despite the continued growth in broadband availability, the speeds, coverage, and quality all vary considerably by location and provider. Combine that with the number of partners and resellers that deliver broadband—over 2,600 by last count—and it becomes clear that it is a herculean job to manage the dozens of vendors and hundreds of service level agreements and contracts typical for a large multi-regional or national deployment. It also requires significant time and technical effort.

Top MSPs, on the other hand, can mobilize a nationwide network of strong and established service provider relationships—partnerships that have been cultivated over many years. MSPs understand which vendors do the best job at bringing the connectivity where and when it’s needed and how to make and secure a network that will operate as a homogenous system. Key to this is applying the right security, application performance, and network optimization techniques and policies to make sure each and every site delivers the same user experience as intended by the brand.

Lastly, MSPs have invested heavily to develop the tools and processes to integrate these partners into their service delivery model. This integration with each ISP’s provisioning, help desk, billing, trouble ticketing, analytics and many other systems, can be built one time by an MSP and then leveraged across all of its service customers. Consequently, customers don’t have to recreate these systems themselves, and don’t have to add to them if they decide to switch to new providers in the future. All of that work and effort rests with the MSP. That’s where an MSP can dramatically streamline and improve the implementation process and eliminate the headaches that an enterprise would otherwise have to tackle on their own to achieve similar service capabilities.

Ensuring Success

The best MSPs partner with the IT department, becoming an extension of the IT team. The MSP provides particular expertise, tools and technologies to develop, maintain, and monitor the security and operation of a network and troubleshoot issues around the clock. It would be impossible for a single individual or small IT team to match the level of knowledge, skills, and resources that an MSP delivers in this specific area.

Yet a good MSP will work collaboratively with an internal IT department to help it develop the right solutions and policies to achieve its goals. That may involve scaling the solution or its offerings, adding new technologies and capabilities, or adapting to changes in the business environment, like we are experiencing as part of COVID-19. What is certain is that change will be required; having an agile and robust security and network foundation is critical to supporting whatever change may come.

The MSP service delivery model also fits well with SASE, which will open a world where services are defined, refined, and deployed on demand, allowing cost-efficiencies, scalability, and simplicity. As a result, MSPs will be poised to bring a variety of offerings to market to leverage both SASE and SD-WAN more fully. These elements add up to the ability to successfully create a customer network environment where users and endpoints alike can securely connect to networked resources, no matter where and when they may be.

For all of these reasons, an enterprise that has a high performing MSP to rely on as a partner will have little to worry about when it comes to deploying a complex solution like SASE paired with SD-WAN.