Quantify the value of Netskope One SSE – Get the 2024 Forrester Total Economic Impact™ study

close
close
  • Why Netskope chevron

    Changing the way networking and security work together.

  • Our Customers chevron

    Netskope serves more than 3,400 customers worldwide including more than 30 of the Fortune 100

  • Our Partners chevron

    We partner with security leaders to help you secure your journey to the cloud.

A Leader in SSE. Now a Leader in Single-Vendor SASE.

Learn why Netskope debuted as a leader in the 2024 Gartner® Magic Quadrant™️ for Single-Vendor Secure Access Service Edge

Get the report
Customer Visionary Spotlights

Read how innovative customers are successfully navigating today’s changing networking & security landscape through the Netskope One platform.

Get the eBook
Customer Visionary Spotlights
Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.

Learn about Netskope Partners
Group of diverse young professionals smiling
Your Network of Tomorrow

Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.

Get the white paper
Your Network of Tomorrow
Netskope Cloud Exchange

The Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.

Learn about Cloud Exchange
Aerial view of a city
  • Security Service Edge chevron

    Protect against advanced and cloud-enabled threats and safeguard data across all vectors.

  • SD-WAN chevron

    Confidently provide secure, high-performance access to every remote user, device, site, and cloud.

  • Secure Access Service Edge chevron

    Netskope One SASE provides a cloud-native, fully-converged and single-vendor SASE solution.

The platform of the future is Netskope

Security Service Edge (SSE), Cloud Access Security Broker (CASB), Cloud Firewall, Next Generation Secure Web Gateway (SWG), and Private Access for ZTNA built natively into a single solution to help every business on its journey to Secure Access Service Edge (SASE) architecture.

Go to Products Overview
Netskope video
Next Gen SASE Branch is hybrid — connected, secured, and automated

Netskope Next Gen SASE Branch converges Context-Aware SASE Fabric, Zero-Trust Hybrid Security, and SkopeAI-powered Cloud Orchestrator into a unified cloud offering, ushering in a fully modernized branch experience for the borderless enterprise.

Learn about Next Gen SASE Branch
People at the open space office
SASE Architecture For Dummies

Get your complimentary copy of the only guide to SASE design you’ll ever need.

Get the eBook
SASE Architecture For Dummies eBook
Make the move to market-leading cloud security services with minimal latency and high reliability.

Learn about NewEdge
Lighted highway through mountainside switchbacks
Safely enable the use of generative AI applications with application access control, real-time user coaching, and best-in-class data protection.

Learn how we secure generative AI use
Safely Enable ChatGPT and Generative AI
Zero trust solutions for SSE and SASE deployments

Learn about Zero Trust
Boat driving through open sea
Netskope achieves FedRAMP High Authorization

Choose Netskope GovCloud to accelerate your agency’s transformation.

Learn about Netskope GovCloud
Netskope GovCloud
  • Resources chevron

    Learn more about how Netskope can help you secure your journey to the cloud.

  • Blog chevron

    Learn how Netskope enables security and networking transformation through secure access service edge (SASE)

  • Events and Workshops chevron

    Stay ahead of the latest security trends and connect with your peers.

  • Security Defined chevron

    Everything you need to know in our cybersecurity encyclopedia.

Security Visionaries Podcast

2025 Predictions
In this episode of Security Visionaries, we're joined by Kiersten Todt, President at Wondros and former Chief of Staff for the Cybersecurity and Infrastructure Security Agency (CISA) to discuss predictions for 2025 and beyond.

Play the podcast Browse all podcasts
2025 Predictions
Latest Blogs

Read how Netskope can enable the Zero Trust and SASE journey through secure access service edge (SASE) capabilities.

Read the blog
Sunrise and cloudy sky
SASE Week 2024 On-Demand

Learn how to navigate the latest advancements in SASE and zero trust and explore how these frameworks are adapting to address cybersecurity and infrastructure challenges

Explore sessions
SASE Week 2024
What is SASE?

Learn about the future convergence of networking and security tools in today’s cloud dominant business model.

Learn about SASE
  • Company chevron

    We help you stay ahead of cloud, data, and network security challenges.

  • Careers chevron

    Join Netskope's 3,000+ amazing team members building the industry’s leading cloud-native security platform.

  • Customer Solutions chevron

    We are here for you and with you every step of the way, ensuring your success with Netskope.

  • Training and Accreditations chevron

    Netskope training will help you become a cloud security expert.

Supporting sustainability through data security

Netskope is proud to participate in Vision 2045: an initiative aimed to raise awareness on private industry’s role in sustainability.

Find out more
Supporting Sustainability Through Data Security
Help shape the future of cloud security

At Netskope, founders and leaders work shoulder-to-shoulder with their colleagues, even the most renowned experts check their egos at the door, and the best ideas win.

Join the team
Careers at Netskope
Netskope dedicated service and support professionals will ensure you successful deploy and experience the full value of our platform.

