News

What to Look for When Choosing a SASE Provider

• By David Ramel
• 07/15/2025

As organizations evaluate secure access service edge (SASE) solutions, Gartner's latest research identifies several critical functional and strategic factors to consider. Whether you're prioritizing convergence, scalability, or policy enforcement, here are the non-negotiables and differentiators to watch when selecting a SASE platform vendor as presented by the research firm.

Core Capabilities to Expect
Gartner outlines the following must-have capabilities for any enterprise-grade SASE platform:

• Secure web access via proxy
• Inline SaaS access controls with visibility
• Identity-, context-, and policy-based secure access to private applications
• A branch appliance that supports dynamic traffic steering based on applications
• Bidirectional traffic firewalling across networks
• Centralized management with both GUI and API for configuration, troubleshooting, and reporting

Unified Administration and Policy Control
A high-functioning SASE platform should offer single-console unified management. According to the report, the platform should include:

• "Unified management delivered by a single console covering all capabilities of the offering (with GUI and API) enabling visibility, troubleshooting, reporting, and enabling granular configuration and policy changes."
• DIY support that allows customers to "directly manage and administer the full SASE platform offering themselves, including granular configuration and policy of all SASE functions."

Performance and Global Reach
Platform performance at a global scale is essential. Gartner mandates that vendors demonstrate:

• Presence in at least 15 distinct metropolitan locations worldwide, including three in each of three separate continents
• POP infrastructure that offers web proxy, private access, and inline SaaS controls with high availability
• Public availability of a POP SLA and status/monitoring URL

Security and Compliance Expectations
Data sovereignty, inline security, and endpoint controls are standard considerations. A provider should support:

• Inline scanning for malware and sensitive data
• SSO integration with third-party identity providers
• Sensitive data policy enforcement through inline network inspection
• Endpoint agents for both Windows and macOS

Optional but Valuable Add-Ons
According to Gartner, optional capabilities that can provide competitive advantages include:

• Remote browser isolation (RBI) or secure enterprise browser (listed as a "standard" capability sandwiched in between "must have" and "optional" capabilities)
• Advanced threat protection such as sandboxing or continuous risk scoring
• Cloud onramps and enhanced backbone transport for optimized app performance

Customer Experience and Market Viability
In addition to platform features, prospective buyers should evaluate:

• Vendor financial health and long-term viability
• Customer support model, ideally "a single-support experience," with 24/7 access and global coverage
• Customer experience ratings from trusted sources and analyst feedback

Future Trends to Watch
Looking ahead, Gartner notes that SASE providers are differentiating in the following areas:

• Integration of generative AI assistants for policy and incident response automation
• Universal Zero Trust Network Access (ZTNA) applied across remote and on-campus users
• Expanded support for unmanaged devices via browser plugins, reverse proxies, or dissolvable agents
• Support for post-quantum cryptography (PQC) to enhance data security

Bottom Line
Choosing a SASE provider involves more than selecting a vendor from the Leaders quadrant. It requires verifying platform maturity, evaluating architecture alignment with organizational needs, and understanding roadmap viability for evolving demands -- especially around AI, ZTNA expansion, and data sovereignty.

As Gartner notes, "By 2028, 70% of SD-WAN purchases will be part of a single-vendor SASE Platform offering, up from 25% in 2025." Enterprises evaluating their options should plan with this convergence in mind.

Following the usual "Magic Quadrant" approach, the research has been released in a licensed-for-distribution report available from some of the covered vendors via a quick web search.