Go to Customer Solutions
Netskope Professional Services
Secure your digital transformation journey and make the most of your cloud, web, and private applications with Netskope training.

Learn about Training and Certifications
Group of young professionals working

How Netskope NewEdge Takes SD-WAN to the Next Level

Oct 22 2020

Co-authored by Jason Hofmann and Jeff Brainard

With Gartner releasing its latest Magic Quadrant for WAN Edge Infrastructure earlier this month, it seemed an appropriate time to explore the intersection of SD-WAN and SASE. Both of these technological approaches hold great promise and are large, billion-dollar markets, sharing the common goal of connecting users to the data and applications critical to doing their job. The two technologies demonstrate the increasing overlap and tightening linkage between networking and security investments. 

Leveraging the concept of a virtualized network overlay to connect branch offices, SD-WAN allows organizations to better tap the public Internet and low-cost broadband to save on expensive, legacy MPLS WANs. Analysts like Gartner estimate SD-WAN can help enterprises cut costs by as much as 65% compared to traditional alternatives. SD-WAN benefits run deeper than just infrastructure savings, including increased network availability, better traffic prioritization, and more intelligent path selection. For example, SD-WAN routing decisions can be based on performance requirements (e.g. bandwidth and latency-sensitive voice or video traffic), the criticality of the application (e.g. Office 365 vs YouTube), or characteristics of the user or their connection. 

SD-WAN is sometimes perceived as lacking the cloud-native mindset that’s increasingly expected as the world adopts the cloud in all its permutations. That’s not entirely true since SD-WAN is a great enabler for organizations to get traffic to and from the cloud in a more efficient and cost-effective way.  With that said, SD-WAN was designed at its core to address the challenges of managing connectivity between hundreds or thousands of enterprise branches, not necessarily an enterprise where the majority of employees are now remote workers and the branch has been put on the back burner, at least temporarily. Since the COVID-19 pandemic began earlier this year, organizations have had their old way of doing business upended. And as this new work from home norm takes hold, it may indicate what’s in store for the future as more organizations embrace remote work on a more permanent basis.

This is where client technologies, like the Netskope Client, can bridge the gap and complement SD-WAN deployments. Not only does the Netskope Client extend cloud security to wherever the user roams, but it does this with unified policies, plus the intelligence to auto-disable traffic steering once the user returns to the branch while continuing to perform all other functions such as displaying notifications and performing endpoint posture management.

The intersection of SD-WAN and SASE

SD-WAN shifts older WAN architecture to a newer, still private, but much more cost-effective and agile overlay network. SASE, on the other hand, is 100% grounded in the cloud and subsumes much of SD-WAN, pivoting away from focusing primarily on the branch to instead focusing on users connecting from literally anywhere. SASE is especially critical in this new age of remote work. In the SASE world, the concept of the perimeter and branch changes—or you could say “moves”—with the user. This connection from a single device or endpoint to the service edge or new WAN edge is at the heart of SASE, combined most importantly with the critical security delivered as a cloud service necessary to protect the user and their traffic while in motion. 

Security considerations have always been imperative to SD-WAN architectures, including creating secure tunnels to protect critical application traffic in-transit while also guarding against the risks and data protection challenges associated with going direct-to-net. This creates natural tailwinds for cloud security, SASE-focused vendors like Netskope because traditional approaches that steer traffic to a few security control points are increasingly irrelevant as a result of the cost—both measured in dollars and in performance—of backhauling traffic to remote locations. And in addition, this legacy approach to security runs counter to the flexibility and performance tenets that are core to SD-WAN. 

With the pivot to cloud and SASE, whether it’s users safely browsing the web, accessing their SaaS apps and workloads in the public cloud, or even remotely connecting to their private apps, significant gaps exist for optimizing connectivity between these destinations and the new WAN edge. It’s not just safe to say it’s all HTTP and HTTP-based protocol traffic bound for the Internet and performance can simply be addressed by adding more bandwidth or relying on an antiquated backhaul architecture. And this is where you see the intersection forming between SD-WAN and SASE. 

While some of the SD-WAN vendors have attempted to layer security capabilities into their SD-WAN offerings, claiming they are SASE-ready, much of this is happening through bolt-on acquisitions or a slimmed down, incomplete set of security features. Fundamentally SD-WAN is the domain of networking experts working in the world of routing traffic, enhancing network reliability, and exploiting optimization techniques for an improved application experience. Security technologists occupy another sphere of understanding the threat landscape, being able to identify users, threats, data, and application instances and stitching these contexts together to improve security posture. 

Analysts, vendors, and customers provide evidence of this duality. Most SASE implementations in the market today consist of two vendors, one focused on network and the other on security. And this demonstrates precisely how SD-WAN and SASE are perfect complements to one another. While SD-WAN allowed for a near-total transformation of the WAN back when security could be centralized, the role of  SASE is to deliver the right security where and when it’s needed—ideally at the Internet edge, which is also where most SaaS apps and websites live. That leaves only one connection left for SD-WAN to optimize in most scenarios—from users to the security stack at the Internet edge. It’s for this reason Netskope is excited to partner with and have robust integrations with leaders in SD-WAN, including VMWare (Velocloud), Silver Peak, Versa Networks, among others.

The Netskope advantage with NewEdge

Netskope’s approach to SD-WAN offers customers the most flexibility to embrace SASE without having to tie their network and security decisions together and get locked into a single vendor’s rigid architecture. Customers get the ability to choose best-of-breed solutions to ensure their exact business requirements are met. Netskope accomplishes this by supporting secure networking standards, including GRE and IPSec tunnels, to steer traffic from whatever SD-WAN solution a customer has in place to Netskope’s NewEdge network. These same tunnel-based approaches are proven methods also utilized to steer traffic from legacy web proxies or next-gen firewalls to Netskope. 

The various Netskope Security Cloud services for security and data protection reside within NewEdge. While customers need little convincing to recognize the world-class security technology Netskope offers with its Next-Gen Secure Web Gateway, CASB, and DLP solutions, the situation is different on the network side. Why should a networking professional prefer NewEdge as an extension of their network for cloud security? Beyond rich, powerful, and context-aware data security, what does the Netskope network have to offer?

The number one concern of networking professionals is whether their network is up and running. Then they focus on its performance, wanting to ensure it is fast, responsive, and able to handle their critical business traffic. Beyond the standard claims around service assurances and SLAs or the capacity of cloud security vendor’s infrastructure to handle large volumes of users and traffic, it’s this performance piece that is often overlooked.

What good is the very best SD-WAN solution paired with cloud security if this new SASE-ready WAN edge doesn’t perform? What if it slows down business processes, impacts user productivity, or in the worst-case scenario drives users to exploit workarounds to get the speed and experience they demand? And even worse, what if this cloud security approach then fails to adequately protect valuable data, achieve compliance objectives, or guard against threats. That’s why Netskope has invested more than $100 million to build out NewEdge, the world’s largest, highest-performing security private cloud. 

Performance, coverage, and connectedness matter

One of the key things we’ve talked about in the NewEdge blog series has been precisely these characteristics of NewEdge, namely its performance, coverage, and connectedness. While other vendors in cloud security focus on features, they overlook or underinvest in the network and ignore the growing linkage between the two, especially when delivering security as a service. Or in some instances, vendors talk about checkbox integrations with networking investments, like SD-WAN or peering, and meet only the minimum level of acceptable capabilities. 

Netskope with NewEdge takes a different approach and fundamentally allows customers to take SD-WAN to the next level and get the most out of these sizable investments. Powered today by data centers in 40 regions, any customer, anywhere in the world can benefit from Netskope’s global coverage. NewEdge is built both with coverage and performance in mind, delivering low, single-digit millisecond latency for on-ramping traffic from any users, from any device, from anywhere in the world. This includes SD-WAN solutions deployed at a branch site or consolidated at an egress gateway. It also includes users who are off-net, working remotely and using the Netskope Client, or leveraging clientless options Netskope provides for unmanaged devices. 

From an end-user perspective, the web, cloud, and SaaS apps are just as fast and secure, whether users are at the branch or working remotely. Case in point, based on recent third-party performance tests, every NewEdge data center in the world is just milliseconds away from Microsoft and Google. The same incredible performance is seen connecting NewEdge to public clouds for fast, optimized access to workloads in AWS, Azure, and Google Cloud. 

This brings me to my second point, namely the connected nature of NewEdge with its extensive direct peering with the CDN, cloud, and SaaS providers. Netskope is the only cloud security vendor that directly peers with Microsoft and Google in every NewEdge data center, and today NewEdge handles roughly 20% of all commercial Office 365 traffic globally. In addition to these “top two” business productivity suites, NewEdge also peers with Salesforce, Box, Dropbox, Apple, Facebook, among many others. Through this peering, Netskope holds the unique position of being the most well-connected network of any security vendor, and ultimately this delivers tangible value to customers, especially networking teams. In a customer’s SD-WAN environment, this translates into the fastest and best user experience accessing the web, cloud, and SaaS apps that users care about without security trade-offs. 

As customers evaluate SD-WAN, NewEdge provides the performance “edge” required for the emerging SASE-ready WAN edge, a technical advantage that isn’t possible with cloud security solutions built on the public cloud with their inherently unpredictable performance. NewEdge provides the perfect complement to SD-WAN—delivering on the security mission with the performance guarantees required to aid customers in their journey to the cloud and to embrace SASE. To learn more about NewEdge and try it for yourself, please visit https://www.netskope.com/netskope-one/newedge.

author image
Jeff Brainard
Jeff Brainard, Senior Director, Platform Strategy at Netskope, works in Platform Engineering and focuses on its NewEdge private cloud infrastructure.
Jeff Brainard, Senior Director, Platform Strategy at Netskope, works in Platform Engineering and focuses on its NewEdge private cloud infrastructure.

Stay informed!

Subscribe for the latest from the Netskope Blog